[Support] binhex - DelugeVPN


Recommended Posts

2 hours ago, mashuto said:

Hello there, I just wanted to first say thanks for this excellent container. I was running a full ubuntu vm for this before and couldn't figure out how to get a kill switch up and running for the vpn and this is just much simpler... well, outside the issues I had getting docker to run on windows server 2016.

 

So, I see there has been some discussion recently about slow speeds. I wanted to chime in and say I am experiencing the same. I was using an older version of the container (dont remember the exact version) that I know hadn't been updated in a while and I was using it via docker toolbox. But there was some weird configuration stuff and actually acessing a docker toolbox container on my network was a real pain. So I saw that docker for windows was finally available for win server 2016 and I switched. Overall much happier, other than the slow speeds.

 

With the old container on docker toolbox I could often max out my downloads at 2-3MB/s, but with this new one I dont think I have seen higher than 350KB/s. My internet connection is 75mb/s so the download speeds seem really low. I have messed with the bandwidth settings and as per recent discussions, I have confirmed that rate limit ip overhead is not and has not been checked. I am also using pia and am pretty much using default settings (at least the example settings from the github or docker pull page).

 

As per instructions, I enabled debug mode, restarted and let it run for a few minutes and am attaching my supervisord.log file with user and password x'd out.

supervisord.log

 

I installed this:

http://forum.deluge-torrent.org/viewtopic.php?t=42887

 

And did this:

lvo5GGG.png

 

... and it seems to be working. I was getting 2-3MB/s and am now seeing 35MB+.

 

I don't know why, but I hope that helps.

Link to comment
31 minutes ago, nlash said:

 

I installed this:

http://forum.deluge-torrent.org/viewtopic.php?t=42887

 

And did this:

lvo5GGG.png

 

... and it seems to be working. I was getting 2-3MB/s and am now seeing 35MB+.

 

I don't know why, but I hope that helps.

I appreciate it, but doesn't seem to have done anything. Individual torrents are still only running at like 20-30 kB/s even with a decent number of peers connected (close to 100). Incidentally, I can't seem to get rid of the ltconfig menu item even though I have removed the plugin...

 

I am really not sure if this is related to the container itself or has something to do with docker for windows, but it really is very slow for me right now and I can't figure out why.

Link to comment
8 hours ago, mashuto said:

I appreciate it, but doesn't seem to have done anything. Individual torrents are still only running at like 20-30 kB/s even with a decent number of peers connected (close to 100). Incidentally, I can't seem to get rid of the ltconfig menu item even though I have removed the plugin...

 

I am really not sure if this is related to the container itself or has something to do with docker for windows, but it really is very slow for me right now and I can't figure out why.

 

ive created a FAQ for this, take a look at Q7 in the following post:-

 

 

Link to comment
36 minutes ago, binhex said:

 

ive created a FAQ for this, take a look at Q7 in the following post:-

 

 

Its much appreciated, but I am just not sure any of these apply to me. For the incoming port, I am using PIA, I have strict port forward enabled, and am using NL as my endpoint. My upload speed is set to 2500kB/s which my internet should be able to handle just fine, but just like download speeds, I have yet to see uploads go over 200 or 300 kB/s total. Rate limit overhead is not enabled (left at default from the container). I am using NL as my endpoint which should have decent enough bandwidth, especially because its the same endpoint I was using before when I used to get better speeds. And I do not believe the disk is badly fragmented, but I will defragment it just in case, though I cant imagine it would slow me down to less than 10% of the speeds I used to get.

 

Since it appears as though I have the container set up right, I am wondering if it actually is the container or if its something related to using docker for windows over the older docker toolbox. I tried to go back to docker toolbox to test, but it is such an amazing pain to try access docker toolbox containers on the local network when running it on windows since it defaults the machines to a different subnet (and cant access on localhost either).

Link to comment
36 minutes ago, mashuto said:

Since it appears as though I have the container set up right, I am wondering if it actually is the container or if its something related to using docker for windows over the older docker toolbox

 

its a possibility yes.

Link to comment

@binhex If using this as intended with the docker bridge, should I be able to set to any subnet as the LAN_Network or am I limited to the subnet that the bridge is running on?

Is the WebUI port the only port Sonnar requires?, if so then it should have worked.

 

I had it to the point I could connect from another subnet other than the bridge using the WebUI but Sonnar refused to connect. I'm thinking this is a problem on my side as Sonnar and my laptop were in the same subnet at that point.
 

I actually have two VPN services, VLAN 300 is IPVanish I wanted to place it on that subnet and then use AirVPN within the docker for downloads(due to portforward) but not so concerns about leaks as it'll only be able to go out via IPVanish.

I'm about to setup a pfsense install and trying to get things in place, not the best diagram but gives a good idea https://www.gliffy.com/go/publish/12156089 It's a bit messy with both pfsense installs, but I don't want to break things until everything is ready.

Edited by Tuftuf
Link to comment
20 hours ago, Tuftuf said:

should I be able to set to any subnet as the LAN_Network

 

you should be setting this to your LAN network, not the docker bridge network, but yeah it can be any value as long as its valid for your lan :-).

 

i do have code to intelligently figure out what the docker bridge network is defined as, so you can create a new bridge network with a different range (default being 172.17.x.x) and it will figure this out.

 

20 hours ago, Tuftuf said:

he WebUI port the only port Sonnar requires?, if so then it should have worked.

 

take a look here for a screenshot of how sonarr should be configured for deluge:-

 

https://github.com/binhex/images/blob/master/docker/config/sonarr-deluge.png

Link to comment
19 hours ago, StarsLight said:

Hi,

 

I cannot use Transdrone to connect (192,168.1.XXX:8112) the delugeVPN with PIA. Any idea?

 

i use transdroid to connect to delugevpn and rtorrentvpn without issue so i know this does work fine. i would guess (without logs im guessing) that you either dont have your lan_network defined correctly, see here if your unsure:-

 

or your using the wrong port number, are you sure you have port 8112 port mapped to 8112 on your host side?, take a look at your config in the unraid web ui.

 

Link to comment
On 8/3/2017 at 3:05 AM, binhex said:

 

i use transdroid to connect to delugevpn and rtorrentvpn without issue so i know this does work fine. i would guess (without logs im guessing) that you either dont have your lan_network defined correctly, see here if your unsure:-

 

or your using the wrong port number, are you sure you have port 8112 port mapped to 8112 on your host side?, take a look at your config in the unraid web ui.

 

 

Hi, I have set lan_network to "192.168.1.0/24". do I put port forward 8112 in my router as well?

Link to comment

Well, I'm back. I could not figure out why I was getting such slow speeds. I tried a number of things but just couldnt get any of my torrents running at an acceptable speed. Most of the time they seemed to hover around 15-20kB/s.

 

So, I decided to go back and try a docker toolbox (instead of docker for windows) configuration again to see if I could at least get back to the speeds I was expecting and speeds that are acceptable. However, no matter what I do, I cannot access the webui of deluge. As far as I can tell everything is configured correctly. I am even using the exact same run command I was using and had no problems with on the docker for windows version. I cannot get the webui from local host, I cannot access it from the docker machine ip 192.168.99.100:8112. I added a third bridged adapter to the docker machine vm to get it on my regular subnet, cant access the webui from there either. I used kitematic to install the non vpn deluge container and I had no trouble accessing the webui there.

 

Really could use some help and hope I didnt just miss something obvious.

 

I set it to debug again and took another supervisord.log file, and am attaching my run command.

docker run command.txt

supervisord.log

Link to comment
1 hour ago, strike said:

@mashuto I think maybe your lan_network is wrong too

 


LAN_NETWORK defined as '192.168.1.1/24'

Think it should be 192.168.1.0 

Hah, Thank you so much! I was banging my head against this for so long and that just worked right away. I was under the impression that it was supposed to be for my gateway/router, which is 192.168.1.1, and I also figured since it seemed to work fine in docker for windows that it was correct. Anyways, much appreciated, thanks!

Link to comment

Edit the docker and set the DEBUG variable to true. Also delete the log before you start the container again, let it run for a few min and post the new log here. This was also in you log:

[warn] Username contains characters which could cause authentication issues, please consider changing this if possible
[warn] Password contains characters which could cause authentication issues, please consider changing this if possible

 

Link to comment
On 04/08/2017 at 7:13 PM, StarsLight said:

 

Hi, I have set lan_network to "192.168.1.0/24". do I put port forward 8112 in my router as well?

 

you only need to port forward 8112 if your accessing deluge using transdrone outside of your lan, you also need to have ip table mangle support for this to work (see the /config/supervisord.log) 

Link to comment
On 04/08/2017 at 7:16 PM, mashuto said:

Well, I'm back. I could not figure out why I was getting such slow speeds. I tried a number of things but just couldnt get any of my torrents running at an acceptable speed. Most of the time they seemed to hover around 15-20kB/s.

 

So, I decided to go back and try a docker toolbox (instead of docker for windows) configuration again to see if I could at least get back to the speeds I was expecting and speeds that are acceptable. However, no matter what I do, I cannot access the webui of deluge. As far as I can tell everything is configured correctly. I am even using the exact same run command I was using and had no problems with on the docker for windows version. I cannot get the webui from local host, I cannot access it from the docker machine ip 192.168.99.100:8112. I added a third bridged adapter to the docker machine vm to get it on my regular subnet, cant access the webui from there either. I used kitematic to install the non vpn deluge container and I had no trouble accessing the webui there.

 

Really could use some help and hope I didnt just miss something obvious.

 

I set it to debug again and took another supervisord.log file, and am attaching my run command.

docker run command.txt

supervisord.log

 

there is nothing wrong there, you have a successful connection, any issues will be related to your browser and/or your lan_network settings, check you are using the right lan_network, see here:- 

 

 

Link to comment

I can't get a connection established when I run the container with VPN set to "yes". If I set it to "no" and manually establish the connection via CLI in the conainter's shell, everything works fine. Any ideas?

 

OpenVPN CLI that works:

/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --dev tun0 --remote cc.myvpnprovider.com 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf

 

Successful connection output:

Mon Aug  7 14:57:35 2017 WARNING: file 'myvpnprovider.key' is group or others accessible
Mon Aug  7 14:57:35 2017 WARNING: file 'credentials.conf' is group or others accessible
Mon Aug  7 14:57:35 2017 OpenVPN 2.4.1 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2017
Mon Aug  7 14:57:35 2017 library versions: OpenSSL 1.1.0e  16 Feb 2017, LZO 2.10
Mon Aug  7 14:57:35 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Aug  7 14:57:36 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:36 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Aug  7 14:57:36 2017 UDP link local: (not bound)
Mon Aug  7 14:57:36 2017 UDP link remote: [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:36 2017 TLS: Initial packet from [AF_INET]203.99.107.45:1197, sid=afe0d213 29e40f41
Mon Aug  7 14:57:36 2017 VERIFY WARNING: depth=1, unable to get certificate CRL: C=NA, ST=None, L=None, O=myvpnprovider, CN=master.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY WARNING: depth=2, unable to get certificate CRL: C=NA, ST=None, L=None, O=myvpnprovider, CN=myvpnprovider CA, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=2, C=NA, ST=None, L=None, O=myvpnprovider, CN=myvpnprovider CA, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=1, C=NA, ST=None, L=None, O=myvpnprovider, CN=master.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY KU OK
Mon Aug  7 14:57:36 2017 Validating certificate extended key usage
Mon Aug  7 14:57:36 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Aug  7 14:57:36 2017 VERIFY EKU OK
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=0, C=NA, ST=None, L=None, O=myvpnprovider, CN=cc9.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Mon Aug  7 14:57:36 2017 [cc9.myvpnprovider.com] Peer Connection Initiated with [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:38 2017 SENT CONTROL [cc9.myvpnprovider.com]: 'PUSH_REQUEST' (status=1)
Mon Aug  7 14:57:38 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.11.0.1,route-ipv6 0000::/2,route-ipv6 4000::/2,route-ipv6 8000::/2,route-ipv6 C000::/2,route-gateway 10.11.0.1,topology subnet,socket-flags TCP_NODELAY,ifconfig-ipv6 fdda:d0d0:cafe:1197::1007/64 fdda:d0d0:cafe:1197::,ifconfig 10.11.0.9 255.255.0.0,peer-id 5,cipher AES-256-GCM'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 0000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 4000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 8000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 C000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'ifconfig-ipv6 fdda:d0d0:cafe:1197::1007/64 fdda:d0d0:cafe:1197::'
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --socket-flags option modified
Mon Aug  7 14:57:38 2017 NOTE: setsockopt TCP_NODELAY=1 failed
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: route options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: route-related options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: peer-id set
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: adjusting link_mtu to 1625
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: data channel crypto options modified
Mon Aug  7 14:57:38 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug  7 14:57:38 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug  7 14:57:38 2017 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:0b
Mon Aug  7 14:57:38 2017 TUN/TAP device tun0 opened
Mon Aug  7 14:57:38 2017 TUN/TAP TX queue length set to 100
Mon Aug  7 14:57:38 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Aug  7 14:57:38 2017 /usr/bin/ip link set dev tun0 up mtu 1500
Mon Aug  7 14:57:38 2017 /usr/bin/ip addr add dev tun0 10.11.0.9/16 broadcast 10.11.255.255
Mon Aug  7 14:57:38 2017 /root/openvpnup.sh tun0 1500 1553 10.11.0.9 255.255.0.0 init
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 203.99.107.45/32 via 172.17.0.1
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 0.0.0.0/1 via 10.11.0.1
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 128.0.0.0/1 via 10.11.0.1
Mon Aug  7 14:57:38 2017 Initialization Sequence Completed
[debug] VPN provider custom is != pia, skipping incoming port detection
[info] Successfully retrieved external IP address 203.99.107.69

 

OpenVPN CLI from the debug log that DOESN'T work and log output:

[debug] OpenVPN command line '/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --daemon --dev tun0 --remote cc.myvpnprovider.com 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf'
[info] Starting OpenVPN...

2017-08-07 15:13:27,539 DEBG 'start-script' stdout output:
[info] OpenVPN started
[debug] Waiting for valid IP address from tunnel...

 

Contents of myvpnprovider_linux.ovpn (I added the filters about ipv6, since unRAID doesn't support IPv6 yet, otherwise there was an error):

client
pull-filter ignore "route-ipv6"
pull-filter ignore "ifconfig-ipv6"
cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
comp-lzo
verb 3
remote-cert-tls server
script-security 2
ca ca.crt
cert myvpnprovider.crt
key myvpnprovider.key
crl-verify crl.pem
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA

 

Variables for the container:

2017-08-07 15:13:22.753417 [info] PUID defined as '99'
2017-08-07 15:13:22.834103 [info] PGID defined as '100'
2017-08-07 15:13:23.279725 [info] UMASK defined as '000'
2017-08-07 15:13:23.427337 [info] VPN_ENABLED defined as 'yes'
2017-08-07 15:13:23.479148 [info] VPN_PROV defined as 'custom'
2017-08-07 15:13:23.544305 [info] VPN_REMOTE defined as 'cc.myvpnprovider.com'
2017-08-07 15:13:23.592989 [info] VPN_PORT defined as '1197'
2017-08-07 15:13:23.641179 [info] VPN_PROTOCOL defined as 'udp'
2017-08-07 15:13:23.691185 [info] LAN_NETWORK defined as '192.168.1.0/24'
2017-08-07 15:13:23.742468 [info] NAME_SERVERS defined as '<The VPN provider's DNS server>'
2017-08-07 15:13:23.790667 [info] VPN_USER defined as 'username'
2017-08-07 15:13:23.839399 [info] VPN_PASS defined as 'password'
2017-08-07 15:13:23.892156 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-08-07 15:13:23.962749 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2017-08-07 15:13:24.013515 [info] ENABLE_PRIVOXY defined as 'yes'

Any ideas why everything works when manually establishing the connection but not when the start script uses virtually the same syntax?

Edited by Darkguy
Link to comment
7 minutes ago, Darkguy said:

I can't get a connection established when I run the container with VPN set to "yes". If I set it to "no" and manually establish the connection via CLI in the conainter's shell, everything works fine. Any ideas?

 

OpenVPN CLI that works:


/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --dev tun0 --remote cc.myvpnprovider.com 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf

 

Successful connection output:


Mon Aug  7 14:57:35 2017 WARNING: file 'myvpnprovider.key' is group or others accessible
Mon Aug  7 14:57:35 2017 WARNING: file 'credentials.conf' is group or others accessible
Mon Aug  7 14:57:35 2017 OpenVPN 2.4.1 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2017
Mon Aug  7 14:57:35 2017 library versions: OpenSSL 1.1.0e  16 Feb 2017, LZO 2.10
Mon Aug  7 14:57:35 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Aug  7 14:57:36 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:36 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Aug  7 14:57:36 2017 UDP link local: (not bound)
Mon Aug  7 14:57:36 2017 UDP link remote: [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:36 2017 TLS: Initial packet from [AF_INET]203.99.107.45:1197, sid=afe0d213 29e40f41
Mon Aug  7 14:57:36 2017 VERIFY WARNING: depth=1, unable to get certificate CRL: C=NA, ST=None, L=None, O=myvpnprovider, CN=master.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY WARNING: depth=2, unable to get certificate CRL: C=NA, ST=None, L=None, O=myvpnprovider, CN=myvpnprovider CA, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=2, C=NA, ST=None, L=None, O=myvpnprovider, CN=myvpnprovider CA, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=1, C=NA, ST=None, L=None, O=myvpnprovider, CN=master.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 VERIFY KU OK
Mon Aug  7 14:57:36 2017 Validating certificate extended key usage
Mon Aug  7 14:57:36 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Aug  7 14:57:36 2017 VERIFY EKU OK
Mon Aug  7 14:57:36 2017 VERIFY OK: depth=0, C=NA, ST=None, L=None, O=myvpnprovider, CN=cc9.myvpnprovider.com, emailAddress=info@myvpnprovider.com
Mon Aug  7 14:57:36 2017 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA
Mon Aug  7 14:57:36 2017 [cc9.myvpnprovider.com] Peer Connection Initiated with [AF_INET]203.99.107.45:1197
Mon Aug  7 14:57:38 2017 SENT CONTROL [cc9.myvpnprovider.com]: 'PUSH_REQUEST' (status=1)
Mon Aug  7 14:57:38 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.11.0.1,route-ipv6 0000::/2,route-ipv6 4000::/2,route-ipv6 8000::/2,route-ipv6 C000::/2,route-gateway 10.11.0.1,topology subnet,socket-flags TCP_NODELAY,ifconfig-ipv6 fdda:d0d0:cafe:1197::1007/64 fdda:d0d0:cafe:1197::,ifconfig 10.11.0.9 255.255.0.0,peer-id 5,cipher AES-256-GCM'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 0000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 4000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 8000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'route-ipv6 C000::/2'
Mon Aug  7 14:57:38 2017 Pushed option removed by filter: 'ifconfig-ipv6 fdda:d0d0:cafe:1197::1007/64 fdda:d0d0:cafe:1197::'
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --socket-flags option modified
Mon Aug  7 14:57:38 2017 NOTE: setsockopt TCP_NODELAY=1 failed
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: route options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: route-related options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: peer-id set
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: adjusting link_mtu to 1625
Mon Aug  7 14:57:38 2017 OPTIONS IMPORT: data channel crypto options modified
Mon Aug  7 14:57:38 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug  7 14:57:38 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug  7 14:57:38 2017 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:0b
Mon Aug  7 14:57:38 2017 TUN/TAP device tun0 opened
Mon Aug  7 14:57:38 2017 TUN/TAP TX queue length set to 100
Mon Aug  7 14:57:38 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Aug  7 14:57:38 2017 /usr/bin/ip link set dev tun0 up mtu 1500
Mon Aug  7 14:57:38 2017 /usr/bin/ip addr add dev tun0 10.11.0.9/16 broadcast 10.11.255.255
Mon Aug  7 14:57:38 2017 /root/openvpnup.sh tun0 1500 1553 10.11.0.9 255.255.0.0 init
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 203.99.107.45/32 via 172.17.0.1
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 0.0.0.0/1 via 10.11.0.1
Mon Aug  7 14:57:38 2017 /usr/bin/ip route add 128.0.0.0/1 via 10.11.0.1
Mon Aug  7 14:57:38 2017 Initialization Sequence Completed
[debug] VPN provider custom is != pia, skipping incoming port detection
[info] Successfully retrieved external IP address 203.99.107.69

 

OpenVPN CLI from the debug log that DOESN'T work:


/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --daemon --dev tun0 --remote cc.myvpnprovider.net 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf

 

Contents of myvpnprovider_linux.ovpn (I added the filters about ipv6, since unRAID doesn't support IPv6 yet, otherwise there was an error):


client
pull-filter ignore "route-ipv6"
pull-filter ignore "ifconfig-ipv6"
cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
comp-lzo
verb 3
remote-cert-tls server
script-security 2
ca ca.crt
cert myvpnprovider.crt
key myvpnprovider.key
crl-verify crl.pem
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA

 

Variables for the container:


2017-08-07 15:13:22.753417 [info] PUID defined as '99'
2017-08-07 15:13:22.834103 [info] PGID defined as '100'
2017-08-07 15:13:23.279725 [info] UMASK defined as '000'
2017-08-07 15:13:23.427337 [info] VPN_ENABLED defined as 'yes'
2017-08-07 15:13:23.479148 [info] VPN_PROV defined as 'custom'
2017-08-07 15:13:23.544305 [info] VPN_REMOTE defined as 'cc.myvpnprovider.com'
2017-08-07 15:13:23.592989 [info] VPN_PORT defined as '1197'
2017-08-07 15:13:23.641179 [info] VPN_PROTOCOL defined as 'udp'
2017-08-07 15:13:23.691185 [info] LAN_NETWORK defined as '192.168.1.0/24'
2017-08-07 15:13:23.742468 [info] NAME_SERVERS defined as '<The VPN provider's DNS server>'
2017-08-07 15:13:23.790667 [info] VPN_USER defined as 'username'
2017-08-07 15:13:23.839399 [info] VPN_PASS defined as 'password'
2017-08-07 15:13:23.892156 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-08-07 15:13:23.962749 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2017-08-07 15:13:24.013515 [info] ENABLE_PRIVOXY defined as 'yes'

Any ideas why everything works when manually establishing the connection but not when the start script uses virtually the same syntax?

 

i really need the full /config/supervisord.log file with debug set to true to answer why its not working.

Link to comment
4 minutes ago, binhex said:

 

i really need the full /config/supervisord.log file with debug set to true to answer why its not working.

 

Sure, there you go, thanks!

 

Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/
2017-08-07 15:13:22.633365 [info] Host is running unRAID
2017-08-07 15:13:22.683157 [info] System information Linux 683e339df547 4.9.30-unRAID #1 SMP PREEMPT Fri May 26 13:56:36 PDT 2017 x86_64 GNU/Linux
2017-08-07 15:13:22.753417 [info] PUID defined as '99'
2017-08-07 15:13:22.834103 [info] PGID defined as '100'
2017-08-07 15:13:23.279725 [info] UMASK defined as '000'
2017-08-07 15:13:23.327588 [info] Permissions already set for volume mappings
2017-08-07 15:13:23.427337 [info] VPN_ENABLED defined as 'yes'
2017-08-07 15:13:23.479148 [info] VPN_PROV defined as 'custom'
2017-08-07 15:13:23.544305 [info] VPN_REMOTE defined as 'cc.myvpnprovider.net'
2017-08-07 15:13:23.592989 [info] VPN_PORT defined as '1197'
2017-08-07 15:13:23.641179 [info] VPN_PROTOCOL defined as 'udp'
2017-08-07 15:13:23.691185 [info] LAN_NETWORK defined as '192.168.1.0/24'
2017-08-07 15:13:23.742468 [info] NAME_SERVERS defined as '<DNS-of-VPN-Provider>'
2017-08-07 15:13:23.790667 [info] VPN_USER defined as 'username'
2017-08-07 15:13:23.839399 [info] VPN_PASS defined as 'password'
2017-08-07 15:13:23.892156 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-08-07 15:13:23.962749 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2017-08-07 15:13:24.013515 [info] ENABLE_PRIVOXY defined as 'yes'
2017-08-07 15:13:24.056767 [info] Setting permissions on files/folders inside container...
2017-08-07 15:13:24.152373 [info] Starting Supervisor...
2017-08-07 15:13:25,585 CRIT Set uid to user 0
2017-08-07 15:13:25,585 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2017-08-07 15:13:25,590 INFO supervisord started with pid 7
2017-08-07 15:13:26,593 INFO spawned: 'start-script' with pid 109
2017-08-07 15:13:26,595 INFO spawned: 'deluge-script' with pid 110
2017-08-07 15:13:26,598 INFO spawned: 'deluge-web-script' with pid 111
2017-08-07 15:13:26,601 INFO spawned: 'privoxy-script' with pid 112
2017-08-07 15:13:26,602 INFO reaped unknown pid 8
2017-08-07 15:13:26,613 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
2017-08-07 15:13:26,614 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,624 DEBG 'deluge-script' stdout output:
[info] Deluge config file already exists, skipping copy
2017-08-07 15:13:26,625 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid
2017-08-07 15:13:26,625 DEBG 'deluge-script' stdout output:
[debug] Waiting for valid IP address from tunnel...
2017-08-07 15:13:26,635 DEBG 'privoxy-script' stdout output:
[debug] Waiting for valid IP address from tunnel...
2017-08-07 15:13:26,710 DEBG 'start-script' stdout output:
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="4" [2]="12" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.12(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_PRIVOXY=yes
EUID=0
)
HOME=/home/nobody
HOSTNAME=683e339df547
HOSTTYPE=x86_64
HOST_OS=unRAID
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.1.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=<DNS-of-VPN-Provider>
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=100
PIPESTATUS=([0]="0")
PPID=7
PS4='+ '
PUID=99
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=no
STRONG_CERTS=no
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
TZ=Europe/Berlin
UID=0
0
VPN_CONFIG=/config/openvpn/myvpnprovider_linux.ovpn
VPN_DEVICE_TYPE=tun
VPN_ENABLED=yes
VPN_OPTIONS=
VPN_PASS=password
VPN_PORT=1197
VPN_PROTOCOL=udp
VPN_PROV=custom
VPN_REMOTE=cc.myvpnprovider.net
VPN_USER=username
_='[debug] Environment variables defined as follows'
exit_code_chmod=0
exit_code_chown=0
[debug] Directory listing of files in /config/openvpn as follows
2017-08-07 15:13:26,755 DEBG 'start-script' stdout output:
total 32
drwxrwxrwx 1 nobody users 174 Aug 7 13:58 .
drwxrwxr-x 1 nobody users 274 Aug 7 14:36 ..
-rwxrwxrwx 1 nobody users 6296 Aug 7 13:25 ca.crt
-rwxrwxrwx 1 nobody users 18 Aug 7 13:58 credentials.conf
-rwxrwxrwx 1 nobody users 2202 Aug 7 13:25 crl.pem
-rwxrwxrwx 1 nobody users 1521 Aug 7 13:25 myvpnprovider.crt
-rwxrwxrwx 1 nobody users 1704 Aug 7 13:25 myvpnprovider.key
-rwxrwxrwx 1 nobody users 435 Aug 7 13:58 myvpnprovider_linux.ovpn
-rwxrwxrwx 1 nobody users 1301 Aug 7 13:25 update-resolv-conf
2017-08-07 15:13:26,756 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/myvpnprovider_linux.ovpn
2017-08-07 15:13:26,770 DEBG 'start-script' stderr output:
dos2unix:
2017-08-07 15:13:26,770 DEBG 'start-script' stderr output:
converting file /config/openvpn/myvpnprovider_linux.ovpn to Unix format...
2017-08-07 15:13:26,838 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/myvpnprovider_linux.ovpn as follows...
2017-08-07 15:13:26,840 DEBG 'start-script' stdout output:
client
pull-filter ignore "route-ipv6"
pull-filter ignore "ifconfig-ipv6"
cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
comp-lzo
verb 3
remote-cert-tls server
script-security 2
t
cert myvpnprovider.crt
key myvpnprovider.key
crl-verify crl.pem
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
2017-08-07 15:13:26,864 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1
2017-08-07 15:13:26,872 DEBG 'start-script' stdout output:
[info] Adding <DNS-of-VPN-Provider> to /etc/resolv.conf
2017-08-07 15:13:26,872 DEBG 'start-script' stdout output:
[debug] Show name servers defined for container
2017-08-07 15:13:26,873 DEBG 'start-script' stdout output:
nameserver <DNS-of-VPN-Provider>
2017-08-07 15:13:26,873 DEBG 'start-script' stdout output:
[debug] Show name resolution for VPN endpoint cc.myvpnprovider.net
2017-08-07 15:13:26,944 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 49260
;; flags: qr tc rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; cc.myvpnprovider.net.    IN    A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 53 msec
;; SERVER: <DNS-of-VPN-Provider>
;; WHEN: Mon Aug 7 15:13:26 2017
;; MSG SIZE rcvd: 36
;; WARNING: The answer packet was truncated; you might want to
;; query again with TCP (-t argument), or EDNS0 (-b for buffer size)
2017-08-07 15:13:26,957 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0
2017-08-07 15:13:26,958 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------
2017-08-07 15:13:26,959 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.11
192.168.1.0/24 via 172.17.0.1 dev eth0
--------------------
[debug] Modules currently loaded for kernel
2017-08-07 15:13:26,983 DEBG 'start-script' stdout output:
Module Size Used by
xt_CHECKSUM 1335 1
ipt_REJECT 1521 2
nf_reject_ipv4 2483 1 ipt_REJECT
ebtable_filter 1903 0
ebtables 14552 1 ebtable_filter
vhost_net 9091 0
vhost 19681 1 vhost_net
macvtap 11622 1 vhost_net
tun 19304 18 vhost_net
iptable_mangle 1658 2
macvlan 12389 1 macvtap
xt_nat 1913 26
veth 4966 0
ipt_MASQUERADE 1277 23
nf_nat_masquerade_ipv4 1865 1 ipt_MASQUERADE
iptable_nat 1897 3
nf_conntrack_ipv4 5874 20
nf_nat_ipv4 4199 1 iptable_nat
iptable_filter 1706 3
ip_tables 9853 3 iptable_mangle,iptable_filter,iptable_nat
nf_nat 11145 3 xt_nat,nf_nat_masquerade_ipv4,nf_nat_ipv4
md_mod 36700 8
kvm_amd 2151758 0
kvm 289949 1 kvm_amd
k10temp 2996 0
mpt3sas 168061 11
pata_atiixp 4691 0
i2c_piix4 9140 0
raid_class 3380 1 mpt3sas
i2c_core 20390 1 i2c_piix4
atl1e 25028 0
scsi_transport_sas 21714 1 mpt3sas
wmi 6548 0
asus_atk0110 7122 0
acpi_cpufreq 7054 1
2017-08-07 15:13:26,991 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables
2017-08-07 15:13:27,005 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0
2017-08-07 15:13:27,010 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.11
2017-08-07 15:13:27,020 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0
2017-08-07 15:13:27,040 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16
2017-08-07 15:13:27,337 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------
2017-08-07 15:13:27,340 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1197 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1197 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
2017-08-07 15:13:27,342 DEBG 'start-script' stdout output:
--------------------
[debug] OpenVPN command line '/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --daemon --dev tun0 --remote cc.myvpnprovider.net 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf'
[info] Starting OpenVPN...
2017-08-07 15:13:27,539 DEBG 'start-script' stdout output:
[info] OpenVPN started
[debug] Waiting for valid IP address from tunnel...

 

Link to comment
2 minutes ago, Darkguy said:

 

Sure, there you go, thanks!

 


Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/
2017-08-07 15:13:22.633365 [info] Host is running unRAID
2017-08-07 15:13:22.683157 [info] System information Linux 683e339df547 4.9.30-unRAID #1 SMP PREEMPT Fri May 26 13:56:36 PDT 2017 x86_64 GNU/Linux
2017-08-07 15:13:22.753417 [info] PUID defined as '99'
2017-08-07 15:13:22.834103 [info] PGID defined as '100'
2017-08-07 15:13:23.279725 [info] UMASK defined as '000'
2017-08-07 15:13:23.327588 [info] Permissions already set for volume mappings
2017-08-07 15:13:23.427337 [info] VPN_ENABLED defined as 'yes'
2017-08-07 15:13:23.479148 [info] VPN_PROV defined as 'custom'
2017-08-07 15:13:23.544305 [info] VPN_REMOTE defined as 'cc.myvpnprovider.net'
2017-08-07 15:13:23.592989 [info] VPN_PORT defined as '1197'
2017-08-07 15:13:23.641179 [info] VPN_PROTOCOL defined as 'udp'
2017-08-07 15:13:23.691185 [info] LAN_NETWORK defined as '192.168.1.0/24'
2017-08-07 15:13:23.742468 [info] NAME_SERVERS defined as '<DNS-of-VPN-Provider>'
2017-08-07 15:13:23.790667 [info] VPN_USER defined as 'username'
2017-08-07 15:13:23.839399 [info] VPN_PASS defined as 'password'
2017-08-07 15:13:23.892156 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-08-07 15:13:23.962749 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2017-08-07 15:13:24.013515 [info] ENABLE_PRIVOXY defined as 'yes'
2017-08-07 15:13:24.056767 [info] Setting permissions on files/folders inside container...
2017-08-07 15:13:24.152373 [info] Starting Supervisor...
2017-08-07 15:13:25,585 CRIT Set uid to user 0
2017-08-07 15:13:25,585 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2017-08-07 15:13:25,590 INFO supervisord started with pid 7
2017-08-07 15:13:26,593 INFO spawned: 'start-script' with pid 109
2017-08-07 15:13:26,595 INFO spawned: 'deluge-script' with pid 110
2017-08-07 15:13:26,598 INFO spawned: 'deluge-web-script' with pid 111
2017-08-07 15:13:26,601 INFO spawned: 'privoxy-script' with pid 112
2017-08-07 15:13:26,602 INFO reaped unknown pid 8
2017-08-07 15:13:26,613 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
2017-08-07 15:13:26,614 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,614 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-07 15:13:26,624 DEBG 'deluge-script' stdout output:
[info] Deluge config file already exists, skipping copy
2017-08-07 15:13:26,625 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid
2017-08-07 15:13:26,625 DEBG 'deluge-script' stdout output:
[debug] Waiting for valid IP address from tunnel...
2017-08-07 15:13:26,635 DEBG 'privoxy-script' stdout output:
[debug] Waiting for valid IP address from tunnel...
2017-08-07 15:13:26,710 DEBG 'start-script' stdout output:
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="4" [2]="12" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.12(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_PRIVOXY=yes
EUID=0
)
HOME=/home/nobody
HOSTNAME=683e339df547
HOSTTYPE=x86_64
HOST_OS=unRAID
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.1.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=<DNS-of-VPN-Provider>
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=100
PIPESTATUS=([0]="0")
PPID=7
PS4='+ '
PUID=99
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=no
STRONG_CERTS=no
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
TZ=Europe/Berlin
UID=0
0
VPN_CONFIG=/config/openvpn/myvpnprovider_linux.ovpn
VPN_DEVICE_TYPE=tun
VPN_ENABLED=yes
VPN_OPTIONS=
VPN_PASS=password
VPN_PORT=1197
VPN_PROTOCOL=udp
VPN_PROV=custom
VPN_REMOTE=cc.myvpnprovider.net
VPN_USER=username
_='[debug] Environment variables defined as follows'
exit_code_chmod=0
exit_code_chown=0
[debug] Directory listing of files in /config/openvpn as follows
2017-08-07 15:13:26,755 DEBG 'start-script' stdout output:
total 32
drwxrwxrwx 1 nobody users 174 Aug 7 13:58 .
drwxrwxr-x 1 nobody users 274 Aug 7 14:36 ..
-rwxrwxrwx 1 nobody users 6296 Aug 7 13:25 ca.crt
-rwxrwxrwx 1 nobody users 18 Aug 7 13:58 credentials.conf
-rwxrwxrwx 1 nobody users 2202 Aug 7 13:25 crl.pem
-rwxrwxrwx 1 nobody users 1521 Aug 7 13:25 myvpnprovider.crt
-rwxrwxrwx 1 nobody users 1704 Aug 7 13:25 myvpnprovider.key
-rwxrwxrwx 1 nobody users 435 Aug 7 13:58 myvpnprovider_linux.ovpn
-rwxrwxrwx 1 nobody users 1301 Aug 7 13:25 update-resolv-conf
2017-08-07 15:13:26,756 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/myvpnprovider_linux.ovpn
2017-08-07 15:13:26,770 DEBG 'start-script' stderr output:
dos2unix:
2017-08-07 15:13:26,770 DEBG 'start-script' stderr output:
converting file /config/openvpn/myvpnprovider_linux.ovpn to Unix format...
2017-08-07 15:13:26,838 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/myvpnprovider_linux.ovpn as follows...
2017-08-07 15:13:26,840 DEBG 'start-script' stdout output:
client
pull-filter ignore "route-ipv6"
pull-filter ignore "ifconfig-ipv6"
cipher AES-256-CBC
resolv-retry infinite
nobind
persist-key
comp-lzo
verb 3
remote-cert-tls server
script-security 2
t
cert myvpnprovider.crt
key myvpnprovider.key
crl-verify crl.pem
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
2017-08-07 15:13:26,864 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1
2017-08-07 15:13:26,872 DEBG 'start-script' stdout output:
[info] Adding <DNS-of-VPN-Provider> to /etc/resolv.conf
2017-08-07 15:13:26,872 DEBG 'start-script' stdout output:
[debug] Show name servers defined for container
2017-08-07 15:13:26,873 DEBG 'start-script' stdout output:
nameserver <DNS-of-VPN-Provider>
2017-08-07 15:13:26,873 DEBG 'start-script' stdout output:
[debug] Show name resolution for VPN endpoint cc.myvpnprovider.net
2017-08-07 15:13:26,944 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 49260
;; flags: qr tc rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; cc.myvpnprovider.net.    IN    A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 53 msec
;; SERVER: <DNS-of-VPN-Provider>
;; WHEN: Mon Aug 7 15:13:26 2017
;; MSG SIZE rcvd: 36
;; WARNING: The answer packet was truncated; you might want to
;; query again with TCP (-t argument), or EDNS0 (-b for buffer size)
2017-08-07 15:13:26,957 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0
2017-08-07 15:13:26,958 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------
2017-08-07 15:13:26,959 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.11
192.168.1.0/24 via 172.17.0.1 dev eth0
--------------------
[debug] Modules currently loaded for kernel
2017-08-07 15:13:26,983 DEBG 'start-script' stdout output:
Module Size Used by
xt_CHECKSUM 1335 1
ipt_REJECT 1521 2
nf_reject_ipv4 2483 1 ipt_REJECT
ebtable_filter 1903 0
ebtables 14552 1 ebtable_filter
vhost_net 9091 0
vhost 19681 1 vhost_net
macvtap 11622 1 vhost_net
tun 19304 18 vhost_net
iptable_mangle 1658 2
macvlan 12389 1 macvtap
xt_nat 1913 26
veth 4966 0
ipt_MASQUERADE 1277 23
nf_nat_masquerade_ipv4 1865 1 ipt_MASQUERADE
iptable_nat 1897 3
nf_conntrack_ipv4 5874 20
nf_nat_ipv4 4199 1 iptable_nat
iptable_filter 1706 3
ip_tables 9853 3 iptable_mangle,iptable_filter,iptable_nat
nf_nat 11145 3 xt_nat,nf_nat_masquerade_ipv4,nf_nat_ipv4
md_mod 36700 8
kvm_amd 2151758 0
kvm 289949 1 kvm_amd
k10temp 2996 0
mpt3sas 168061 11
pata_atiixp 4691 0
i2c_piix4 9140 0
raid_class 3380 1 mpt3sas
i2c_core 20390 1 i2c_piix4
atl1e 25028 0
scsi_transport_sas 21714 1 mpt3sas
wmi 6548 0
asus_atk0110 7122 0
acpi_cpufreq 7054 1
2017-08-07 15:13:26,991 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables
2017-08-07 15:13:27,005 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0
2017-08-07 15:13:27,010 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.11
2017-08-07 15:13:27,020 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0
2017-08-07 15:13:27,040 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16
2017-08-07 15:13:27,337 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------
2017-08-07 15:13:27,340 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1197 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1197 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
2017-08-07 15:13:27,342 DEBG 'start-script' stdout output:
--------------------
[debug] OpenVPN command line '/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/myvpnprovider_linux.ovpn --daemon --dev tun0 --remote cc.myvpnprovider.net 1197 --proto udp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --setenv DEBUG true --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --auth-user-pass credentials.conf'
[info] Starting OpenVPN...
2017-08-07 15:13:27,539 DEBG 'start-script' stdout output:
[info] OpenVPN started
[debug] Waiting for valid IP address from tunnel...

 

 

is this the last line in the log?, have you waited a couple of mins to make sure nothing else is shown?. i would expect to see the output from openvpn at the end at the very least.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.