[Support] binhex - DelugeVPN


8745 posts in this topic Last Reply

Recommended Posts

Just recently, I am getting errors when trying to connect to certain indexers in Sonarr/Radarr when going through this container's Privoxy.  Some  indexers work, and some don't (I've found that Rarbg and NzbFinder.ws don't). Disabling the proxy in Sonarr/Radarr fixes the issues. Any ideas on what might be causing this? The Sonarr logs just give a generic protocol error

 

Unable to connect to indexer: Error: ProtocolError: 'https://nzbfinder.ws/...'

 

Link to post
  • Replies 8.7k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

OK guys, multi remote endpoint support is now in for this image please pull down the new image (this change will be rolled out to all my vpn images shortly).   What this means is that the im

There has been an issue raised on GitHub related to tracker announce request IP leakage under certain circumstances, after careful review of iptables i have tightened up the rules to prevent this. A n

I wanted to summarize how I got Mullvad working with DelugeVPN as I had to piece together several "solutions" from different comments in this thread and there was some incorrect info; likely old.

Posted Images

13 minutes ago, SRB said:

Just recently, I am getting errors when trying to connect to certain indexers in Sonarr/Radarr when going through this container's Privoxy.  Some  indexers work, and some don't (I've found that Rarbg and NzbFinder.ws don't).

 

I'm not sure whether it is the same issue, but I find that Jacket sometimes fetches a 1.3kB html file from rarbg which says something about enabling cookies, instead of the legitimate torrent file of around 80kB.  I'm still struggling with this.  Resetting the configuration of the rarbg fetcher in Jacket seems to make it work once then the next time it fails again. 

 

Further, testing a fetcher from within Jacket seems to set the watch inactive in the deluge AutoAdd plugin.

Link to post
11 minutes ago, PeterB said:

but I find that Jacket sometimes fetches a 1.3kB html file from rarbg which says something about enabling cookies, instead of the legitimate torrent file of around 80kB

i simply use magnets instead from rarbg, you can do this by configuring the site in jackett, problem solved 🙂

Link to post
29 minutes ago, binhex said:

i simply use magnets instead from rarbg, you can do this by configuring the site in jackett, problem solved 🙂

I must be missing something - for the life of me, I cannot see where/what to set to use magnets.

Link to post
31 minutes ago, PeterB said:

I must be missing something - for the life of me, I cannot see where/what to set to use magnets.

sorry i must of been thinking about another index site, rarbg is only magnets, at least for me it is in the jackett ui.

Link to post
1 hour ago, binhex said:

sorry i must of been thinking about another index site, rarbg is only magnets, at least for me it is in the jackett ui.

So why does mine keep creating (corrupt) .torrent files?

Link to post
8 minutes ago, PeterB said:

So why does mine keep creating (corrupt) .torrent files?

i got no idea!, perhaps couchpotato is a bit crap at converting magnets to torrents (it shouldnt need to do that but maybe it is?), certainly no issues on my side with sonarr and i dont have anything fancy going on like FlareSolverr.

 

i go out of my to steer clear of any index site that uses torrents, its just another thing that can cause problems, magnets all the way for me.

 

edit - no idea if this is relevant? perhaps the corrupt .torrent files you are seeing is actually a magnet link in a file?

 

Link to post
On 12/28/2020 at 3:33 AM, rampage said:

is there a tool in the docker or I can install in Unraid to create torrent from the files?

I have the same question. I now want to create one and this docker doesn't have the normal feature to create new torrents like I used to see back with qbitorrent or uTorrent. Thanks!

Link to post
On 1/20/2021 at 3:03 PM, binhex said:

 

but you CAN access the web ui of the other container when inside your lan?

 

@binhex that is correct, I am starting to think that a reverse proxy might be an easier idea. Not sure if its worth mentioning, but your container is running on the bridge network, not sure if I should have move it to "Custom: br0" and given it an ip on my network.

Link to post

Right, just received my new router, got a new external IP and moved over to a different internal IP range (192.168.1.0/24 from 10.0.0.0/24) and now DelugeVPN utterly refuses to launch the webUI when I enable the VPN. Without it it functions just fine.

 

I have not changed anything to the configuration besides giving it a new fixed IP and changing the LAN_NETWORK variable to the new network/mask. I'm using NordVPN, tried switching to a different P2P server to no avail.

delugevpn.thumb.png.4ad377d1aeaa34b01bd9d25e6eadbbb2.png

 

jJX40Lz.png.adbf0099b7c6944d451785837ddc8ce0.png

 

What log file can I supply for more information? Or does someone already spot the issue.. I'm kinda stuck myself.

Edited by iD4NG3R
Link to post
32 minutes ago, iD4NG3R said:

I have not changed anything to the configuration besides giving it a new fixed IP and changing the LAN_NETWORK variable to the new network/mask. I'm using NordVPN, tried switching to a different P2P server to no avail.

this should tell us some more:- https://github.com/binhex/documentation/blob/master/docker/faq/help.md

Link to post
On 1/29/2021 at 8:31 PM, iD4NG3R said:

Here you go: supervisord.log

 

The last bit has been looping ever since.

 

Interesting find almost a day later; Privoxy seems to work, despite Deluge itself not functioning at all when the VPN is enabled. 🤔

there is no sign of any issues in that log file, the last bit wil loop as you have debug on, what is the ip address of the machine you are using to connect to the deluge web ui? is it in this range? (taken from your log):-

 

LAN_NETWORK defined as '192.168.1.0/24'

Link to post
3 hours ago, binhex said:

there is no sign of any issues in that log file, the last bit wil loop as you have debug on, what is the ip address of the machine you are using to connect to the deluge web ui? is it in this range? (taken from your log):-

 

LAN_NETWORK defined as '192.168.1.0/24'

Accessing it from 192.168.1.101, the unRAID server itself runs on 192.168.1.100. The container runs at 192.168.1.51. The container is active, and I can ping it just fine.

 

As stated before, the second I disable the VPN I can access the webGUI, the same kinda behaviour that occurs when DelugeVPN fails to connect to the VPN. (Which according to the logs doesn't seem to happen..)

 

Privoxy seems to function even when I cannot access the webGUI, although I have no idea if it's actually going through the VPN or my own IP.

Edited by iD4NG3R
more info
Link to post
6 minutes ago, iD4NG3R said:

As stated before, the second I disable the VPN I can access the webGUI, the same kinda behaviour that occurs when DelugeVPN fails to connect to the VPN

this is not true, it is not the same behaviour as when the vpn fails, when the vpn fails you will NOT be able to access the web ui, this is a safety function to prevent ip leakage.

 

12 minutes ago, iD4NG3R said:

Privoxy seems to function even when I cannot access the webGUI, although I have no idea if it's actually going through the VPN or my own IP.

it will be going through the vpn, as stated above, if the tunnel doesnt come up then no apps will start, so you can be assured that privoxy is indeed using the vpn tunnel (assuming VPN_ENABLED = yes).

Link to post
4 minutes ago, binhex said:

this is not true, it is not the same behaviour as when the vpn fails, when the vpn fails you will NOT be able to access the web ui, this is a safety function to prevent ip leakage.

Which is what I'm trying to say. ;)

When VPN_ENABLED is set to false, I can access the webGUI. The second I set it to true, I cannot.

Link to post
8 minutes ago, iD4NG3R said:

Which is what I'm trying to say. ;)

i hear you loud and clear and get the issue, i was just clarifying that what you stated was incorrect - when the vpn is enabled you will NOT be able to access the web ui UNLESS the vpn is established, which in your case the vpn IS established, so you should be able to access the web ui.

 

the below in bold is NOT true

 

Quote

As stated before, the second I disable the VPN I can access the webGUI, the same kinda behaviour that occurs when DelugeVPN fails to connect to the VPN. (Which according to the logs doesn't seem to happen..)

 

it is not the 'same kinda behaviour', because in that scenario you cannot access the web ui, you get what im saying?

Link to post
32 minutes ago, binhex said:

i hear you loud and clear and get the issue, i was just clarifying that what you stated was incorrect - when the vpn is enabled you will NOT be able to access the web ui UNLESS the vpn is established, which in your case the vpn IS established, so you should be able to access the web ui.

 

the below in bold is NOT true

 

 

it is not the 'same kinda behaviour', because in that scenario you cannot access the web ui, you get what im saying?

I meant that with the VPN enabled, the webGUI becomes inaccessible [but with it disabled it functions]. The message was intended as a continuation of my first message. You're absolutely right, I'll make sure to make that more clear in any future messages.

 

But back to the issue at hand, is there anything else you'd recommend me to try? All of this only started happening after I got myself a new router.
 

Followed most of, if not all of the FAQ's on the repo. I've reinstalled the container several times now (both from scratch and from previous configurations), restarted the Docker service a few times, even went as far as to restart the entire server. Since the logs aren't throwing any obvious errors I'm kinda stuck..

Edited by iD4NG3R
Link to post
1 hour ago, iD4NG3R said:

But back to the issue at hand, is there anything else you'd recommend me to try? All of this only started happening after I got myself a new router.

you could try switching from specific ip address back to the default 'network type', which is 'bridge', this is most likely your issue, i did investigate this a long time ago and under certain circumstances it can work with a set ip, for now switch it to bridge and you probably will be good to go.

Link to post
Just now, iD4NG3R said:

That was honestly the one thing that I didn't try, and indeed gets it working. /facepalm

 

Strange, I've always ran in on it's own IP.

 

Thank you!

i THINK from memory (im getting old so dont quote me on this), if the network and ip address assigned to the container are different to your lan address then it should work just fine, the issue is you are setting the ip address of the container to the same network range as your lan, thus routing and iptable rules get a bit screwed up.

Link to post

For some reason the web client is no longer working for me. Specifically, the webclient is not accessible on my deviceIP:8112.

I did have this exact setup working about a month ago. There must have been some update that messed things up.

 

Using a synology DS218+ and private internet access.

below are the scripts I used to launch the container and the supervisor log. Passwords and usernames censored.

Quote



docker run -d \
    --cap-add=NET_ADMIN \
    -p 8112:8112 \
    -p 8118:8118 \
    -p 58846:58846 \
    -p 58946:58946 \
    --name=delugevpn \
    -v /volume1/docker/deluge/config:/config \
    -v /etc/localtime:/etc/localtime:ro \
    -v /volume1/downloads:/data \
    -v /volume1/downloads/completed:/data/completed \
    -v /volume1/downloads/torrentfiles:/data/torrentfiles \
    -e VPN_ENABLED=yes \
    -e VPN_USER=XXXXXXXX \
    -e VPN_PASS=yYYYYYYYYY \
    -e VPN_PROV=pia \
    -e STRICT_PORT_FORWARD=no \
    -e ENABLE_PRIVOXY=no \
    -e LAN_NETWORK=192.168.1.0/24 \
    -e NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1 \
    -e DELUGE_DAEMON_LOG_LEVEL=info \
    -e DELUGE_WEB_LOG_LEVEL=info \
    -e ADDITIONAL_PORTS=1234 \
    -e DEBUG=true \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-delugevpn

Created by...
___.   .__       .__                   
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    < 
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2021-02-01 18:08:53.574531 [info] System information Linux eca080ac1e48 4.4.59+ #25426 SMP PREEMPT Mon Dec 14 18:48:50 CST 2020 x86_64 GNU/Linux
2021-02-01 18:08:53.683868 [info] OS_ARCH defined as 'x86-64'
2021-02-01 18:08:53.803367 [info] PUID defined as '0'
2021-02-01 18:08:54.062777 [info] PGID defined as '0'
2021-02-01 18:08:54.567422 [info] UMASK defined as '000'
2021-02-01 18:08:54.632459 [info] Setting permissions recursively on volume mappings...
2021-02-01 18:08:55.053129 [info] DELUGE_DAEMON_LOG_LEVEL defined as 'info'
2021-02-01 18:08:55.119450 [info] DELUGE_WEB_LOG_LEVEL defined as 'info'
2021-02-01 18:08:55.184879 [info] VPN_ENABLED defined as 'yes'
2021-02-01 18:08:55.285564 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/ca_montreal.ovpn
2021-02-01 18:08:55.420163 [info] VPN remote line defined as 'remote ca-montreal.privateinternetaccess.com 1198'
2021-02-01 18:08:55.486493 [info] VPN_REMOTE defined as 'ca-montreal.privateinternetaccess.com'
2021-02-01 18:08:55.555866 [info] VPN_PORT defined as '1198'
2021-02-01 18:08:55.626907 [info] VPN_PROTOCOL defined as 'udp'
2021-02-01 18:08:55.694451 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-02-01 18:08:55.760230 [info] VPN_PROV defined as 'pia'
2021-02-01 18:08:55.824775 [info] LAN_NETWORK defined as '192.168.1.0/24'
2021-02-01 18:08:55.891242 [info] NAME_SERVERS defined as '209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1'
2021-02-01 18:08:55.955505 [info] VPN_USER defined as 'XXXXXXXXXX'
2021-02-01 18:08:56.019261 [info] VPN_PASS defined as 'YYYYYYYYY'
2021-02-01 18:08:56.086638 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-02-01 18:08:56.150290 [info] STRICT_PORT_FORWARD defined as 'no'
2021-02-01 18:08:56.214560 [info] ENABLE_PRIVOXY defined as 'no'
2021-02-01 18:08:56.279286 [info] ADDITIONAL_PORTS defined as '1234'
2021-02-01 18:08:56.398392 [info] Deleting files in /tmp (non recursive)...
2021-02-01 18:08:56.463717 [info] Starting Supervisor...
2021-02-01 18:09:00,454 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2021-02-01 18:09:00,455 INFO Set uid to user 0 succeeded
2021-02-01 18:09:00,547 INFO supervisord started with pid 7
2021-02-01 18:09:01,549 INFO spawned: 'start-script' with pid 182
2021-02-01 18:09:01,553 INFO spawned: 'watchdog-script' with pid 183
2021-02-01 18:09:01,555 INFO reaped unknown pid 8 (exit status 0)
2021-02-01 18:09:01,575 DEBG 'watchdog-script' stdout output:
[info] Deluge-web config file doesn't exist, copying default...

2021-02-01 18:09:01,575 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-02-01 18:09:01,575 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-02-01 18:09:01,577 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
[debug] Environment variables defined as follows
ADDITIONAL_PORTS=1234
APPLICATION=deluge
BASH=/bin/bash
BASHOPTS=checkwinsize:cmdhist:complete_fullquote:extquote:force_fignore:globasciiranges:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="5" [1]="0" [2]="17" [3]="1" [4]="release" [5]="x86_64-pc-linux-gnu")

2021-02-01 18:09:01,577 DEBG 'start-script' stdout output:
BASH_VERSION='5.0.17(1)-release'
DEBUG=true
DELUGE_DAEMON_LOG_LEVEL=info
DELUGE_WEB_LOG_LEVEL=info
DIRSTACK=()
ENABLE_PRIVOXY=no
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=eca080ac1e48
HOSTTYPE=x86_64
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.1.0/24
MACHTYPE=x86_64-pc-linux-gnu
NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
OS_ARCH=x86-64
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=0
PIPESTATUS=([0]="0")
PPID=7
PS4='+ '
PUID=0
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=no
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
UID=0
UMASK=000
VPN_CONFIG=/config/openvpn/ca_montreal.ovpn
VPN_DEVICE_TYPE=tun0
VPN_ENABLED=yes
VPN_OPTIONS=
VPN_PASS='YYYYYYYYY'
VPN_PORT=1198
VPN_PROTOCOL=udp
VPN_PROV=pia
VPN_REMOTE=ca-montreal.privateinternetaccess.com
VPN_USER=XXXXXXXXXX
_='[debug] Environment variables defined as follows'
[debug] Directory listing of files in /config/openvpn as follows

2021-02-01 18:09:01,584 DEBG 'watchdog-script' stdout output:
[info] Deluge config file doesn't exist, copying default...

2021-02-01 18:09:01,612 DEBG 'start-script' stdout output:
total 8
drwxrwxr-x 1 root root   64 Feb  1 18:08 .
drwxrwxr-x 1 root root   96 Feb  1 18:09 ..
-rwxrwxr-x 1 root root 3174 Feb  1 18:08 ca_montreal.ovpn
-rwxrwxr-x 1 root root   19 Feb  1 17:59 credentials.conf

2021-02-01 18:09:01,631 DEBG 'start-script' stdout output:
[warn] Password contains characters which could cause authentication issues, please consider changing this if possible

2021-02-01 18:09:01,688 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/ca_montreal.ovpn as follows...

2021-02-01 18:09:01,690 DEBG 'start-script' stdout output:
remote ca-montreal.privateinternetaccess.com 1198
client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
<crl-verify>
-----BEGIN X509 CRL-----
MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl
cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw
HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0
ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl
aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa
MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG
9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5
jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW
B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re
ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA
5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy
MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
-----END X509 CRL-----
</crl-verify>

<ca>
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
/5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
YDQ8z9v+DMO6iwyIDRiU
-----END CERTIFICATE-----
</ca>

disable-occ

2021-02-01 18:09:01,761 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2021-02-01 18:09:01,768 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf

2021-02-01 18:09:01,774 DEBG 'start-script' stdout output:
[info] Adding 84.200.69.80 to /etc/resolv.conf

2021-02-01 18:09:01,785 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2021-02-01 18:09:01,790 DEBG 'start-script' stdout output:
[info] Adding 1.1.1.1 to /etc/resolv.conf

2021-02-01 18:09:01,796 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf

2021-02-01 18:09:01,806 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2021-02-01 18:09:01,808 DEBG 'start-script' stdout output:
[info] Adding 84.200.70.40 to /etc/resolv.conf

2021-02-01 18:09:01,814 DEBG 'start-script' stdout output:
[info] Adding 1.0.0.1 to /etc/resolv.conf

2021-02-01 18:09:17,119 DEBG 'start-script' stdout output:
[debug] Show name servers defined for container

2021-02-01 18:09:17,120 DEBG 'start-script' stdout output:
nameserver 209.222.18.222
nameserver 84.200.69.80
nameserver 37.235.1.174
nameserver 1.1.1.1
nameserver 209.222.18.218
nameserver 37.235.1.177
nameserver 84.200.70.40
nameserver 1.0.0.1
[debug] Show name resolution for VPN endpoint ca-montreal.privateinternetaccess.com

2021-02-01 18:09:17,245 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 5045
;; flags: qr rd ra ; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; ca-montreal.privateinternetaccess.com.	IN	A

;; ANSWER SECTION:
ca-montreal.privateinternetaccess.com.	300	IN	CNAME	ca-montreal.regions.cluster.piaservers.net.
ca-montreal.regions.cluster.piaservers.net.	120	IN	A	199.36.223.194
ca-montreal.regions.cluster.piaservers.net.	120	IN	A	199.36.223.130

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 120 msec
;; SERVER: 84.200.69.80
;; WHEN: Mon Feb  1 18:09:17 2021
;; MSG SIZE  rcvd: 143

2021-02-01 18:09:17,247 DEBG 'start-script' stdout output:
[debug] Show contents of hosts file

2021-02-01 18:09:17,249 DEBG 'start-script' stdout output:
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.2	eca080ac1e48
199.36.223.130	ca-montreal.privateinternetaccess.com

2021-02-01 18:09:17,284 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0

2021-02-01 18:09:17,292 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.2

2021-02-01 18:09:17,301 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0

2021-02-01 18:09:17,323 DEBG 'start-script' stdout output:
[info] Docker network defined as    172.17.0.0/16

2021-02-01 18:09:17,330 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2021-02-01 18:09:17,333 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2021-02-01 18:09:17,336 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0 

2021-02-01 18:09:17,337 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2 

2021-02-01 18:09:17,337 DEBG 'start-script' stdout output:
192.168.1.0/24 via 172.17.0.1 dev eth0 

2021-02-01 18:09:17,339 DEBG 'start-script' stdout output:
--------------------

2021-02-01 18:09:17,340 DEBG 'start-script' stdout output:
[debug] Modules currently loaded for kernel

2021-02-01 18:09:17,347 DEBG 'start-script' stdout output:
Module                  Size  Used by
snd_usb_hiface          8276  0
snd_pcm_oss            20697  0
snd_mixer_oss          13872  1 snd_pcm_oss
snd_usb_audio         132790  0
snd_pcm                73764  3 snd_pcm_oss,snd_usb_hiface,snd_usb_audio
snd_timer              19490  1 snd_pcm
snd_hwdep               5866  1 snd_usb_audio
snd_usbmidi_lib        19515  1 snd_usb_audio
snd_rawmidi            17772  1 snd_usbmidi_lib
snd_seq_device          3240  1 snd_rawmidi
snd                    49467  10 snd_pcm_oss,snd_usb_hiface,snd_usb_audio,snd_hwdep,snd_timer,snd_pcm,snd_rawmidi,snd_usbmidi_lib,snd_seq_device,snd_mixer_oss
soundcore               5039  1 snd
xt_ipvs                 2202  0
ip_vs_rr                1447  0
ip_vs                 127243  3 ip_vs_rr,xt_ipvs
xt_mark                 1317  0
iptable_mangle          1656  0
br_netfilter           13589  0
bridge                 55340  1 br_netfilter
stp                     1693  1 bridge
aufs                  194351  0
macvlan                13776  0
veth                    5094  0
xt_conntrack            3401  1
xt_addrtype             2893  1
nf_conntrack_ipv6       6563  0
nf_defrag_ipv6         23062  1 nf_conntrack_ipv6
ip6table_filter         1532  0
ip6_tables             14730  1 ip6table_filter
ipt_MASQUERADE          1213  5
xt_REDIRECT             1486  0
nf_nat_masquerade_ipv4     1929  1 ipt_MASQUERADE
xt_nat                  1977  4
iptable_nat             1959  1
nf_nat_ipv4             4903  1 iptable_nat
nf_nat_redirect         1395  1 xt_REDIRECT
nf_nat                 10925  4 nf_nat_redirect,nf_nat_ipv4,xt_nat,nf_nat_masquerade_ipv4
xt_recent               8550  0
xt_iprange              1648  0
xt_limit                1985  0
xt_state                1367  0
xt_tcpudp               2543  12
xt_multiport            1830  0
xt_LOG                  1423  0
nf_conntrack_ipv4      11616  2
nf_defrag_ipv4          1475  1 nf_conntrack_ipv4
nf_conntrack           62480  8 ip_vs,nf_nat,xt_state,nf_nat_ipv4,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv4,nf_conntrack_ipv6
iptable_filter          1592  1
ip_tables              14092  3 iptable_filter,iptable_mangle,iptable_nat
x_tables               16302  19 ip6table_filter,xt_ipvs,xt_iprange,xt_mark,xt_recent,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_limit,xt_state,xt_conntrack,xt_LOG,xt_nat,xt_multiport,iptable_filter,xt_REDIRECT,iptable_mangle,ip6_tables,xt_addrtype
tun                    19295  0
cifs                  372254  0
udf                    80226  0
isofs                  31403  0
loop                   19749  0
nfsd                  267358  124
exportfs                3940  1 nfsd
rpcsec_gss_krb5        24595  0
syno_hddmon             2008  0
tcm_loop               12940  1
iscsi_target_mod      236522  1
target_core_ep         44622  2
target_core_multi_file    26766  1
target_core_file       41362  1
target_core_iblock     19769  1
target_core_mod       929914  18 target_core_iblock,target_core_multi_file,iscsi_target_mod,target_core_ep,target_core_file,tcm_loop
syno_extent_pool     1296536  0
rodsp_ep               76931  3 target_core_multi_file,syno_extent_pool,target_core_file
hid_generic             1321  0
usbhid                 26079  0
hid                    94408  2 hid_generic,usbhid
usblp                  10618  0
usb_storage            49426  0
uhci_hcd               22683  0
ehci_pci                3999  0
ehci_hcd               42414  1 ehci_pci
apollolake_synobios    68252  0
leds_lp3943             4500  0
exfat                 117655  0
btrfs                 956366  2 nfsd
i915                 1238212  0
drm_kms_helper        119660  1 i915
syscopyarea             3262  1 drm_kms_helper
sysfillrect             3754  1 drm_kms_helper
sysimgblt               2239  1 drm_kms_helper
fb_sys_fops             1314  1 drm_kms_helper
cfbfillrect             3818  1 drm_kms_helper
cfbcopyarea             3326  1 drm_kms_helper
cfbimgblt               2303  1 drm_kms_helper
drm                   304204  3 i915,drm_kms_helper
drm_panel_orientation_quirks     3601  1 drm
iosf
2021-02-01 18:09:17,355 DEBG 'start-script' stdout output:
_mbi                4234  1 i915
fb                     34811  2 i915,drm_kms_helper
fbdev                    966  1 fb
video                  25321  1 i915
backlight               6096  2 i915,video
button                  4756  1 i915
synoacl_vfs            15727  1
hfsplus                92438  0
md4                     4337  0
hmac                    2961  0
r8168                 524181  0
igb                   173575  0
i2c_algo_bit            5328  1 i915
e1000e                168333  0
vxlan                  32753  0
ip6_udp_tunnel          1903  1 vxlan
udp_tunnel              2355  1 vxlan
fuse                   85163  0
vfat                   10351  0
fat                    53904  1 vfat
crc32c_intel           12849  1
aesni_intel           157811  1
glue_helper             3893  1 aesni_intel
lrw                     3541  1 aesni_intel
gf128mul                5546  1 lrw
ablk_helper             1948  1 aesni_intel
arc4                    2040  0
cryptd                  7882  2 aesni_intel,ablk_helper
ecryptfs               78536  2 btrfs
sha256_generic         11993  0
ecb                     2113  1
aes_x86_64              7503  1 aesni_intel
authenc                 4076  0
des_generic            16861  0
ansi_cprng              3940  0
cts                     4136  0
md5                     2833  0
cbc                     2712  0
cpufreq_powersave       1126  0
cpufreq_performance     1130  2
acpi_cpufreq            6495  0
processor              23367  1 acpi_cpufreq
cpufreq_stats           2742  0
dm_snapshot            28295  0
dm_bufio               14214  1 dm_snapshot
crc_itu_t               1467  1 udf
crc_ccitt               1467  0
quota_v2                4047  0
quota_tree              7850  1 quota_v2
psnap                   1917  0
p8022                   1179  0
llc                     3569  4 stp,p8022,psnap,bridge
sit                    15812  0
tunnel4                 2261  1 sit
ip_tunnel              13200  1 sit
ipv6                  336006  136 sit,ip_vs,nf_defrag_ipv6,nf_conntrack_ipv6
zram                   19042  2
sg                     26457  0
etxhci_hcd             86330  0
xhci_pci                4650  0
xhci_hcd              104955  1 xhci_pci
usbcore               198691  12 etxhci_hcd,usblp,uhci_hcd,snd_usb_hiface,snd_usb_audio,usb_storage,snd_usbmidi_lib,ehci_hcd,ehci_pci,usbhid,xhci_hcd,xhci_pci
usb_common              2222  1 usbcore

2021-02-01 18:09:17,373 DEBG 'start-script' stdout output:
iptable_mangle          1656  0
ip_tables              14092  3 iptable_filter,iptable_mangle,iptable_nat
x_tables               16302  19 ip6table_filter,xt_ipvs,xt_iprange,xt_mark,xt_recent,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_limit,xt_state,xt_conntrack,xt_LOG,xt_nat,xt_multiport,iptable_filter,xt_REDIRECT,iptable_mangle,ip6_tables,xt_addrtype

2021-02-01 18:09:17,374 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2021-02-01 18:09:17,473 DEBG 'start-script' stdout output:
[info] Adding additional incoming port 1234 for eth0

2021-02-01 18:09:17,531 DEBG 'start-script' stdout output:
[info] Adding additional outgoing port 1234 for eth0

2021-02-01 18:09:17,552 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2021-02-01 18:09:17,556 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 1234 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1234 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 1234 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 1234 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT

2021-02-01 18:09:17,557 DEBG 'start-script' stdout output:
--------------------

2021-02-01 18:09:17,569 DEBG 'start-script' stdout output:
[debug] OpenVPN command line:- /usr/bin/openvpn --daemon --reneg-sec 0 --mute-replay-warnings --auth-nocache --setenv VPN_PROV 'pia' --setenv DEBUG 'true' --setenv VPN_DEVICE_TYPE 'tun0' --setenv VPN_ENABLED 'yes' --setenv VPN_REMOTE 'ca-montreal.privateinternetaccess.com' --setenv APPLICATION 'deluge' --script-security 2 --writepid /root/openvpn.pid --remap-usr1 SIGHUP --log-append /dev/stdout --pull-filter ignore 'up' --pull-filter ignore 'down' --pull-filter ignore 'route-ipv6' --pull-filter ignore 'ifconfig-ipv6' --pull-filter ignore 'tun-ipv6' --pull-filter ignore 'dhcp-option DNS6' --pull-filter ignore 'persist-tun' --pull-filter ignore 'reneg-sec' --up /root/openvpnup.sh --up-delay --up-restart --remote 199.36.223.130 1198 udp --remote 199.36.223.194 1198 udp --remote-random --keepalive 10 60 --setenv STRICT_PORT_FORWARD 'no' --disable-occ --auth-user-pass credentials.conf --cd /config/openvpn --config '/config/openvpn/ca_montreal.ovpn'
[info] Starting OpenVPN...

2021-02-01 18:09:18,141 DEBG 'start-script' stdout output:
Mon Feb  1 18:09:18 2021 WARNING: file 'credentials.conf' is group or others accessible

2021-02-01 18:09:18,142 DEBG 'start-script' stdout output:
Mon Feb  1 18:09:18 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020

2021-02-01 18:09:18,142 DEBG 'start-script' stdout output:
Mon Feb  1 18:09:18 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:09:18,144 DEBG 'start-script' stdout output:
[info] OpenVPN started
Mon Feb  1 18:09:18 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:09:18,169 DEBG 'start-script' stdout output:
Mon Feb  1 18:09:18 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:09:18,170 DEBG 'start-script' stdout output:
Mon Feb  1 18:09:18 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.194:1198
Mon Feb  1 18:09:18 2021 UDP link local: (not bound)
Mon Feb  1 18:09:18 2021 UDP link remote: [AF_INET]199.36.223.194:1198

2021-02-01 18:10:18,603 DEBG 'start-script' stdout output:
Mon Feb  1 18:10:18 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:10:18 2021 SIGHUP[soft,ping-restart] received, process restarting

2021-02-01 18:10:18,604 DEBG 'start-script' stdout output:
Mon Feb  1 18:10:18 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:10:18 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:10:18 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:10:23,604 DEBG 'start-script' stdout output:
Mon Feb  1 18:10:23 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:10:23,606 DEBG 'start-script' stdout output:
Mon Feb  1 18:10:23 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:10:23,607 DEBG 'start-script' stdout output:
Mon Feb  1 18:10:23 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.194:1198
Mon Feb  1 18:10:23 2021 UDP link local: (not bound)
Mon Feb  1 18:10:23 2021 UDP link remote: [AF_INET]199.36.223.194:1198

2021-02-01 18:11:23,128 DEBG 'start-script' stdout output:
Mon Feb  1 18:11:23 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting

2021-02-01 18:11:23,128 DEBG 'start-script' stdout output:
Mon Feb  1 18:11:23 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:11:23 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:11:23 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:11:23 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:11:28,128 DEBG 'start-script' stdout output:
Mon Feb  1 18:11:28 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:11:28,130 DEBG 'start-script' stdout output:
Mon Feb  1 18:11:28 2021 CRL: loaded 1 CRLs from file [[INLINE]]
Mon Feb  1 18:11:28 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.194:1198
Mon Feb  1 18:11:28 2021 UDP link local: (not bound)
Mon Feb  1 18:11:28 2021 UDP link remote: [AF_INET]199.36.223.194:1198

2021-02-01 18:12:28,776 DEBG 'start-script' stdout output:
Mon Feb  1 18:12:28 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:12:28 2021 SIGHUP[soft,ping-restart] received, process restarting

2021-02-01 18:12:28,777 DEBG 'start-script' stdout output:
Mon Feb  1 18:12:28 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:12:28 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:12:28 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:12:33,777 DEBG 'start-script' stdout output:
Mon Feb  1 18:12:33 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:12:33,779 DEBG 'start-script' stdout output:
Mon Feb  1 18:12:33 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:12:33,779 DEBG 'start-script' stdout output:
Mon Feb  1 18:12:33 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:12:33 2021 UDP link local: (not bound)
Mon Feb  1 18:12:33 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:13:33,400 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:33 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:13:33 2021 SIGHUP[soft,ping-restart] received, process restarting

2021-02-01 18:13:33,401 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:33 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:13:33 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:13:33 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:13:38,402 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:38 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:13:38,403 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:38 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:13:38,412 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:38 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:13:38 2021 UDP link local: (not bound)

2021-02-01 18:13:38,413 DEBG 'start-script' stdout output:
Mon Feb  1 18:13:38 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:14:38,279 DEBG 'start-script' stdout output:
Mon Feb  1 18:14:38 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:14:38 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:14:38 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:14:38 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:14:38 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:14:43,281 DEBG 'start-script' stdout output:
Mon Feb  1 18:14:43 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Feb  1 18:14:43 2021 CRL: loaded 1 CRLs from file [[INLINE]]
Mon Feb  1 18:14:43 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:14:43 2021 UDP link local: (not bound)
Mon Feb  1 18:14:43 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:15:43,973 DEBG 'start-script' stdout output:
Mon Feb  1 18:15:43 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:15:43 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:15:43 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:15:43 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:15:43 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:15:48,974 DEBG 'start-script' stdout output:
Mon Feb  1 18:15:48 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:15:48,975 DEBG 'start-script' stdout output:
Mon Feb  1 18:15:48 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:15:48,976 DEBG 'start-script' stdout output:
Mon Feb  1 18:15:48 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:15:48 2021 UDP link local: (not bound)
Mon Feb  1 18:15:48 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:16:48,056 DEBG 'start-script' stdout output:
Mon Feb  1 18:16:48 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting
Mon Feb  1 18:16:48 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:16:48 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:16:48 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:16:48 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:16:53,058 DEBG 'start-script' stdout output:
Mon Feb  1 18:16:53 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Feb  1 18:16:53 2021 CRL: loaded 1 CRLs from file [[INLINE]]
Mon Feb  1 18:16:53 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:16:53 2021 UDP link local: (not bound)
Mon Feb  1 18:16:53 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:17:53,502 DEBG 'start-script' stdout output:
Mon Feb  1 18:17:53 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting

2021-02-01 18:17:53,503 DEBG 'start-script' stdout output:
Mon Feb  1 18:17:53 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:17:53 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:17:53 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:17:53 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:17:58,503 DEBG 'start-script' stdout output:
Mon Feb  1 18:17:58 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:17:58,503 DEBG 'start-script' stdout output:
Mon Feb  1 18:17:58 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:17:58,504 DEBG 'start-script' stdout output:
Mon Feb  1 18:17:58 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:17:58 2021 UDP link local: (not bound)
Mon Feb  1 18:17:58 2021 UDP link remote: [AF_INET]199.36.223.130:1198

2021-02-01 18:18:59,039 DEBG 'start-script' stdout output:
Mon Feb  1 18:18:59 2021 [UNDEF] Inactivity timeout (--ping-restart), restarting

2021-02-01 18:18:59,040 DEBG 'start-script' stdout output:
Mon Feb  1 18:18:59 2021 SIGHUP[soft,ping-restart] received, process restarting
Mon Feb  1 18:18:59 2021 WARNING: file 'credentials.conf' is group or others accessible
Mon Feb  1 18:18:59 2021 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Feb  1 18:18:59 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10

2021-02-01 18:19:04,040 DEBG 'start-script' stdout output:
Mon Feb  1 18:19:04 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-02-01 18:19:04,041 DEBG 'start-script' stdout output:
Mon Feb  1 18:19:04 2021 CRL: loaded 1 CRLs from file [[INLINE]]

2021-02-01 18:19:04,041 DEBG 'start-script' stdout output:
Mon Feb  1 18:19:04 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.130:1198
Mon Feb  1 18:19:04 2021 UDP link local: (not bound)
Mon Feb  1 18:19:04 2021 UDP link remote: [AF_INET]199.36.223.130:1198


 

 

Edited by starfox5194
Quoted to collapse text
Link to post

Hi Binhex,

First of all, amazing work, installed on a Debain 10 with Docker on a OVH VPS.

Had a few issues with OVH detecting any activity as ddos attack, fixed by using a different openvpn config from PIA (I have to use TCP and IP).

Regardless of that, a few small issues but I took the time to read all the documentation for troubleshooting and I'm impressed how every little issue I had got solved.

There is only one thing I could not find documentation about, at least clearly even on Deluge forums.
I would like to use Thin Client to be able to create torrents. I use mainly private trackers and obv. need a good ratio.

I found the windows version I need for my windows PC here Unofficial Deluge 2.0.x for Windows.
In connection manager I have tried multiple entries but cannot detect my Deluge on my VPS, is this caused by VPN ?
I couldn't find much documentation about it either, at least for non local deluge server.

Is there an easier way to create torrents without thin client or shall I keep trying and searching for a solution.

Deluge on my VPS is running the latest 2.04.dev38.

Link to post

Hey Binhex, I also wanted to thank you for this docker and helping me get Mullvad and wireguard working a few months ago. I haven't noticed any real problems but I ran into what appears to be a DNS leak when using Firefox through delugevpn/privoxy. I had been fiddling around with my ports/endpoint on the Mullvad website and I noticed for the first time that they had a "privacy checker" tool. 

 

Their tool shows both my VPN DNS and my NextDNS IPs. Previously, I had run the dnsleaktest.com and only seen my Mullvad DNS. I have Firefox set to DISable DNS over HTTPS, as recommended, but even if I enable it and point it directly at the Mullvad DNS, the checker still shows my NextDNS address alongside it. I have the Mullvad DNS as the only entry for both the "Container Variable: NAME_SERVERS" and in wg0.conf.

 

The weird thing is that when I use the Mullvad wireguard Win10 tool, there are no DNS leaks. So there's something I'm doing wrong in my setup. I installed NextDNS on my Edgerouter-X as the default DNS using the NextDNS install script (https://nextdns.io/install) and I have all their install options enabled like "instant refresh" and "cache responses." Even with those options turned off, I still get DNS leaks with delugevpn/privoxy.

 

Leaking to NextDNS isn't the end of the world but I'd like to understand why it's happening.  If you or anyone has any guesses, I'd love to hear them. I've done a lot of searching on the NextDNS and Ubiquiti forums and haven't seen anyone with quite this exact problem or any solutions.

Link to post

People using PIA. Has anyone found a way to make an endpoint work consistently? Or is everyone pretty much in the same boat? I usually have to spend like an hour trying different endpoints until downloads start working again.

 

Edit: I've heard people say that they got it to work by setting strict port forwarding to no, but I've also heard that can impact speed. I'm also curious if there are any security risks with disabling that.

Edited by Cark
Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.