[Support] binhex - DelugeVPN


Recommended Posts

5 minutes ago, Darkguy said:

 

Sorry, that's it - nothing more happening here. :(

 

ok one interesting problem, it looks like name resolution isnt working:-

 

;; flags: qr tc rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

so this performs a name server lookup for your vpn_remote, you can see a single query but no answer is returned, so it cannot resolve the name.

 

this is most probably due to the fact that your vpn provider will only allow you to use their name servers when you have a vpn ip address, you cant use their name servers until this is established, its a bit of a catch 22 im afraid.

 

in any case change the value for NAME_SERVERS to either your isp's name servers, or google's name servers, this will probably fix your issue.

Link to comment
On 31/07/2017 at 1:32 PM, binhex said:

Hi guys, so an important change is coming to this VPN docker image (and others in time - staggered change), in short i will be dropping the ability to configure the remote endpoint, tunnel device type, port, protocol and strong certs, instead the image will parse the ovpn file and use the values from the ovpn file.

 

Why am i doing this change?

1. less for the user to get wrong - if there are less env variables then hopefully there will be less chance of misconfiguration, im still seeing a fair bit of this happening.

2. less chance of mismatched configuration for endpoints - for certain vpn providers they require different ovpn options depending on the endpoint your connecting to, this will reduce this happening by forcing the user to download the correct ovpn file from the provider.

3. changes to port and/or certs wont break the image - currently i bake in the PIA ovpn file and cert, whilst this is convenient for the end user it also means any changes to either of these files breaks the image, thus a decision to push the responsibility of this back to the user is another reason to drop env vars.

4. No re-creation of Docker container - whilst this isnt a hassle for unraid users as we have a web ui (dynamix) to do this for us, for other users this is a big hassle, being able to switch endpoint by simply dropping in a new ovpn file is actually more convenient.

 

It does of course come with a couple of disadvantages:-

1. possible breakage during the switch over - im testing this right now and will be trying my hardest to not break any existing configuration, the aim of this is for you not to really notice the change, until of course you attempt to use the env vars to change your endpoint and discover it no longer does anything :-) (see below)

2. switching endpoint for PIA users is slightly more tricky - so when wanting to switch endpoint for PIA an end user would have to download the ovpn file for the endpoint they want to connect to, as opposed to just modifying the env var, which in some cases maybe taken as a disadvantage (slower, maybe?), but it would be relatively easy to keep a library of ovpn files and just drop in what you want to use or even edit the existing file, so its not too onerous.

 

So what do YOU have to do? - in short nothing, i have code in the latest release that ive just built that will sync up your env vars to the ovpn file, so when the final change occurs you shouldn't notice any changes, it should still connect to the same endpoint with the same port and protocol, After the date below if you wish to switch endpoint you will need to drop in the correct ovpn file (or edit it) to point at the endpoint you want to switch to, if you switch provider then you will need to download the ovpn file and all referenced certs, keys, etc.

 

So when is this happening? - the switch over to using ovpn parsing only will be the end of this week

 

And its done!, the next image pulled down will use parsing and NOT the env var's

Link to comment
18 hours ago, binhex said:

 

in any case change the value for NAME_SERVERS to either your isp's name servers, or google's name servers, this will probably fix your issue.

 

I was wrong about the DNS, that actually did the trick.

 

I found out what the problem was, I'm not sure if it is a bug or a feature of your container though: When VPN is disabled in the container's properties, my ISP's DNS (probably puled from unRAID) were being written into /etc/resolv.conf, so everything worked fine with the manual connection; when VPN was enabled in the container, the DNS I put there (my VPN provider's supposedly public but not working one) was being written into /etc/resolv.conf and thus led to the behavior described above - and your were spot on about noticing problems with the DNS.

 

So the question is, should the DNS server variable in the container's properties always get written into /etc/resolv.conf, whether VPN is being enabled or not, or only, when VPN is being enabled?

 

Same thing also is true for activ's Transmission container, btw, as I was/am actually using that one (I might switch over to Deluge, but thus far I got everything set up to work with Transmission, so I'll stick with it for the time being)

 

Thanks again for the quick help!

Edited by Darkguy
Link to comment
On 08/08/2017 at 9:30 AM, Darkguy said:

So the question is, should the DNS server variable in the container's properties always get written into /etc/resolv.conf, whether VPN is being enabled or not, or only, when VPN is being enabled?

 

As the only real need to change the name servers your pointing at is to prevent isp tracking i see no real advantage in doing this if you dont have a vpn tunnel running (as all your traffic is viewable by your isp then), so i think it's fine as it is.

Link to comment
22 hours ago, saatalir said:

If anybody could make a short tutorial on how exactly to configure Deluge with PIA vpn it would be awesome.

I just can not get it to work in conjunction with the vpn for the life of me!

Sadly I  found this lovely tutorial which is no longer valid

 

 

 

 

this is rough and ready, needs some refinement but here ya go, this is going to get included in my FAQ.

docker_faq1.txt

Link to comment
1 hour ago, wgstarks said:
Was reading through this and realized maybe I have my docker configured wrong. If I'm using PIA Netherlands, should I have strict port forwarding set to yes?

Yes, if you want to ensure you attempt to ALWAYS have a working incoming port then this is the way to go, if you dont have this set then if it fails to get a incoming port it will just warn about this in the log and carry on regardless with a non workking incoming port.

Sent from my SM-G935F using Tapatalk
 

Edited by binhex
Link to comment

I'm trying to set up DelugeVPN on Ubuntu 16.04.3 LTS server. I use PIA. I set up the invocation command like so:

 

sudo docker run -d \
>     --cap-add=NET_ADMIN \
>     -p 8112:8112 \
>     -p 8118:8118 \
>     -p 58846:58846 \
>     -p 58946:58946 \
>     --name=delugevpn \
>     -v /apps/docker/deluge/data:/data \
>     -v /apps/docker/deluge/config:/config \
>     -v /etc/localtime:/etc/localtime:ro \
>     -e VPN_ENABLED=yes \
>     -e VPN_USER=[Username] \
>     -e VPN_PASS=[Password] \
>     -e VPN_PROV=pia \
>     -e VPN_PORT=1198 \
>     -e VPN_REMOTE=us-east.privateinternetaccess.com \
>     -e VPN_PROTOCOL=udp \
>     -e STRICT_PORT_FORWARD=yes \
>     -e ENABLE_PRIVOXY=yes \
>     -e LAN_NETWORK=192.168.1.0/24 \
>     -e NAME_SERVERS=8.8.8.8,8.8.4.4 \
>     -e DEBUG=false \
>     -e UMASK=000 \
>     -e PUID=0 \
>     -e PGID=0 \
>     binhex/arch-delugevpn

 

However, every time I try to run it, it crashes and the log tells me that an "opevpn configuration file" is missing. Do I need to create some kind of OpenVPN config file before I start the program up? Thanks!

Link to comment
I'm trying to set up DelugeVPN on Ubuntu 16.04.3 LTS server. I use PIA. I set up the invocation command like so:
 
sudo docker run -d \
>     --cap-add=NET_ADMIN \
>     -p 8112:8112 \
>     -p 8118:8118 \
>     -p 58846:58846 \
>     -p 58946:58946 \
>     --name=delugevpn \
>     -v /apps/docker/deluge/data:/data \
>     -v /apps/docker/deluge/config:/config \
>     -v /etc/localtime:/etc/localtime:ro \
>     -e VPN_ENABLED=yes \
>     -e VPN_USER=[username] \
>     -e VPN_PASS=[Password] \
>     -e VPN_PROV=pia \
>     -e VPN_PORT=1198 \
>     -e VPN_REMOTE=us-east.privateinternetaccess.com \
>     -e VPN_PROTOCOL=udp \
>     -e STRICT_PORT_FORWARD=yes \
>     -e ENABLE_PRIVOXY=yes \
>     -e LAN_NETWORK=192.168.1.0/24 \
>     -e NAME_SERVERS=8.8.8.8,8.8.4.4 \
>     -e DEBUG=false \
>     -e UMASK=000 \
>     -e PUID=0 \
>     -e PGID=0 \
>     binhex/arch-delugevpn
 
However, every time I try to run it, it crashes and the log tells me that an "opevpn configuration file" is missing. Do I need to create some kind of OpenVPN config file before I start the program up? Thanks!
Yes you need to download your VPN providers openvpn configuration and certs from their website

Sent from my SM-G935F using Tapatalk

Link to comment

Hello,

 

I seem to have a strange problem. Before the recent change to configuring the VPN automatically, I was able to connect to my VPN provider over TCP. Now it appears that I can only connect over UDP with DNS in the ovpn file. UDP seems to work as expected, but it's just much slower. 

 

the address for both is the following, and resolve to the same IP.

<location>-ovpn-tcp.<VPN Provider>.net

<location>-ovpn-udp.<VPN Provider>.net

 

I'm able to ping both the of those from my desktop. 

I've tried different DNS options. 8.8.8.8, 80.80.80.80, 8.8.4.4...

 

When I manually enter in the IP of the address in the ovpn file, it will connect. 

 

Here's portion of the supervisord.log when trying to connect with TCP.

Quote

2017-08-12 11:13:40,764 DEBG 'start-script' stdout output:
Sat Aug 12 11:13:40 2017 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

Sat Aug 12 11:13:40 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2017-08-12 11:13:40,764 DEBG 'start-script' stdout output:
Sat Aug 12 11:13:40 2017 RESOLVE: Cannot resolve host address: <location>-ovpn-tcp.<VPN Provider>.net:80 (Name or service not known)

2017-08-12 11:13:40,765 DEBG 'start-script' stdout output:
Sat Aug 12 11:13:40 2017 RESOLVE: Cannot resolve host address: <location>-ovpn-tcp.<VPN Provider>.net:80 (Name or service not known)
Sat Aug 12 11:13:40 2017 Could not determine IPv4/IPv6 protocol
Sat Aug 12 11:13:40 2017 SIGHUP[soft,init_instance] received, process restarting

2017-08-12 11:13:40,765 DEBG 'start-script' stdout output:
Sat Aug 12 11:13:40 2017 WARNING: file '<KEY NAME>.key' is group or others accessible


2017-08-12 11:13:40,765 DEBG 'start-script' stdout output:
Sat Aug 12 11:13:40 2017 WARNING: file 'credentials.conf' is group or others accessible

Sat Aug 12 11:13:40 2017 OpenVPN 2.4.1 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2017
Sat Aug 12 11:13:40 2017 library versions: OpenSSL 1.1.0e 16 Feb 2017, LZO 2.10

 

It's not a huge deal, that I'm unable to get the DNS to work for TCP, since I can enter in the IP, it'll just be annoying if/when it changes.

 

I just found it odd, and was wondering if anyone had any thoughts on this?

Edited by klhutchins
Link to comment

Finally got deluge setup in unraid and im really digging the integration.

I have my PIA account setup and ive added the openvpn file but im suffering from terrrrible download speeds.  I have a 300Mb/s line, but whatever download i try, I cant get over 1Mb/s in deluge.  At first I was only getting 50kiB/s so i deleted all but two network servers in the openvpn file that i know i can get good speeds with.  Thats brought me up to 700kiB/s, but thats still horribly slow.

Now, it seems like deluge chooses a random incoming port everytime it starts, so port forwarding has been a hassle...regardless, I try to forward the port it chooses on start but it hasnt affected my speeds.

Does anyone have some recommendations or suggestions on what i could try or what settings to change to increase my download speeds to something acceptable?  TBH, im ok with with even half my bandwidth getting something like 10 to 15MB/s, but 500-700kiB/s is atrocious lol.

Any help?

Link to comment

First of all you shouldn't be forwarding incoming ports on your router. When you're on a VPN connection the port forwarding must be done on the VPN provider side, not yours. Second, this container does all the "port forwarding" for you if you're using PIA. The only thing you have to do is choose on of the end points that allows port forwarding. The Netherlands would be a good choice I think. I've tried a few VPN providers but the one thing that has been common for all of them is that you get the best speed from the Netherlands, don't ask me why.

 

Third, you could be suffering from "ISP throttling". Where I live some ISP are throttling VPN UDP connectiions, again don't ask me why. If that is the case it can help if you connect over a TCP port instead. Been a while since I've used PIA, but I believe you can choose to connect over TCP, at least you could when I was a member.

Link to comment

I am trying to set up PIA VPN in this container on unRAID

 I have the following files in the /openvpn/ folder (from this download https://www.privateinternetaccess.com/openvpn/openvpn.zip)

  • ca.rsa.2048.crt 
  • crl.rsa.2048.pem
  • Netherlands.ovpn

I can not connect to the webUI when the VPN is enabled. I get this error in the logs

Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: auth-user-pass (2.4.1)

I noticed the credentials.conf has en extra line after the passwords


Let me know if you need more information

Screenshot_5.png

Screenshot_6.png

Link to comment
14 minutes ago, strike said:

Well, something is obviously wrong with the username an/or password. What happens if you delete that extra line? Are your sure the username/password is correct? Do you have any special characters in the username/password? 

im using the username that PIA emailed me and I changed my password to have no special characters into it. I can connect to the VPN on their client with my login 
I have deleted the extra line and restart the service but it gets readded every time

Link to comment

Then I don't know, better wait for the expert. But one thing you can do is to edit the container and set the debug variable to true, before you start the container again delete the supervisord.log in config, start the container and let it run a few min, then post the log here.

 

Edit: Be sure to remove your username/password

Edited by strike
Link to comment

Hope this helps

supervisord.log

Created by...
___.   .__       .__                   
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    < 
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2017-08-13 23:21:41.071199 [info] Host is running unRAID
2017-08-13 23:21:41.089571 [info] System information Linux 6e3d6ed4dff2 4.9.30-unRAID #1 SMP PREEMPT Fri May 26 13:56:36 PDT 2017 x86_64 GNU/Linux
2017-08-13 23:21:41.110010 [info] PUID defined as '99'
2017-08-13 23:21:41.132709 [info] PGID defined as '100'
2017-08-13 23:21:41.163620 [info] UMASK defined as '000'
2017-08-13 23:21:41.185677 [info] Permissions already set for volume mappings
2017-08-13 23:21:41.213658 [info] VPN_ENABLED defined as 'yes'
2017-08-13 23:21:41.242142 [info] VPN config file (ovpn extension) is located at /config/openvpn/Netherlands.ovpn
dos2unix: converting file /config/openvpn/Netherlands.ovpn to Unix format...
2017-08-13 23:21:41.267883 [info] VPN remote line defined as 'nl.privateinternetaccess.com 1198'
2017-08-13 23:21:41.289354 [info] VPN_REMOTE defined as 'nl.privateinternetaccess.com'
2017-08-13 23:21:41.313156 [info] VPN_PORT defined as '1198'
2017-08-13 23:21:41.334032 [info] VPN_PROTOCOL defined as 'udp'
2017-08-13 23:21:41.355644 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-08-13 23:21:41.375708 [info] VPN_PROV defined as 'pia'
2017-08-13 23:21:41.401162 [info] LAN_NETWORK defined as '10.1.10.0/24'
2017-08-13 23:21:41.419257 [info] NAME_SERVERS defined as '8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177'
2017-08-13 23:21:41.437292 [info] VPN_USER defined as 'redacted'
2017-08-13 23:21:41.457862 [info] VPN_PASS defined as 'redacted'
2017-08-13 23:21:41.476099 [warn] VPN_INCOMING_PORT not defined (via -e VPN_INCOMING_PORT), downloads may be slow
2017-08-13 23:21:41.498699 [info] VPN_OPTIONS defined as 'nl.privateinternetaccess.com'
2017-08-13 23:21:41.518157 [info] STRICT_PORT_FORWARD defined as 'yes'
2017-08-13 23:21:41.536087 [info] ENABLE_PRIVOXY defined as 'yes'
2017-08-13 23:21:41.552364 [info] Setting permissions on files/folders inside container...
2017-08-13 23:21:41.570900 [info] Starting Supervisor...
2017-08-13 23:21:41,727 CRIT Set uid to user 0
2017-08-13 23:21:41,727 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2017-08-13 23:21:41,728 INFO supervisord started with pid 7
2017-08-13 23:21:42,730 INFO spawned: 'start-script' with pid 131
2017-08-13 23:21:42,731 INFO spawned: 'deluge-script' with pid 132
2017-08-13 23:21:42,732 INFO spawned: 'deluge-web-script' with pid 133
2017-08-13 23:21:42,733 INFO spawned: 'privoxy-script' with pid 134
2017-08-13 23:21:42,733 INFO reaped unknown pid 8
2017-08-13 23:21:42,736 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()

2017-08-13 23:21:42,736 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-13 23:21:42,736 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-13 23:21:42,736 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-13 23:21:42,736 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-08-13 23:21:42,736 DEBG 'start-script' stdout output:
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="4" [2]="12" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.12(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_PRIVOXY=yes
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=6e3d6ed4dff2
HOSTTYPE=x86_64
HOST_OS=unRAID
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=10.1.10.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=100
PIPESTATUS=([0]="0")
PPID=7
PS4='+ '
PUID=99
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=yes
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
TZ=America/New_York
UID=0
UMASK=000
VPN_CONFIG=/config/openvpn/Netherlands.ovpn
VPN_DEVICE_TYPE=tun
VPN_ENABLED=yes
VPN_INCOMING_PORT=
VPN_OPTIONS=nl.privateinternetaccess.com
VPN_PASS=redacted
VPN_PORT=1198
VPN_PROTOCOL=udp
VPN_PROV=pia
VPN_REMOTE=nl.privateinternetaccess.com
VPN_USER=redacted
_='[debug] Environment variables defined as follows'
vpn_remote_line='nl.privateinternetaccess.com 1198'
[debug] Directory listing of files in /config/openvpn as follows

2017-08-13 23:21:42,737 DEBG 'deluge-script' stdout output:
[info] Deluge config file already exists, skipping copy

2017-08-13 23:21:42,737 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2017-08-13 23:21:42,737 DEBG 'deluge-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2017-08-13 23:21:42,740 DEBG 'start-script' stdout output:
total 16
drwxrwxr-x 1 nobody users  121 Aug 13 23:21 .
drwxrwxr-x 1 nobody users  318 Aug 13 23:21 ..
-rwxrwxr-x 1 nobody users 2025 Feb  6  2017 ca.rsa.2048.crt
-rwxrwxr-x 1 nobody users   24 Aug 13 23:21 credentials.conf
-rwxrwxr-x 1 nobody users  869 Feb  6  2017 crl.rsa.2048.pem
-rwxrwxr-x 1 nobody users  277 Aug 13 23:21 Netherlands.ovpn

2017-08-13 23:21:42,745 DEBG 'privoxy-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2017-08-13 23:21:42,753 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/Netherlands.ovpn as follows...

2017-08-13 23:21:42,753 DEBG 'start-script' stdout output:
client
dev tun
proto udp
remote nl.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass credentials.conf
comp-lzo
verb 1
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ

2017-08-13 23:21:42,756 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2017-08-13 23:21:42,758 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf

2017-08-13 23:21:42,760 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2017-08-13 23:21:42,762 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf

2017-08-13 23:21:42,764 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2017-08-13 23:21:42,822 DEBG 'start-script' stdout output:
[debug] Show name servers defined for container

2017-08-13 23:21:42,822 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 37.235.1.174
nameserver 8.8.4.4
nameserver 37.235.1.177

2017-08-13 23:21:42,822 DEBG 'start-script' stdout output:
[debug] Show name resolution for VPN endpoint nl.privateinternetaccess.com

2017-08-13 23:21:42,872 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 36644
;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; nl.privateinternetaccess.com.	IN	A

;; ANSWER SECTION:
nl.privateinternetaccess.com.	255	IN	A	46.166.190.245
nl.privateinternetaccess.com.	255	IN	A	46.166.137.219
nl.privateinternetaccess.com.	255	IN	A	185.107.44.39
nl.privateinternetaccess.com.	255	IN	A	46.166.190.225
nl.privateinternetaccess.com.	255	IN	A	109.201.152.242
nl.privateinternetaccess.com.	255	IN	A	46.166.188.229
nl.privateinternetaccess.com.	255	IN	A	46.166.137.220
nl.privateinternetaccess.com.	255	IN	A	109.201.154.205
nl.privateinternetaccess.com.	255	IN	A	46.166.138.155
nl.privateinternetaccess.com.	255	IN	A	46.166.186.238
nl.privateinternetaccess.com.	255	IN	A	109.201.154.156
nl.privateinternetaccess.com.	255	IN	A	46.166.137.231
nl.privateinternetaccess.com.	255	IN	A	109.201.154.176

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 48 msec
;; SERVER: 8.8.8.8
;; WHEN: Sun Aug 13 23:21:42 2017
;; MSG SIZE  rcvd: 254

2017-08-13 23:21:42,872 DEBG 'start-script' stdout output:
[debug] Show contents of hosts file

2017-08-13 23:21:42,872 DEBG 'start-script' stdout output:
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.9	6e3d6ed4dff2
109.201.154.176	nl.privateinternetaccess.com

2017-08-13 23:21:42,874 DEBG 'start-script' stdout output:
[info] Adding 10.1.10.0/24 as route via docker eth0

2017-08-13 23:21:42,875 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2017-08-13 23:21:42,875 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0 
10.1.10.0/24 via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.9 

2017-08-13 23:21:42,875 DEBG 'start-script' stdout output:
--------------------
[debug] Modules currently loaded for kernel

2017-08-13 23:21:42,876 DEBG 'start-script' stdout output:
Module                  Size  Used by
tun                    19304  0
md_mod                 36700  2
xt_nat                  1913  15
veth                    4966  0
ipt_MASQUERADE          1277  16
nf_nat_masquerade_ipv4     1865  1 ipt_MASQUERADE
iptable_nat             1897  1
nf_conntrack_ipv4       5874  2
nf_nat_ipv4             4199  1 iptable_nat
iptable_filter          1706  2
ip_tables               9853  2 iptable_filter,iptable_nat
nf_nat                 11145  3 xt_nat,nf_nat_masquerade_ipv4,nf_nat_ipv4
e1000e                143207  0
igb                   128723  0
ptp                     9308  2 igb,e1000e
pps_core                5928  1 ptp
i2c_algo_bit            4752  1 igb
x86_pkg_temp_thermal     4669  0
coretemp                5340  0
kvm_intel             160551  0
kvm                   289949  1 kvm_intel
i2c_i801               11888  0
i2c_smbus               3041  1 i2c_i801
ahci                   26326  4
i2c_core               20390  4 i2c_algo_bit,igb,i2c_i801,i2c_smbus
libahci                19716  1 ahci
video                  27138  0
backlight               5833  1 video

2017-08-13 23:21:42,878 DEBG 'start-script' stdout output:
[warn] 'iptable_mangle' kernel module not available, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN
[info] unRAID users: Please attempt to load the module by executing the following on your host:- '/sbin/modprobe iptable_mangle'
[info] Ubuntu users: Please attempt to load the module by executing the following on your host:- '/sbin/modprobe iptable_mangle'
[info] Synology users: Please attempt to load the module by executing the following on your host:- 'insmod /lib/modules/iptable_mangle.ko'

2017-08-13 23:21:42,881 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0

2017-08-13 23:21:42,883 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.9

2017-08-13 23:21:42,885 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0

2017-08-13 23:21:42,889 DEBG 'start-script' stdout output:
[info] Docker network defined as    172.17.0.0/16

2017-08-13 23:21:42,917 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2017-08-13 23:21:42,918 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 10.1.10.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 10.1.10.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 10.1.10.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 10.1.10.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2017-08-13 23:21:42,918 DEBG 'start-script' stdout output:
--------------------

2017-08-13 23:21:42,918 DEBG 'start-script' stdout output:
[debug] OpenVPN command line:- /usr/bin/openvpn --cd /config/openvpn --config '/config/openvpn/Netherlands.ovpn' --daemon --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV 'pia' --setenv DEBUG 'true' --setenv VPN_DEVICE_TYPE 'tun' --setenv VPN_REMOTE 'nl.privateinternetaccess.com' --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --remap-usr1 SIGHUP --log-append /dev/stdout --setenv STRICT_PORT_FORWARD 'yes' --disable-occ --auth-user-pass credentials.conf 'nl.privateinternetaccess.com'
[info] Starting OpenVPN...

2017-08-13 23:21:42,921 DEBG 'start-script' stdout output:
Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: auth-user-pass (2.4.1)
Use --help for more information.

2017-08-13 23:21:42,922 DEBG 'start-script' stdout output:
[info] OpenVPN started

2017-08-13 23:21:42,922 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2017-08-13 23:22:48,562 WARN received SIGTERM indicating exit request
2017-08-13 23:22:48,563 DEBG killing privoxy-script (pid 134) with signal SIGTERM
2017-08-13 23:22:48,563 INFO waiting for start-script, deluge-script, deluge-web-script, privoxy-script to die
2017-08-13 23:22:48,563 DEBG fd 26 closed, stopped monitoring <POutputDispatcher at 47209332544720 for <Subprocess at 47209333714240 with name privoxy-script in state STOPPING> (stderr)>
2017-08-13 23:22:48,563 DEBG fd 22 closed, stopped monitoring <POutputDispatcher at 47209332544576 for <Subprocess at 47209333714240 with name privoxy-script in state STOPPING> (stdout)>
2017-08-13 23:22:48,563 INFO stopped: privoxy-script (terminated by SIGTERM)
2017-08-13 23:22:48,563 DEBG received SIGCLD indicating a child quit
2017-08-13 23:22:48,563 DEBG killing deluge-web-script (pid 133) with signal SIGTERM
2017-08-13 23:22:48,563 DEBG fd 17 closed, stopped monitoring <POutputDispatcher at 47209332547024 for <Subprocess at 47209333714888 with name deluge-web-script in state STOPPING> (stdout)>
2017-08-13 23:22:48,563 DEBG fd 21 closed, stopped monitoring <POutputDispatcher at 47209332545440 for <Subprocess at 47209333714888 with name deluge-web-script in state STOPPING> (stderr)>
2017-08-13 23:22:48,564 INFO stopped: deluge-web-script (terminated by SIGTERM)
2017-08-13 23:22:48,564 DEBG received SIGCLD indicating a child quit
2017-08-13 23:22:48,564 DEBG killing deluge-script (pid 132) with signal SIGTERM
2017-08-13 23:22:48,564 DEBG fd 16 closed, stopped monitoring <POutputDispatcher at 47209333714168 for <Subprocess at 47209332583888 with name deluge-script in state STOPPING> (stderr)>
2017-08-13 23:22:48,564 DEBG fd 11 closed, stopped monitoring <POutputDispatcher at 47209333712080 for <Subprocess at 47209332583888 with name deluge-script in state STOPPING> (stdout)>
2017-08-13 23:22:48,564 INFO stopped: deluge-script (terminated by SIGTERM)
2017-08-13 23:22:48,564 DEBG received SIGCLD indicating a child quit
2017-08-13 23:22:48,564 DEBG killing start-script (pid 131) with signal SIGTERM
2017-08-13 23:22:48,564 DEBG fd 8 closed, stopped monitoring <POutputDispatcher at 47209333714456 for <Subprocess at 47209333714528 with name start-script in state STOPPING> (stdout)>
2017-08-13 23:22:48,564 DEBG fd 10 closed, stopped monitoring <POutputDispatcher at 47209333713952 for <Subprocess at 47209333714528 with name start-script in state STOPPING> (stderr)>
2017-08-13 23:22:48,564 INFO stopped: start-script (terminated by SIGTERM)
2017-08-13 23:22:48,564 DEBG received SIGCLD indicating a child quit

 

Edited by tethys
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.