[Support] binhex - PrivoxyVPN

[HHUBS]

1 hour ago, binhex said:

read the description for the above keys here:- https://github.com/binhex/documentation/blob/master/docker/guides/vpn.md

 

Got it. But what's the difference between routing any container using privoxyvpn and setting up proxy settings in, say for example, sonarr/radarr like spaceinvader one did here?

 

Edited February 10 by HHUBS

[binhex]

 
Got it. But what's the difference between routing any container using privoxyvpn and setting up proxy settings in, say for example, sonarr/radarr like spaceinvader one did here?
 

There is a big difference, proxy will forward HTTPS traffic only, whereas binding network ensures ALL traffic is sent down the VPN tunnel

To be clear, for sonarr proxy is fine as it is HTTPS traffic only

Sent from my 22021211RG using Tapatalk

[HHUBS]

1 hour ago, binhex said:

There is a big difference, proxy will forward HTTPS traffic only, whereas binding network ensures ALL traffic is sent down the VPN tunnel

To be clear, for sonarr proxy is fine as it is HTTPS traffic only

Sent from my 22021211RG using Tapatalk

 

 

Thank you. Do you happen to know how to use the dynamic port forwarding of hide.me in qbittorrent? If yes, how do I configure it?

 

[binhex]

 
Thank you. Do you happen to know how to use the dynamic port forwarding of hide.me in qbittorrent? If yes, how do I configure it?
 

There is no support for automatic port assignment from that VPN provider

Sent from my 22021211RG using Tapatalk

[HHUBS]

37 minutes ago, binhex said:

There is no support for automatic port assignment from that VPN provider

Sent from my 22021211RG using Tapatalk
 

 

I'm getting error in my qbittorrent. How to fix this? Thank you.

 

[HHUBS]

2 hours ago, binhex said:

There is no support for automatic port assignment from that VPN provider

Sent from my 22021211RG using Tapatalk
 

 

BTW, if I use PIA, how do I know if port forwarding is ok and what port if forwarded?

 

[JonathanM]

2 hours ago, HHUBS said:

 

BTW, if I use PIA, how do I know if port forwarding is ok and what port if forwarded?

 

If you use the qbittorentvpn container that's taken care of for you automatically, and you can still send traffic for other containers through the container or use the proxy for the *arr apps.

[DBJordan]

7 hours ago, HHUBS said:

 

BTW, if I use PIA, how do I know if port forwarding is ok and what port if forwarded?

 

Not sure if the straight binhex-privoxyvpn container is different from the binhex-qbittorrentvpn, but on the latter the logs will have a message that looks like this: [info] Successfully assigned and bound incoming port '####'

[HHUBS]

Thanks @JonathanM @DBJordan I used PIA and I'm now connectable. I can see my port open and using the VPN IP.

[pOpYRaid]

Using the docker container and it's working realy good.
Thanks for all the hard work!

Is it possible to use multiple .ovpn files and the container is rotating them in a timely manner?

Thanks

[lococola]

I just updated Privoxyvpn to the latest version, but now my Soulseek container that I'm running through Privoxy can't connect any longer.

 

EDIT: Solved. There was some issue with certificates on the side of AirVPN. Fixed it by renewing the cert from the Airvpn client area, then generating a new ovpn file and placing that in PrivoxyVPN's config folder, replacing the old file. Everything now working again.

Edited April 8 by lococola

[francispb]

I'm only using the container to route other containers through the VPN. With all containers it has worked except binhex-plexpass, it is localy inaccessible even though I configure port 32400 on binhex-privoxyvpn, does anyone know why this happens and how to solve it?

Edited April 13 by francispb

[Cover8099]

Hello, I've been using your arch-delugevpn container with no issues.
Decided I didn't require deluge anymore so I went with arch-privoxyvpn.

Getting weird behavior, the proxy works (connection to Wireguard and DNS), but the container claims a DNS Failure, which causes the wireguard interface to restart. Then It attempts to get DNS again until failure and the cycle continues.
In the container I can resolve dns queries without issue.

Did not find a similar problem in the thread, if I missed it, please let me know.

supervisord.log

[Mitorar]

Everytime i start privoxyvpn i get a new port(s) mapping to 8118 and 9118. How do i stop this random port mapping?

 

PORT CONFIGURATION

0.0.0.0:32811  8118/tcp

:::32811  8118/tcp

0.0.0.0:32810  9118/tcp

:::32810  9118/tcp

 

This 32811 are the ones that's getting changed all the time. It is very annoying. 

 

EDIT:

I managed to solve it by setting 

PRIVOXYVPN_PORT_8118=8118

PRIVOXYVPN_PORT_9118=9118

 

In the .env file.

Edited May 15 by Mitorar
Solved it

[Mitorar]

However, there does not seem to be ipv6 support enabled for this container. I have IPv6 nativly and turned on in my docker. So i gotta swap network each time i update my privoxyvpn container.

 

A much better solution would be to implement ipv6 support for privoxyvpn.

[Cover8099]

On 5/7/2024 at 9:47 PM, Cover8099 said:

Hello, I've been using your arch-delugevpn container with no issues.
Decided I didn't require deluge anymore so I went with arch-privoxyvpn.

Getting weird behavior, the proxy works (connection to Wireguard and DNS), but the container claims a DNS Failure, which causes the wireguard interface to restart. Then It attempts to get DNS again until failure and the cycle continues.
In the container I can resolve dns queries without issue.

Did not find a similar problem in the thread, if I missed it, please let me know.

supervisord.log 35.06 kB · 1 download

I found the cause of this problem. The ldns package was not installed on the container. This caused the /root/tools.sh script (which uses the drill command for DNS resolution) to fail quietly (command not found). 

Installing the package also instantly made it resolve again, which is nice. 
I will write a git issue to learn more, cause this is probably not expected behavior. 

Edited May 28 by Cover8099

[binhex]

16 hours ago, Cover8099 said:

The ldns package was not installed on the container.

this is interesting, as that package is installed in the base and ALL images are built from the base image:-
https://github.com/binhex/arch-base/blob/2cf699902bd1727a983c9957b8aafbede3dad0fb/build/common/root/install.sh#L110

 

 

[Cover8099]

7 hours ago, binhex said:

this is interesting, as that package is installed in the base and ALL images are built from the base image:-
https://github.com/binhex/arch-base/blob/2cf699902bd1727a983c9957b8aafbede3dad0fb/build/common/root/install.sh#L110

 

 

Hmm, well you linked it and it says it installs it clear as day. So I am at a loss. 
Sadly I have no experience with containers that could pose an explanation. 
I used a raspberry pi 4 running Ubuntu, but I can't imagine that affects the container installing a particular package

[binhex]

3 minutes ago, Cover8099 said:

Hmm, well you linked it and it says it installs it clear as day. So I am at a loss. 
Sadly I have no experience with containers that could pose an explanation. 
I used a raspberry pi 4 running Ubuntu, but I can't imagine that affects the container installing a particular package

i have rebuilt the base recently, so i will kick off a rebuild of the image in the next few days and hopefully that will fix it up. 

[vocoder]

Hello, something in the new image has completely changed the ability to reverse proxy internally.

 

For example, if I had a service running port 3000, with `network_mode: service:arch-privoxyvpn` , I could tell nginx, which is on the same docker network as arch-privoxyvpn to go through upstream arch-privoxyvpn:3000 to get to that service directly, and nowhere is port 3000 accounted for in the config, it would just work because it's on the same internal docker network. You didn't need to use `VPN_INPUT/OUTPUT` ports (thankfully)

 

Now it looks to not work. Curiously I got an error about `SHARED_NETWORK` not being configured, thus defaulting to 'no'. It sounded interesting, I tried 'yes', didn't help. I couldn't find any documentation about this. Either way, that didn't help with this either.

 

This also impacts the other images. I'm also getting an IPv6 error (I explicitly disable IPv6 everywhere, host, container, compose).

```

modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.7.9-amd64
ip6tables v1.8.10 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
2024-07-02 09:39:44.104593 [warn] ip6tables default policies not available, skipping ip6tables drops
Error: error sending query: Could not send or receive, because of network error

```

 

3.0.34-3-02 has no issues. Just wondering how to go around this if it's intended, or if that's possible. For now the old versions work, so no worries. Thanks for the great VPN container.

Edited July 2 by vocoder

[binhex]

56 minutes ago, vocoder said:

For example, if I had a service running port 3000, with `network_mode: service:arch-privoxyvpn` , I could tell nginx, which is on the same docker network as arch-privoxyvpn to go through upstream arch-privoxyvpn:3000 to get to that service directly, and nowhere is port 3000 accounted for in the config, it would just work because it's on the same internal docker network. You didn't need to use `VPN_INPUT/OUTPUT` ports (thankfully)

i have not altered iptables so no additional blocking should be in place, so im not clear why you are seeing this, i will need to see logs, see end of this post.

 

56 minutes ago, vocoder said:

Now it looks to not work. Curiously I got an error about `SHARED_NETWORK` not being configured, thus defaulting to 'no'. It sounded interesting, I tried 'yes', didn't help. I couldn't find any documentation about this. Either way, that didn't help with this either.

this is a new feature i have introduced, docs will follow but for now ignore it.

57 minutes ago, vocoder said:

```

modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.7.9-amd64
ip6tables v1.8.10 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
2024-07-02 09:39:44.104593 [warn] ip6tables default policies not available, skipping ip6tables drops
Error: error sending query: Could not send or receive, because of network error

```

expected, if ip6tables are not available then it will warn and ignore, otherwise it will actively block all ipv6 traffic.

I will need to see a log to help further, please see the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/help.md#unraid-users

[Wt6bzqEH4DguzaH]

It seems the latest version has broken privoxy.  Same config and privoxy doesn't start. When I downgrade the docker to version 3.0.34-3-02, it works just fine and privoxy starts when the container starts.

[binhex]

46 minutes ago, Wt6bzqEH4DguzaH said:

It seems the latest version has broken privoxy.  Same config and privoxy doesn't start. When I downgrade the docker to version 3.0.34-3-02, it works just fine and privoxy starts when the container starts.

I will need to see a log to help further, please see the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/help.md#unraid-users

[vocoder]

Here it is.

log.txt

Edited July 3 by vocoder

[binhex]

9 minutes ago, vocoder said:

Here it is. It basically seems to be hung up on (DNS) resolving the wireguard address.

log.txt 2.74 kB · 1 download

can you please try setting NAME_SERVERS to a value of 1.1.1.1 let me know the outcome.