[Support] binhex - DelugeVPN

[keepitshut]

Hi I was just wondering is it safe to use a server that does not enable port forwarding for PIA? I am able to get better speeds using a local/closer-to-home server, though it does not support port forwarding. However, does this pose some form of security-issue or a danger of leaking my IP?

 

Thanks to anyone who is able to help 

No security risk at all, intact it could be argued that having no port forward at all is more secure, it just generally means lower speeds.

 

Sent from my SM-G900F using Tapatalk

Funny how I get better speeds without port forwarding. Guess the impact of geographical location plays a bigger role. Thanks for the reply and the awesome docker mate

[JonathanM]

Check page 1. First post. Q7.

 

So it was something obvious!! Thanks mr-hexen.

 

When I type in the url (with CIDR), its asks me for a username & password. Looking at the support docs etc, there is only a password "deluge", any idea what the username would be? I've just various combinations including my UnRaid username/password but no luck.

 

Many thanks for your help!

 

Thought adding a screenshot might help. Any ideas as to why this appears?

Remove the /24 from that url and see what happens.

[JonathanM]

I get a connection refused error. 

Try setting the VPN_ENABLED variable to no and see what you get.

[JonathanM]

I get a connection refused error. 

Try setting the VPN_ENABLED variable to no and see what you get.

That's worked. What do you think the problem is? The VPN settings?

 

Many thanks for you help jonathanm

Yep, your VPN settings are wrong. For "safety" reasons, this plugin will not start if you enable the VPN and don't have it configured correctly. It would be bad if you thought everything was working properly but your connection wasn't actually using the VPN, thus exposing your ip and all your traffic to your ISP.

[keepitshut]

By the way, anyone getting such an error when attempting to load privoxy in the browser?

 

Invalid header received from client.

[Critical]

while trying to run this docker I get following error about my certificate that I pulled from their config file site  .. I am using IPVanish ... any help would be appreciated

 

2016-05-25 08:34:23,849 DEBG 'start-script' stdout output:

Wed May 25 08:34:23 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=US/ST=OH/L=Columbus/O=Private Internet Access/CN=Private Internet Access CA/[email protected]

Wed May 25 08:34:23 2016 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Wed May 25 08:34:23 2016 TLS Error: TLS object -> incoming plaintext read error

Wed May 25 08:34:23 2016 TLS Error: TLS handshake failed

 

2016-05-25 08:34:23,850 DEBG 'start-script' stdout output:

Wed May 25 08:34:23 2016 SIGUSR1[soft,tls-error] received, process restarting

Wed May 25 08:34:23 2016 Restart pause, 2 second(s)

 

2016-05-25 08:34:25,849 DEBG 'start-script' stdout output:

Wed May 25 08:34:25 2016 Socket Buffers: R=[212992->212992] S=[212992->212992]

Wed May 25 08:34:25 2016 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.138.134:1194

Wed May 25 08:34:25 2016 UDPv4 link local: [undef]

Wed May 25 08:34:25 2016 UDPv4 link remote: [AF_INET]46.166.138.134:1194

 

2016-05-25 08:34:25,943 DEBG 'start-script' stdout output:

Wed May 25 08:34:25 2016 TLS: Initial packet from [AF_INET]46.166.138.134:1194, sid=e793cc79 5beb3a85

 

2016-05-25 08:34:26,041 DEBG 'start-script' stdout output:

Wed May 25 08:34:26 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: /C=US/ST=OH/L=Columbus/O=Private Internet Access/CN=Private Internet Access CA/[email protected]

 

2016-05-25 08:34:26,041 DEBG 'start-script' stdout output:

Wed May 25 08:34:26 2016 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Wed May 25 08:34:26 2016 TLS Error: TLS object -> incoming plaintext read error

Wed May 25 08:34:26 2016 TLS Error: TLS handshake failed

Wed May 25 08:34:26 2016 SIGUSR1[soft,tls-error] received, process restarting

Wed May 25 08:34:26 2016 Restart pause, 2 second(s)

[binhex]

while trying to run this docker I get following error about my certificate that I pulled from their config file site  .. I am using IPVanish ... any help would be appreciated

 

/C=US/ST=OH/L=Columbus/O=Private Internet Access/CN=Private Internet Access CA/[email protected]

 

IPVanish will not use a PIA cert to secure the tunnel :-), dunno where you downloaded that from but i would check again, are you setting VPN_PROV to custom, if you have set it to pia then it will auto copy the pia cert to the openvpn sub folder.

[Critical]

I do have it set to custom and i got the vpn cert file from ipvanish config files site http://www.ipvanish.com/software/configs/ ..

Any other ideas?

[binhex]

I do have it set to custom and i got the vpn cert file from ipvanish config files site http://www.ipvanish.com/software/configs/ ..

Any other ideas?

 

hmm very odd, so you have this file in /config/openvpn/:-

http://www.ipvanish.com/software/configs/ca.ipvanish.com.crt

 

is that correct?, looking at that cert it isnt from PIA (see attachment), im pretty sure the crt file you have in /config/openvpn/ is not the one from the above url, can you double check please, also just ensure there is only a single crt file in there, it could be picking up the PIA cert in there if you previously had it set to pia before switching to custom.

 

edit - keep in mind ipvanish does NOT support incoming ports (port forwarding), so using ipvanish for torrents is going to be slow at best (https://support.ipvanish.com/customer/portal/articles/1969161-port-forwarding)

[IamSpartacus]

I'm seeing the following in my logs every 5 minutes:

 

2016-06-02 11:18:06,632 DEBG 'deluge-script' stdout output:
[info] Sleeping for 5 mins before rechecking listen interface and port (port checking is for PIA only)

2016-06-02 11:19:11,176 DEBG 'webui-script' stderr output:
[ERROR   ] 11:19:11 auth:329 Login failed (ClientIP 172.17.0.1)

2016-06-02 11:20:41,298 DEBG 'webui-script' stderr output:
[ERROR   ] 11:20:41 auth:329 Login failed (ClientIP 172.17.0.1)

2016-06-02 11:22:11,768 DEBG 'webui-script' stderr output:
[ERROR   ] 11:22:11 auth:329 Login failed (ClientIP 172.17.0.1)

2016-06-02 11:23:06,644 DEBG 'deluge-script' stdout output:
[info] Deluge listening interface IP 10.162.1.6 and VPN provider IP 10.162.1.6 match

2016-06-02 11:23:06,665 DEBG 'deluge-script' stderr output:
Error: Invalid port specification:

2016-06-02 11:23:06,666 DEBG 'deluge-script' stdout output:
[info] Deluge incoming port  closed

2016-06-02 11:23:07,014 DEBG 'deluge-script' stdout output:
[info] Reconfiguring for VPN provider port
[info] Setting listening interface for Deluge...

2016-06-02 11:23:07,495 DEBG 'deluge-script' stdout output:
Setting listen_interface to 10.162.1.6..
Configuration value successfully updated.

2016-06-02 11:23:07,540 DEBG 'deluge-script' stdout output:
[info] Setting incoming port for Deluge...

2016-06-02 11:23:08,011 DEBG 'deluge-script' stdout output:
Setting random_port to False..
Configuration value successfully updated.

2016-06-02 11:23:08,500 DEBG 'deluge-script' stderr output:
[ERROR   ] 11:23:08 main:347 malformed expression (,)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/main.py", line 344, in do_command
    ret = self._commands[cmd].handle(*args, **options.__dict__)
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 102, in handle
    return self._set_config(*args, **options)
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 136, in _set_config
    val = simple_eval(options["set"][1] + " " .join(args))
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 85, in simple_eval
    res = atom(src.next, src.next())
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 54, in atom
    out.append(atom(next, token))
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 77, in atom
    raise SyntaxError("malformed expression (%s)" % token[1])
SyntaxError: malformed expression (,)

2016-06-02 11:23:08,501 DEBG 'deluge-script' stdout output:
malformed expression (,)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/main.py", line 344, in do_command
    ret = self._commands[cmd].handle(*args, **options.__dict__)
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 102, in handle
    return self._set_config(*args, **options)
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 136, in _set_config
    val = simple_eval(options["set"][1] + " " .join(args))
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 85, in simple_eval
    res = atom(src.next, src.next())
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 54, in atom
    out.append(atom(next, token))
  File "/usr/lib/python2.7/site-packages/deluge/ui/console/commands/config.py", line 77, in atom
    raise SyntaxError("malformed expression (%s)" % token[1])
SyntaxError: malformed expression (,)


2016-06-02 11:23:08,546 DEBG 'deluge-script' stdout output:
[info] Sleeping for 5 mins before rechecking listen interface and port (port checking is for PIA only)

2016-06-02 11:23:41,493 DEBG 'webui-script' stderr output:
[ERROR   ] 11:23:41 auth:329 Login failed (ClientIP 172.17.0.1)

 

 

I've removed and re-created the docker using the following options but no change:

 

docker run -d \
    --cap-add=NET_ADMIN \
    -p 8112:8112 \
    -p 8118:8118 \
    --name=delugevpn \
    -v /storage/downloads:/data \
    -v /docker/containers/delugevpn/config:/config \
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER=<VPN_USERNAME> \
    -e VPN_PASS=<VPN_PASSWORD> \
    -e VPN_REMOTE=us-east.privateinternetaccess.com \
    -e VPN_PORT=1194 \
    -e VPN_PROTOCOL=udp \
    -e VPN_PROV=pia \
    -e ENABLE_PRIVOXY=no \
    -e LAN_NETWORK=10.0.10.0/24 \
    -e DEBUG=false \
    -e PUID=1000 \
    -e PGID=1000 \
    binhex/arch-delugevpn

[Adair]

Is anyone else having issues accessing the web UI over the WAN? It's no longer working for me since updating to the latest version. I think it may have something to do with the new "LAN_NETWORK" setting not working over the WAN.

[binhex]

Is anyone else having issues accessing the web UI over the WAN? It's no longer working for me since updating to the latest version. I think it may have something to do with the new "LAN_NETWORK" setting not working over the WAN.

See FAQ q5 on second post of this thread.

 

Sent from my SM-G900F using Tapatalk

 

[mr-hexen]

binhex, could you edit Q5 of the FAQ to indicate you only need to enable VM's in unRAID not actually create one in order to load iptables_mangle?

[binhex]

binhex, could you edit Q5 of the FAQ to indicate you only need to enable VM's in unRAID not actually create one in order to load iptables_mangle?

A good point, yes I will try to remember to do that

 

Sent from my SM-G900F using Tapatalk

 

 

[The Lizard King]

JUST installed DelugeVPN and entered my OpenVPN credentials from my VPN. I have 4 questions regarding the install.

 

1. I added the ca/client certificates and client.key to the same folder where I placed the .ovpn file - is this correct? (Directions are vague)

 

2. Looking at the "auth" file (to get admin/pw for CouchPotato), all it says is: "localclient:(huge series of numbers and letters):10" no username:password, how do I get this?

 

3.The container log continually builds and moves, only pausing a few times, is this normal and due to inactivity?

 

4. I can access the webgui and log in successfully - I decided to browse the logs and found several Warnings. Can you please tell me if these warnings are something to be concerned over and if so, how to fix them? These didn't happen concurrently as I've posted them, I just did this for the sake of space saving.

 

Fri Jun 3 23:27:25 2016 us=552163 WARNING: file 'credentials.conf' is group or others accessible

Fri Jun 3 23:27:25 2016 us=832137 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

Fri Jun 3 23:27:26 2016 us=238841 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1554', remote='link-mtu 1558'

Fri Jun 3 23:27:26 2016 us=238874 WARNING: 'mtu-dynamic' is present in remote config but missing in local config, remote='mtu-dynamic'

 

Thank you.

[SpaceInvaderOne]

Having problems updating docker. Says update available but after update still says update available?

[Squid]

Having problems updating docker. Says update available but after update still says update available?

One possibility:  http://lime-technology.com/forum/index.php?topic=49511.msg475010#msg475010

[ChaOConnor]

Having problems updating docker. Says update available but after update still says update available?

 

I'm noticing the same thing.  Only on this docker.

[SpaceInvaderOne]

Having problems updating docker. Says update available but after update still says update available?

One possibility:  http://lime-technology.com/forum/index.php?topic=49511.msg475010#msg475010

 

Thanks for the suggestion Squid. But i am not pinning any cpus to the docker. Any other ideas? The problem is with this docker alone.

[Squid]

Having problems updating docker. Says update available but after update still says update available?

One possibility:  http://lime-technology.com/forum/index.php?topic=49511.msg475010#msg475010

 

Thanks for the suggestion Squid. But i am not pinning any cpus to the docker. Any other ideas? The problem is with this docker alone.

The only other possibility I saw (and I already checked it out) was that the app was a non-automated build (but its not), so its up to Binhex now.

 

BTW, that link wasn't specific to cpu pinning, but any extra parameters that you may have added old style to the Repository entry and not to the Extra Parameters entry

[SpaceInvaderOne]

Having problems updating docker. Says update available but after update still says update available?

One possibility:  http://lime-technology.com/forum/index.php?topic=49511.msg475010#msg475010

 

Thanks for the suggestion Squid. But i am not pinning any cpus to the docker. Any other ideas? The problem is with this docker alone.

The only other possibility I saw (and I already checked it out) was that the app was a non-automated build (but its not), so its up to Binhex now.

 

BTW, that link wasn't specific to cpu pinning, but any extra parameters that you may have added old style to the Repository entry and not to the Extra Parameters entry

 

Thanks. No, i am not using any extra parameters for the docker. Yes will wait for Binhex. Dockers working fine for me  anyway so its not urgent for me to update it. Just hate seeing an update in my docker list and cant change it. Guess I will have to just surpress my ocd for now lol 

[MyKroFt]

Its happening with the ruTorrentVPN container as well....

 

 

Been like this for 2-3 days now

 

 

Myk

 

 

[binhex]

Sorry guys, I'm not seeing this issue for delugevpn or rtorrentvon, if it's still doing it then best bet is delete container and image and repull down again making sure to use the my template so that everything is configured as it was.

 

Sent from my SM-G900F using Tapatalk

 

[The Lizard King]

Bin, please view post Reply #520. I would greatly appreciate you expertise.

[net2wire]

Having problems updating docker. Says update available but after update still says update available?

 

Same issue here.