[Support] binhex - rTorrentVPN

binhex

By binhex
in Docker Containers

Recommended Posts

Recommended

Posted by binhex,

There has been an issue raised on GitHub related to tracker announce request IP leakage under certain circumstances, after careful review of iptables i have tightened up the rules to prevent this. A new image has now been rolled out for all vpn enabled docker images (25th Feb 2021) i produce with the fix in place, i would encourage everyone to update to the recently created 'latest' tagged image.   You can force the upgrade by toggling 'basic view' to 'advanced view' and then clicking on
Recommended by binhex
  • Thanks

3 reactions

Go to this post
Recommended

Posted by binhex,

Not much, no, i have spent WAY too long trying to improve reliability for this image and its always been flaky AF so i've given up, my advise is to use deluge or qbittorrent, both of which do not crash (in my experience).   Notification - This image is now deprecated, no further images will be produced, locking this thread.
Recommended by JonathanM
  • Confused
  • Thanks

3 reactions

Go to this post
binhex Mentor

binhex

Posted
  • Author
Posted

After having the system working well for a few weeks, I'm suddenly getting "Torrent list not yet available..." in the web interface as well as "No connection to rTorrent" in the web interface log tab. The VPN proxy still works, just the torrent interface is down.

 

I rebooted the container a bunch of times attempting to fix to no avail. Any pointers on where I should look to attempt to resolve?

 

Thanks!

 

if you have updates waiting then pull down the latest docker image, it is possible your running into a bug that has been fixed in the later builds.

Link to comment
  • Replies 3k
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

binhex
binhex

OK guys, multi remote endpoint support is now in for this image please pull down the new image (this change will be rolled out to all my vpn images shortly).   What this means is that the im

Beta
Beta

@binhex Any plans to update this docker now when ruTorrent 4.0.1 is released? Seems like a very nice update from them.

binhex
binhex

its very possible that there was an issue with autodl-irssi at the time of the build (pulls from master branch), and this issue has now been resolved, so subsequent builds are ok, i will create a new

Posted Images

bfeist Apprentice

bfeist

Posted
Posted

After having the system working well for a few weeks, I'm suddenly getting "Torrent list not yet available..." in the web interface as well as "No connection to rTorrent" in the web interface log tab. The VPN proxy still works, just the torrent interface is down.

 

I rebooted the container a bunch of times attempting to fix to no avail. Any pointers on where I should look to attempt to resolve?

 

Thanks!

 

if you have updates waiting then pull down the latest docker image, it is possible your running into a bug that has been fixed in the later builds.

 

Completely killed the container and image and reinstalled. Still no joy.

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

Completely killed the container and image and reinstalled. Still no joy.

 

ok so im going to need the full supervisord.log output located in /config, the contents of any of the config files you might of modified, nginx/rtorrent/php, if you can please attach them then i can take a look.

 

if the above sounds like a lot of hassle and your willing to reconfigure everything again then the alternative is to blow away your /config folder on the host for this container, then restart and it will then reset it back to out of the box, the choice is yours :-).

 

if you have updates waiting then pull down the latest docker image, it is possible your running into a bug that has been fixed in the later builds.

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

Had this same problem happen to me today.....

 

 

It has something to do with the rtorrent session folder....

 

 

I left at 5am headed to work, and according to logs - everything stoped at prox 615 am. 

 

If I delete contents of session folder - restart docker, web interface connection - but have lost all current torrents and have to add them back from saved .torrent files.....

 

 

Myk

 

 

Link to comment
peter_sm Rising Star

peter_sm

Posted
Posted

Hi Binhex

 

Do you know why I got this error at the end of installation ?

 

ab344f289c36: Download complete
ab344f289c36: Pull complete
ab344f289c36: Pull complete
docker: layers from manifest don't match image configuration.
See '/usr/bin/docker run --help'.

The command failed.

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

Hi Binhex

 

Do you know why I got this error at the end of installation ?

 

ab344f289c36: Download complete
ab344f289c36: Pull complete
ab344f289c36: Pull complete
docker: layers from manifest don't match image configuration.
See '/usr/bin/docker run --help'.

The command failed.

In a word no but I've had a couple of people with pull issues as of late so I think I'm going to trigger a rebuild, maybe it's some corruption on docker hub (guess)

 

Sent from my SM-G900F using Tapatalk

 

 

Link to comment
bfeist Apprentice

bfeist

Posted
Posted

Completely killed the container and image and reinstalled. Still no joy.

 

ok so im going to need the full supervisord.log output located in /config, the contents of any of the config files you might of modified, nginx/rtorrent/php, if you can please attach them then i can take a look.

 

if the above sounds like a lot of hassle and your willing to reconfigure everything again then the alternative is to blow away your /config folder on the host for this container, then restart and it will then reset it back to out of the box, the choice is yours :-).

 

if you have updates waiting then pull down the latest docker image, it is possible your running into a bug that has been fixed in the later builds.

 

Ok, here's the supervisord.log (below).

I could happily blow away my /config folder, but I am a long-term seeder. If this kind of thing is likely to happen, then I won't be able to switch my long-term seeding to docker as I had hoped. Might as well just stick with uTorrent in a windows VM (which is what I was hoping to finally get rid of).

 

One thing of note: I just looking at some of the download files of the torrents that were in progress when the gui died (probably a week ago now), they have timestamps as late as last night. I'm tempted to guess that rTorrent itself is still running, but the ruTorrent gui is unable to connect to it.

 

2016-06-11 11:16:06,677 CRIT Set uid to user 0
2016-06-11 11:16:06,677 WARN Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2016-06-11 11:16:06,684 INFO supervisord started with pid 13
2016-06-11 11:16:07,688 INFO spawned: 'start-script' with pid 16
2016-06-11 11:16:07,690 INFO spawned: 'rtorrent-script' with pid 17
2016-06-11 11:16:07,693 INFO spawned: 'webui-script' with pid 18
2016-06-11 11:16:07,696 INFO spawned: 'privoxy-script' with pid 19
2016-06-11 11:16:07,708 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-06-11 11:16:07,708 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-11 11:16:07,708 INFO success: rtorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-11 11:16:07,709 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-11 11:16:07,709 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-11 11:16:07,710 DEBG 'rtorrent-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2016-06-11 11:16:07,712 DEBG 'rtorrent-script' stdout output:
[info] Removing any rtorrent session lock files left over from the previous run...

2016-06-11 11:16:07,721 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-06-11 11:16:07,729 DEBG 'rtorrent-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-06-11 11:16:07,744 DEBG 'start-script' stdout output:
[info] VPN provider defined as pia
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2016-06-11 11:16:07,747 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-06-11 11:16:07,778 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as ca-toronto.privateinternetaccess.com
[info] VPN provider remote port defined as 1194
[info] VPN provider remote protocol defined as udp

2016-06-11 11:16:07,794 DEBG 'start-script' stdout output:
[info] VPN provider username defined as xxx

2016-06-11 11:16:07,809 DEBG 'start-script' stdout output:
[info] VPN provider password defined as xxx

2016-06-11 11:16:07,837 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.42.1

2016-06-11 11:16:07,849 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-06-11 11:16:07,863 DEBG 'start-script' stdout output:
[info] Adding 192.168.0.0/24 as route via docker eth0

2016-06-11 11:16:07,864 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2016-06-11 11:16:07,866 DEBG 'start-script' stdout output:
default via 172.17.42.1 dev eth0 

2016-06-11 11:16:07,867 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0  proto kernel  scope link  src 172.17.0.6 
192.168.0.0/24 via 172.17.42.1 dev eth0 
--------------------

2016-06-11 11:16:07,873 DEBG 'start-script' stdout output:
[info] iptable_mangle module not supported, attempting to load...

2016-06-11 11:16:07,874 DEBG 'start-script' stderr output:
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.1.18-unRAID

2016-06-11 11:16:07,876 DEBG 'start-script' stdout output:
[warn] iptable_mangle module not supported, you will not be able to connect to rTorrent webui or Privoxy outside of your LAN

2016-06-11 11:16:07,971 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-06-11 11:16:07,972 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8118 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8118 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8118 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8118 -j ACCEPT
-A OUTPUT -d 192.168.0.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-06-11 11:16:07,973 DEBG 'start-script' stdout output:
--------------------

2016-06-11 11:16:07,973 DEBG 'start-script' stdout output:
[info] nameservers

2016-06-11 11:16:07,974 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-06-11 11:16:07,974 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...

2016-06-11 11:16:08,012 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:08 2016 OpenVPN 2.3.9 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 24 2015
Sat Jun 11 11:16:08 2016 library versions: OpenSSL 1.0.2f  28 Jan 2016, LZO 2.09
Sat Jun 11 11:16:08 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-06-11 11:16:08,038 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:08 2016 UDPv4 link local: [undef]
Sat Jun 11 11:16:08 2016 UDPv4 link remote: [AF_INET]172.98.67.101:1194

2016-06-11 11:16:08,060 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:08 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

2016-06-11 11:16:08,135 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:08 2016 [Private Internet Access] Peer Connection Initiated with [AF_INET]172.98.67.101:1194

2016-06-11 11:16:10,556 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:10 2016 TUN/TAP device tun0 opened
Sat Jun 11 11:16:10 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Jun 11 11:16:10 2016 /usr/bin/ip link set dev tun0 up mtu 1500

2016-06-11 11:16:10,558 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:10 2016 /usr/bin/ip addr add dev tun0 local 10.147.1.10 peer 10.147.1.9

2016-06-11 11:16:10,567 DEBG 'start-script' stdout output:
Sat Jun 11 11:16:10 2016 Initialization Sequence Completed

2016-06-11 11:16:10,666 DEBG 'privoxy-script' stdout output:
[info] Configuring Privoxy...

2016-06-11 11:16:10,686 DEBG 'rtorrent-script' stdout output:
[info] rTorrent not running, marking as first run

2016-06-11 11:16:10,714 DEBG 'privoxy-script' stdout output:
[info] All checks complete, starting Privoxy...

2016-06-11 11:16:10,718 DEBG 'privoxy-script' stderr output:
2016-06-11 11:16:10.717 2acf1d5f0dc0 Info: Privoxy version 3.0.24
2016-06-11 11:16:10.718 2acf1d5f0dc0 Info: Program name: /usr/bin/privoxy

2016-06-11 11:16:11,636 DEBG 'rtorrent-script' stdout output:
[info] All checks complete, starting rTorrent...

2016-06-11 11:16:11,647 DEBG 'rtorrent-script' stdout output:
Script started, file is /home/nobody/typescript

2016-06-11 11:16:11,691 DEBG 'rtorrent-script' stdout output:
Script done, file is /home/nobody/typescript

2016-06-11 11:16:12,360 DEBG 'webui-script' stdout output:
[info] rtorrent started, setting up webui...

2016-06-11 11:16:12,360 DEBG 'webui-script' stdout output:
[info] Setting PHP timezone to UTC...

2016-06-11 11:16:12,375 DEBG 'webui-script' stdout output:
[info] nginx cert files already exists, skipping copy

2016-06-11 11:16:12,375 DEBG 'webui-script' stdout output:
[info] nginx security file already exists, skipping copy
[info] nginx config file already exists, skipping copy

2016-06-11 11:16:12,377 DEBG 'webui-script' stdout output:
[info] rutorrent conf folder already exists, skipping copy

2016-06-11 11:16:12,379 DEBG 'webui-script' stdout output:
[info] rutorrent share folder already exists, skipping copy

2016-06-11 11:16:12,386 DEBG 'webui-script' stdout output:
[info] rutorrent plugins folder already exists, skipping copy

2016-06-11 11:16:12,506 DEBG 'webui-script' stdout output:
[info] starting php-fpm...

2016-06-11 11:16:12,551 DEBG 'webui-script' stderr output:
[NOTICE] [pool www] 'user' directive is ignored when FPM is not running as root
[NOTICE] [pool www] 'group' directive is ignored when FPM is not running as root

2016-06-11 11:16:12,558 DEBG 'webui-script' stdout output:
[info] starting nginx...

2016-06-11 11:16:26,146 DEBG 'rtorrent-script' stderr output:
PHP Warning:  rename(/usr/share/webapps/rutorrent/share/users/admin/settings/extsearch.dat.tmp,/usr/share/webapps/rutorrent/share/users/admin/settings/extsearch.dat): No such file or directory in /usr/share/webapps/rutorrent/php/cache.php on line 52

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

Just had it happen again ealier this am - when it happens is the only time I get this type of line in my supervisord.log file:

 

2016-06-12 06:17:04,542 DEBG 'start-script' stdout output:
Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

2016-06-12 06:17:05,670 DEBG 'start-script' stdout output:
Sun Jun 12 06:17:05 2016 TLS: soft reset sec=0 bytes=1935611/0 pkts=18561/0

2016-06-12 06:17:05,933 DEBG 'start-script' stdout output:
Sun Jun 12 06:17:05 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]

2016-06-12 06:17:05,933 DEBG 'start-script' stdout output:
Sun Jun 12 06:17:05 2016 Validating certificate key usage
Sun Jun 12 06:17:05 2016 ++ Certificate has key usage  00a0, expects 00a0
Sun Jun 12 06:17:05 2016 VERIFY KU OK
Sun Jun 12 06:17:05 2016 Validating certificate extended key usage
Sun Jun 12 06:17:05 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Jun 12 06:17:05 2016 VERIFY EKU OK
Sun Jun 12 06:17:05 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]

2016-06-12 06:17:06,297 DEBG 'start-script' stdout output:
Sun Jun 12 06:17:06 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Jun 12 06:17:06 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 12 06:17:06 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Jun 12 06:17:06 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 12 06:17:06 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

2016-06-12 06:21:21,074 DEBG 'rtorrent-script' stdout output:
[info] rTorrent not running, marking as first run
[info] All checks complete, starting rTorrent...

2016-06-12 06:21:21,075 DEBG 'rtorrent-script' stdout output:
Script started, file is /home/nobody/typescript

2016-06-12 06:21:21,095 DEBG 'rtorrent-script' stdout output:
Script done, file is /home/nobody/typescript

2016-06-12 06:31:24,386 DEBG 'rtorrent-script' stdout output:
[info] rTorrent not running, marking as first run
[info] All checks complete, starting rTorrent...

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

that is when I get problem - and now have to wipe out the session folder to get it back up

 

 

Aldo the

2016-06-12 06:31:24,386 DEBG 'rtorrent-script' stdout output:[info] rTorrent not running, marking as first run[info] All checks complete, starting rTorrent...

repeats over and over

Myk

supervisord.txt

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

Ok, happened again but this time

 

 

I wanted to change a option in the .rc config file so I selected everything and did a stop - everything looked good

 

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

come back to web interface and it will not connect anymore - am gonna have to wipe the session folder and readd all torrents to get back up and running again....

 

here is supervisord.log showing restart of docker after rtorrent.rc file edit....

 

2016-06-12 12:50:46,135 CRIT Set uid to user 0
2016-06-12 12:50:46,135 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2016-06-12 12:50:46,138 INFO supervisord started with pid 20
2016-06-12 12:50:47,141 INFO spawned: 'start-script' with pid 23
2016-06-12 12:50:47,142 INFO spawned: 'rtorrent-script' with pid 24
2016-06-12 12:50:47,143 INFO spawned: 'webui-script' with pid 25
2016-06-12 12:50:47,144 INFO spawned: 'privoxy-script' with pid 26
2016-06-12 12:50:47,151 DEBG 'rtorrent-script' stdout output:
[info] rTorrent config file already exists, skipping copy


2016-06-12 12:50:47,151 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-12 12:50:47,152 INFO success: rtorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-12 12:50:47,152 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-12 12:50:47,152 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-06-12 12:50:47,153 DEBG 'rtorrent-script' stdout output:
[info] Removing any rtorrent session lock files left over from the previous run...


2016-06-12 12:50:47,153 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN


2016-06-12 12:50:47,153 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid


2016-06-12 12:50:47,155 DEBG 'rtorrent-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid


2016-06-12 12:50:47,160 DEBG 'start-script' stdout output:
[info] VPN provider defined as airvpn
[info] VPN config file (ovpn extension) is located at /config/openvpn/AirVPN_Canada_UDP-443.ovpn


2016-06-12 12:50:47,161 DEBG 'start-script' stdout output:
[info] Env vars not defined for remote host, port and protocol, will parse existing entries from ovpn file...


2016-06-12 12:50:47,187 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as ca.vpn.airdns.org
[info] VPN provider remote port defined as 443
[info] VPN provider remote protocol defined as udp


2016-06-12 12:50:47,198 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1


2016-06-12 12:50:47,205 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...


2016-06-12 12:50:47,214 DEBG 'start-script' stdout output:
[info] Adding 192.168.0.0/24 as route via docker eth0


2016-06-12 12:50:47,215 DEBG 'start-script' stdout output:
[info] ip route defined as follows...


2016-06-12 12:50:47,215 DEBG 'start-script' stdout output:
--------------------


2016-06-12 12:50:47,215 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0  proto kernel  scope link  src 172.17.0.8 


2016-06-12 12:50:47,216 DEBG 'start-script' stdout output:
192.168.0.0/24 via 172.17.0.1 dev eth0 
--------------------


2016-06-12 12:50:47,219 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables


2016-06-12 12:50:47,258 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------


2016-06-12 12:50:47,259 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -d 192.168.0.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT


2016-06-12 12:50:47,260 DEBG 'start-script' stdout output:
--------------------
[info] nameservers


2016-06-12 12:50:47,260 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4


2016-06-12 12:50:47,261 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...


2016-06-12 12:50:47,264 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Sun Jun 12 12:50:47 2016 library versions: OpenSSL 1.0.2h  3 May 2016, LZO 2.09


2016-06-12 12:50:47,264 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 Control Channel Authentication: tls-auth using INLINE static key file
Sun Jun 12 12:50:47 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 12 12:50:47 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication


2016-06-12 12:50:47,265 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 Socket Buffers: R=[212992->212992] S=[212992->212992]


2016-06-12 12:50:47,382 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 UDPv4 link local: [undef]
Sun Jun 12 12:50:47 2016 UDPv4 link remote: [AF_INET]199.19.94.132:443


2016-06-12 12:50:47,499 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 TLS: Initial packet from [AF_INET]199.19.94.132:443, sid=d69307eb 3537baf8


2016-06-12 12:50:47,696 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, [email protected]


2016-06-12 12:50:47,696 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 Validating certificate key usage
Sun Jun 12 12:50:47 2016 ++ Certificate has key usage  00a0, expects 00a0
Sun Jun 12 12:50:47 2016 VERIFY KU OK


2016-06-12 12:50:47,696 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:47 2016 Validating certificate extended key usage
Sun Jun 12 12:50:47 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Jun 12 12:50:47 2016 VERIFY EKU OK
Sun Jun 12 12:50:47 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, [email protected]


2016-06-12 12:50:48,172 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:48 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Jun 12 12:50:48 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 12 12:50:48 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sun Jun 12 12:50:48 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication


2016-06-12 12:50:48,173 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:48 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Jun 12 12:50:48 2016 [server] Peer Connection Initiated with [AF_INET]199.19.94.132:443


2016-06-12 12:50:50,436 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:50 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)


2016-06-12 12:50:50,538 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:50 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.28.151 255.255.0.0'


2016-06-12 12:50:50,538 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: timers and/or timeouts modified
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: LZO parms modified
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: --ifconfig/up options modified
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: route options modified
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: route-related options modified
Sun Jun 12 12:50:50 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Jun 12 12:50:50 2016 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:08


2016-06-12 12:50:50,538 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:50 2016 TUN/TAP device tun0 opened
Sun Jun 12 12:50:50 2016 TUN/TAP TX queue length set to 100
Sun Jun 12 12:50:50 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Jun 12 12:50:50 2016 /usr/bin/ip link set dev tun0 up mtu 1500


2016-06-12 12:50:50,539 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:50 2016 /usr/bin/ip addr add dev tun0 10.4.28.151/16 broadcast 10.4.255.255


2016-06-12 12:50:50,636 DEBG 'privoxy-script' stdout output:
[info] Privoxy set to disabled


2016-06-12 12:50:50,636 DEBG fd 24 closed, stopped monitoring <POutputDispatcher at 47013454332344 for <Subprocess at 47013451411752 with name privoxy-script in state RUNNING> (stderr)>
2016-06-12 12:50:50,636 DEBG fd 20 closed, stopped monitoring <POutputDispatcher at 47013454192584 for <Subprocess at 47013451411752 with name privoxy-script in state RUNNING> (stdout)>
2016-06-12 12:50:50,636 INFO exited: privoxy-script (exit status 0; expected)
2016-06-12 12:50:50,636 DEBG received SIGCLD indicating a child quit
2016-06-12 12:50:50,644 DEBG 'rtorrent-script' stdout output:
[info] rTorrent not running, marking as first run
[info] All checks complete, starting rTorrent...


2016-06-12 12:50:50,645 DEBG 'rtorrent-script' stdout output:
Script started, file is /home/nobody/typescript


2016-06-12 12:50:50,662 DEBG 'rtorrent-script' stdout output:
Script done, file is /home/nobody/typescript


2016-06-12 12:50:50,746 DEBG 'webui-script' stdout output:
[info] rtorrent started, setting up webui...
[info] Setting PHP timezone to AMERICA/DENVER...


2016-06-12 12:50:50,761 DEBG 'webui-script' stdout output:
[info] nginx cert files already exists, skipping copy


2016-06-12 12:50:50,761 DEBG 'webui-script' stdout output:
[info] nginx security file already exists, skipping copy
[info] nginx config file already exists, skipping copy


2016-06-12 12:50:50,762 DEBG 'webui-script' stdout output:
[info] rutorrent conf folder already exists, skipping copy


2016-06-12 12:50:50,762 DEBG 'webui-script' stdout output:
[info] rutorrent share folder already exists, skipping copy


2016-06-12 12:50:50,765 DEBG 'webui-script' stdout output:
[info] rutorrent plugins folder already exists, skipping copy


2016-06-12 12:50:50,785 DEBG 'webui-script' stdout output:
[info] starting php-fpm...


2016-06-12 12:50:50,801 DEBG 'webui-script' stderr output:
[NOTICE] [pool www] 'user' directive is ignored when FPM is not running as root
[NOTICE] [pool www] 'group' directive is ignored when FPM is not running as root


2016-06-12 12:50:50,808 DEBG 'webui-script' stdout output:
[info] starting nginx...


2016-06-12 12:50:55,676 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:55 2016 /usr/bin/ip route add 199.19.94.132/32 via 172.17.0.1


2016-06-12 12:50:55,677 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:55 2016 /usr/bin/ip route add 0.0.0.0/1 via 10.4.0.1


2016-06-12 12:50:55,677 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:55 2016 /usr/bin/ip route add 128.0.0.0/1 via 10.4.0.1


2016-06-12 12:50:55,678 DEBG 'start-script' stdout output:
Sun Jun 12 12:50:55 2016 Initialization Sequence Completed

 

 

Myk

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

 

ok so its not that, this is interesting:-

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

question is is this tls for the tunnel or for the web interface?, i guess its probably the tunnel, remind me which vpn provider your with again, is it PIA?

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

 

ok so its not that, this is interesting:-

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

question is is this tls for the tunnel or for the web interface?, i guess its probably the tunnel, remind me which vpn provider your with again, is it PIA?

 

AirVPN

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

 

ok so its not that, this is interesting:-

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

question is is this tls for the tunnel or for the web interface?, i guess its probably the tunnel, remind me which vpn provider your with again, is it PIA?

 

AirVPN

 

bit of googling on this so far reveals this:-

 

https://airvpn.org/topic/4383-tls-tls-process-killed-expiring-key/

 

and also

 

https://airvpn.org/topic/16427-high-latency-lost-connection-durring-hourly-tls-rekeying/

 

you could try the option to disable re-keying in the ovpn file and see if it helps.

 

just to be more clear, im on about adding this option into your ovpn file:-

 

reneg-sec 0

 

which is actually one of the settings i specify for the pia ovpn file that all pia users use.

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

 

ok so its not that, this is interesting:-

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

question is is this tls for the tunnel or for the web interface?, i guess its probably the tunnel, remind me which vpn provider your with again, is it PIA?

 

AirVPN

 

bit of googling on this so far reveals this:-

 

https://airvpn.org/topic/4383-tls-tls-process-killed-expiring-key/

 

and also

 

https://airvpn.org/topic/16427-high-latency-lost-connection-durring-hourly-tls-rekeying/

 

you could try the option to disable re-keying in the ovpn file and see if it helps.

 

just to be more clear, im on about adding this option into your ovpn file:-

 

reneg-sec 0

 

which is actually one of the settings i specify for the pia ovpn file that all pia users use.

 

Ok, added that - will let ya know what happens

 

Thanks

Myk

 

Link to comment
binhex Mentor

binhex

Posted
  • Author
Posted

went to docker tab, stopped docker, edited the rtorrent.rc file and removed a "#" in front of a option, restared docker

 

ok so quick check, what did you use to edit the file?, did you use notepad?, you need to be careful of line endings, if you use notepad it will save it with windows line endings and this will royally screw up the config file.

 

I used textpad - when doing a save as - it sees the file as a unix file - so that was not the problem....

 

I cleared the session folder again, started docker back up and web interface connected - just no torrents again

 

Am not sure what to look for - this is a bugger to track down

 

Myk

 

ok so its not that, this is interesting:-

 

The line specific:  Sun Jun 12 06:17:04 2016 TLS: tls_process: killed expiring key

 

question is is this tls for the tunnel or for the web interface?, i guess its probably the tunnel, remind me which vpn provider your with again, is it PIA?

 

AirVPN

 

bit of googling on this so far reveals this:-

 

https://airvpn.org/topic/4383-tls-tls-process-killed-expiring-key/

 

and also

 

https://airvpn.org/topic/16427-high-latency-lost-connection-durring-hourly-tls-rekeying/

 

you could try the option to disable re-keying in the ovpn file and see if it helps.

 

just to be more clear, im on about adding this option into your ovpn file:-

 

reneg-sec 0

 

which is actually one of the settings i specify for the pia ovpn file that all pia users use.

 

quick check back on this MyKroFt, hows it been since you added the option, i am hoping your silence means its working well now :-)

Link to comment
bobbintb Community Regular

bobbintb

Posted
Posted

Ahhh, I really want so switch. To bad sonarr can not remove torrents after they have finished seeding if you use rTorrent  :(

 

Well, nothing to do about it, I just stick to deluge.

 

Good job on the docker binhex!  ;)

 

You can set up rTorrent to do it itself though.

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

Did it again after 40 hrs uptime :(

 

 

when it happens the key expire is always in the log

 

 

on another note - can you add the dependencies of the filemanager plugin (unzip its hollaring about) - am trying to get it up and running

 

 

Thanks

Myk

 

 

Link to comment
Smackover Rookie

Smackover

Posted
Posted

So after I've had a few issues with CouchPotato, I decided to just point Firefox at privoxy to find files manually. However, when I perform a DNS leak test, it fails. I've set network.dns.disablePrefetch;true and network.proxy.socks_remote_dns;true in Firefox. Any other suggestions? Also, how I would test rtorrent to make sure it's also not subject to a dns leak? Thanks!

Link to comment
MyKroFt Collaborator

MyKroFt

Posted
Posted

I restarted leaving session folder as it - tmux process is not there

I restarted clearing out session folder - tmux process IS there

 

something is the session folder either crashes rtorrent on load or is not letting it start

 

is there a log file somewhere from rtorrent?

 

Myk

 

Link to comment
  • binhex locked this topic
Guest
This topic is now closed to further replies.
Go to topic listing