[Support] binhex - DelugeVPN


Recommended Posts

I am curious if I need to do something special to get this to work on Docker for Windows (specifically, I am having speed issues). I am using the following PowerShell script to run the container:

docker run -d `
    --name delugevpn `
    --cap-add=NET_ADMIN `
    --restart unless-stopped `
    -p 8112:8112 `
    -p 8118:8118 `
    -p 58846:58846 `
    -p 58946:58946 `
    -v D:/Docker/delugevpn/data:/data `
    -v D:/Docker/delugevpn/config:/config `
    -e VPN_ENABLED=yes `
    -e VPN_USER=<my_username> `
    -e VPN_PASS=<my_password> `
    -e VPN_PROV=pia `
    -e STRICT_PORT_FORWARD=yes `
    -e ENABLE_PRIVOXY=yes `
    -e LAN_NETWORK=192.168.1.0/27 `
    -e NAME_SERVERS=209.222.18.222,37.235.1.174,8.8.8.8,209.222.18.218,37.235.1.177,8.8.4.4 `
    -e DEBUG=false `
    -e UMASK=000 `
    -e PUID=0 `
    -e PGID=0 `
    binhex/arch-delugevpn

The container starts correctly, and I am able to access the Deluge WebUI from 127.0.0.1:8112. I am also able to configure my browser to correctly use Privoxy by pointing it at 127.0.0.1:8118. However, the download/upload speeds are nowhere near what I'd expect (less than 1% of my actual, non-proxied bandwith). My OpenVPN config looks like such:

remote ca-toronto.privateinternetaccess.com 1197
client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
cipher aes-256-cbc
auth sha256
tls-client
remote-cert-tls server
auth-user-pass credentials.conf
comp-lzo
verb 1
crl-verify crl.rsa.4096.pem
ca ca.rsa.4096.crt
disable-occ

Here are all the things I've tried:

  • Checking the logs (see nothing that would indicate any type of failure except `Authenticate/Decrypt packet error: packet HMAC authentication failed`)
  • Setting the "vEthernet (DockerNAT)" interface to "Private" and ensuring it isn't blocked by Windows Firewall
  • Checking that my router is not blocking any traffic

If anyone has any suggestions, I have tried what I could find in the FAQ; any help would be greatly appreciated!

 

supervisord.log

privoxy_speedtest.png

normal_speedtest.png

Edited by winglerw28
Adding images of speed tests
Link to comment

Hi!

I'm new when it comes to unRAID, Docker, OpenVPN

 

Anyone around here got OVPN working?

 

On their page i can download .conf files from ovpn-se.zip and that config won't work for me

 

so i was just wondering how it should be edited!

 

This is what working with right now:

 

remote pool.prd.se.ovpn.com 1194
client
dev tun
proto udp
remote-random
mute-replay-warnings
replay-window 256
remote-cert-tls server
cipher aes-256-cbc
pull
nobind
resolv-retry infinite
comp-lzo
verb 1
persist-key
ca /mnt/user/appdata/binhex-delugevpn/openvpn/ovpn-ca.crt
tls-auth /mnt/user/appdata/binhex-delugevpn/openvpn/ovpn-tls.key 1

 

and when i try to start it i checked the logs and i saw

 

Options error: --ca fails with '/mnt/user/appdata/binhex-delugevpn/openvpn/ovpn-ca.crt': No such file or directory (errno=2)

 

 

Link to comment
3 hours ago, DigitalLF said:

Options error: --ca fails with '/mnt/user/appdata/binhex-delugevpn/openvpn/ovpn-ca.crt': No such file or directory (errno=2)

 

 

 

At first glance, I would assume the full path is different inside the container, resulting in the file not existing at the path in your OVPN config. Try setting your cert paths to be:

ca ovpn-ca.crt
tls-auth ovpn-tls.key 1

This should change it to simply look in the same directory as your config file.

Link to comment
On 1/2/2018 at 5:15 PM, binhex said:

One thing you could look at is to ensure you are not flooding your upload rate, if you do not restrict this then you will have issues that will affect your stability of the tunnel, my recommendation would be to crank this down to around 75% of your max upload rate.

 

My problem cannot be due to flooding.  I have a 50Mb/50Mb fiber connection.  Just now I found that all transfers through the tunnel had stopped - deluge was no longer transferring and no connection via privoxy was working.

mtr to a UK address (from Philippines) was showing no packet loss.

This is during daytime hours when I have deluge set to 600kB down and 200kB up.

 

Simply restarting the container got everything running again.

Link to comment
8 hours ago, winglerw28 said:

 

At first glance, I would assume the full path is different inside the container, resulting in the file not existing at the path in your OVPN config. Try setting your cert paths to be:


ca ovpn-ca.crt
tls-auth ovpn-tls.key 1

This should change it to simply look in the same directory as your config file.

 

Yeah that was what i thought to but when i change it to that it just says it can't find the file/path.

 

The time was 4 in the morning but i solved it.

 

i ran:

docker exec -it binhex-delugevpn /bin/bash

and there by i got into the docker and found it should be "/config/openvpn/"

Link to comment
9 hours ago, PeterB said:

Just now I found that all transfers through the tunnel had stopped - deluge was no longer transferring and no connection via privoxy was working.

 

this indicates the vpn tunnel connection was down, if you are 100% sure your internet connection is solid with no outages then i can only assume the issue was a transitory one at the vpn provider end, btw if you leave the container it will recover from this, there is code in place to re-connect the tunnel after a time period, from memory i think its 10 mins.

Link to comment
On 04/02/2018 at 5:50 PM, fmp4m said:

Is there any chance the docker will be updated to support the new port-forwarding servers on PIA?

 

one of the following port forwarding enabled gateways:

  • CA Toronto
  • CA Montreal
  • CA Vancouver
  • Czech Republic
  • Netherlands
  • Spain
  • Switzerland
  • Sweden
  • France
  • Germany
  • Romania
  • Israel

Currently the script looks for:

[warn] PIA endpoint 'czech.privateinternetaccess.com' doesn't support port forwarding, DL/UL speeds will be slow
[info] Please consider switching to an endpoint that does support port forwarding, shown below:-
[info] ca-toronto.privateinternetaccess.com (CA Toronto)
[info] ca.privateinternetaccess.com (CA Montreal)
[info] nl.privateinternetaccess.com (Netherlands)
[info] swiss.privateinternetaccess.com (Switzerland)
[info] sweden.privateinternetaccess.com (Sweden)
[info] france.privateinternetaccess.com (France)
[info] ro.privateinternetaccess.com (Romania)
[info] israel.privateinternetaccess.com (Israel)

 

done.

  • Like 1
Link to comment
20 minutes ago, numanuma said:

can somebody point me in the right direction, how do i configure PIA VPN to work with this docker? I've put my username and password in and it does't appear to connect and i'm not seeing where to put my chosen server in. Do i need to configure something else first? thanks in advance

Watch this:

 

Link to comment
12 hours ago, ToXicreloadz said:

Hey I'm having an issue accessing my deluge webui. The docker is still working perfectly fine but can't access the ui here is my config and atached debug supervisord.log

I also have the pia certs along with connecting to the ca.toronto vpn location that supports port forwarding. vpn creds censored in supervisord file also. Thank you for your help

8a48e8TK.png

supervisord.log

 

you have VPN_OPTIONS defined as 'no', don't do this, this is used to pass additional options to openvpn, 'no' is unsurprisingly not a valid option :-)

Link to comment

I'm having issues getting my torrents to start. They are all in a paused state and I cannot start them at all. In the logs I have the following. Looks like it cannot load iptables

 

2018-02-14 20:03:58,050 DEBG 'start-script' stdout output:
[info] Attempting to load iptable_mangle module...

2018-02-14 20:03:58,052 DEBG 'start-script' stderr output:
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.9.30-unRAID

2018-02-14 20:03:58,052 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module using modprobe, trying insmod...

2018-02-14 20:03:58,053 DEBG 'start-script' stderr output:
insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory 

Link to comment
14 hours ago, ToXicreloadz said:

There is nothing in the VPN_OPTIONS box... I'm confused

 

sorry, i must of been looking at another log from a previous issue. ok so thats a successful start, so my guess would be you havent defiend your LAN_NETWORK correctly, taken from your logs:-

 

LAN_NETWORK defined as '192.168.1.0/24'

are you sure this is correct?, take a look here Q3. for help on how to work it out if your unsure:-

 

 

Edited by binhex
Link to comment
7 hours ago, johnnykilo said:

I'm having issues getting my torrents to start. They are all in a paused state and I cannot start them at all. In the logs I have the following. Looks like it cannot load iptables

 

2018-02-14 20:03:58,050 DEBG 'start-script' stdout output:
[info] Attempting to load iptable_mangle module...

2018-02-14 20:03:58,052 DEBG 'start-script' stderr output:
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.9.30-unRAID

2018-02-14 20:03:58,052 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module using modprobe, trying insmod...

2018-02-14 20:03:58,053 DEBG 'start-script' stderr output:
insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory 

 

iptable_mangle support will not stop torrents from starting, that only prevents you accessing the web ui from outside your lan. i would guess that your issue is probably related to either running out of disk space on your host, or misconfigured volume mappings, such that the downloads are getting stored inside the loopback mounted docker image (unraid users only) so check for these things.

Link to comment

I'm still unable to keep a connection alive for more than 30 seconds. I've tried all sorts of servers and options and nothing seems to work. Using the AirVPN desktop client everything works fine, however, so I don't think it's my ISP messing with things. Everything starts up fine, then the following repeats in my log over and over again:
 

2018-02-16 16:07:23,708 DEBG 'start-script' stdout output:
[warn] OpenVPN process terminated, restarting OpenVPN...

2018-02-16 16:07:23,719 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 OpenVPN 2.4.4 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Fri Feb 16 16:07:23 2018 library versions: OpenSSL 1.1.0f  25 May 2017, LZO 2.10

2018-02-16 16:07:23,720 DEBG 'start-script' stdout output:
[info] OpenVPN restarted

2018-02-16 16:07:23,723 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Fri Feb 16 16:07:23 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2018-02-16 16:07:23,724 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Feb 16 16:07:23 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

2018-02-16 16:07:23,724 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]199.19.94.12:443
Fri Feb 16 16:07:23 2018 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576]
Fri Feb 16 16:07:23 2018 UDP link local: (not bound)
Fri Feb 16 16:07:23 2018 UDP link remote: [AF_INET]199.19.94.12:443

2018-02-16 16:07:23,756 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 TLS: Initial packet from [AF_INET]199.19.94.12:443, sid=ecdeed21 230df73d

2018-02-16 16:07:23,815 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

2018-02-16 16:07:23,816 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 VERIFY KU OK
Fri Feb 16 16:07:23 2018 Validating certificate extended key usage
Fri Feb 16 16:07:23 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

2018-02-16 16:07:23,816 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 VERIFY EKU OK
Fri Feb 16 16:07:23 2018 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Almach, emailAddress=info@airvpn.org

2018-02-16 16:07:23,967 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1590', remote='link-mtu 1558'
Fri Feb 16 16:07:23 2018 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'

2018-02-16 16:07:23,967 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:23 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Feb 16 16:07:23 2018 [Almach] Peer Connection Initiated with [AF_INET]199.19.94.12:443

2018-02-16 16:07:24,374 DEBG 'deluge-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-02-16 16:07:25,050 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 SENT CONTROL [Almach]: 'PUSH_REQUEST' (status=1)

2018-02-16 16:07:25,080 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.19.176 255.255.0.0,peer-id 34,cipher AES-256-GCM'

2018-02-16 16:07:25,081 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: timers and/or timeouts modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: compression parms modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: --ifconfig/up options modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: route options modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: route-related options modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: peer-id set
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: adjusting link_mtu to 1657
Fri Feb 16 16:07:25 2018 OPTIONS IMPORT: data channel crypto options modified
Fri Feb 16 16:07:25 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Feb 16 16:07:25 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Feb 16 16:07:25 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

2018-02-16 16:07:25,081 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 ROUTE_GATEWAY 10.0.3.1/255.255.255.0 IFACE=eth0 HWADDR=02:42:0a:00:03:06

2018-02-16 16:07:25,082 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 TUN/TAP device tun0 opened
Fri Feb 16 16:07:25 2018 TUN/TAP TX queue length set to 100
Fri Feb 16 16:07:25 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Feb 16 16:07:25 2018 /usr/bin/ip link set dev tun0 up mtu 1500

2018-02-16 16:07:25,084 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 /usr/bin/ip addr add dev tun0 10.4.19.176/16 broadcast 10.4.255.255

2018-02-16 16:07:25,086 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 /root/openvpnup.sh tun0 1500 1585 10.4.19.176 255.255.0.0 init

2018-02-16 16:07:25,090 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 /usr/bin/ip route add 199.19.94.12/32 via 10.0.3.1

2018-02-16 16:07:25,092 DEBG 'start-script' stdout output:
RTNETLINK answers: File exists

2018-02-16 16:07:25,093 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 ERROR: Linux route add command failed: external program exited with error status: 2
Fri Feb 16 16:07:25 2018 /usr/bin/ip route add 0.0.0.0/1 via 10.4.0.1

2018-02-16 16:07:25,094 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-02-16 16:07:25,096 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 /usr/bin/ip route add 128.0.0.0/1 via 10.4.0.1

2018-02-16 16:07:25,097 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-02-16 16:07:25,098 DEBG 'start-script' stdout output:
Fri Feb 16 16:07:25 2018 Initialization Sequence Completed

2018-02-16 16:07:25,127 DEBG 'deluge-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.4.19.176'

2018-02-16 16:07:25,134 DEBG 'deluge-script' stdout output:
[debug] VPN incoming port is 
[debug] VPN IP is 10.4.19.176
[debug] Deluge incoming port is 
[debug] Deluge IP is 10.4.19.176

2018-02-16 16:07:25,214 DEBG 'start-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.4.19.176'

2018-02-16 16:07:25,215 DEBG 'start-script' stdout output:
[debug] VPN provider airvpn is != pia, skipping incoming port detection

2018-02-16 16:07:25,216 DEBG 'start-script' stdout output:
[debug] Valid IP address from tunnel acquired '10.4.19.176'

2018-02-16 16:07:25,216 DEBG 'start-script' stdout output:
[debug] Attempting to get external IP using Name Server 'ns1.google.com'...

2018-02-16 16:07:25,364 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address 199.19.94.16

2018-02-16 16:07:53,728 DEBG 'start-script' stdout output:
[warn] OpenVPN process terminated, restarting OpenVPN...


 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.