[Support] binhex - PrivoxyVPN


Recommended Posts

Hi @binhex, I'm certainly no expert so please forgive me for not being confident when I say, I think the communication is initiated by Plex. The process to add xteve as a DVR to Plex requires the user to give xteve's IP to Plex in order for Plex to add the DVR, but that is my guess simply based upon that. Perhaps others in the thread might be able to provide a much more educated response.  

 

Link to comment
Just now, Ciaran Madden said:

Hi @binhex, I'm certainly no expert so please forgive me for not being confident when I say, I think the communication is initiated by Plex. The process to add xteve as a DVR to Plex requires the user to give xteve's IP to Plex in order for Plex to add the DVR, but that is my guess simply based upon that. Perhaps others in the thread might be able to provide a much more educated response.  

 

ok well in that case start with adding in the port used by xteve to the env var VPN_INPUT_PORTS for the vpn container, if that doesnt work then try adding in the plex port to env var VPN_OUTPUT_PORTS for the vpn container.

Link to comment

Hi, @binhex I had those set originally and it still wasn't working so I decided to uninstall everything and reinstall and it looks like that's done the trick. Needless to say I will have had an errant piece of typing somewhere and starting fresh helped. 

 

Thank you so much for reaching out to help, I really appreciate it but there's not much you'd have been able to do to fix my stupid!

 

Thanks again :) 

  • Like 1
Link to comment
  • 2 weeks later...

I was hoping to download ROMs direct to my windows machine with the VPN connection through the docker. It downloads super fast, I just cannot seed active.

 

Moving the files over afterwards is just a PITA. Windows is where I keep the ROMs, Unraid is all media.

Thank you though, if it's not possible, it's not possible.
 

Link to comment
  • 3 weeks later...

Hi @binhex, is there a specific setting I should follow for NzbHydra2?

I've always had my NzbHydra pass through VPN(this docker) and everything was working fine even after the latest update where ADDITIONAL PORTS had to be added. I had added port 5076 to ADDITIONAL_PORTS and everything was fine until Hydra was updated last week and now when I turn off proxy everything works but with proxy I'm not able to connect to any indexers.

 

Link to comment
3 hours ago, Allen A said:

Hi @binhex, is there a specific setting I should follow for NzbHydra2?

I've always had my NzbHydra pass through VPN(this docker) and everything was working fine even after the latest update where ADDITIONAL PORTS had to be added. I had added port 5076 to ADDITIONAL_PORTS and everything was fine until Hydra was updated last week and now when I turn off proxy everything works but with proxy I'm not able to connect to any indexers.

 

check the log file /config/supervisord.log, there is some intermittent issues with pia at the moment causing vpn connectivity failure, so ensure the vpn is operational first by checking the log.

Link to comment
  • 2 months later...

Hello @binhex I would like to try out the privoxyvpn container, using the Wireguard as PIA VPN client and share with some other containers.

 

As I understand the PIA VPN incoming port will be automatically generated. Where will I find the autogenerated port number so that I can use it e.g. in a torrent client application? I looked through the documentation, but could not find the answer there. If I missed it, sorry. 

 

Also is there any form of persistence option for the port number so that the same one will be used if the container is restarted? From what I understand an incoming port from PIA is valid for 2 months. 

Edited by norsemanGrey
Link to comment
On 6/20/2021 at 10:59 PM, norsemanGrey said:

Where will I find the autogenerated port number so that I can use it e.g. in a torrent client application?

its not generated for privoxyvpn, if you need an incoming port for a torrent client (assuming this is the use case) then i would encourage you to use one of the other vpn images i have produced that include a torrent client.

 

On 6/20/2021 at 10:59 PM, norsemanGrey said:

form of persistence option for the port number so that the same one will be used if the container is restarted?

nope thats not possible with PIA, its always dynamic.

Link to comment
4 hours ago, binhex said:

its not generated for privoxyvpn, if you need an incoming port for a torrent client (assuming this is the use case) then i would encourage you to use one of the other vpn images i have produced that include a torrent client.

 Thanks for the tip :) I will check them out. It would be nice though, as an alternative, to have the possibility to view the generated PF port when using this image. I guess it could be saved to a file or just printed in the log somewhere.

 

4 hours ago, binhex said:

nope thats not possible with PIA, its always dynamic.

Maybe I have misunderstood something then.  I only stated it as I read that detail in the port forwarding script PIA themselves publish on GitHub., but I am no expert so I am probably overlooking something. As you probably have tons of knowledge about this maybe you could explain as I would like to gain more insight on this.

Edited by norsemanGrey
Link to comment
4 minutes ago, norsemanGrey said:

I only stated it as I read that detail in the port forwarding script PIA themselves publish on GitHub

that pia script still assigns a port from a pool, not sure why you think it assigns the same (static) port?. if you run that script it will assign a port, then if you were to stop/start the container/vm and then run it again you would get a different port assigned.

Link to comment
2 minutes ago, binhex said:

that pia script still assigns a port from a pool, not sure why you think it assigns the same (static) port?. if you run that script it will assign a port, then if you were to stop/start the container/vm and then run it again you would get a different port assigned.

Ah, yes of course, I see what you mean. I guess what I was thinking is that one could make env var with an option to choose to "reuse" the same port number after a restart. Thus, skipping the script if a port number was already assigned and had not reached its expiration.

Link to comment
8 minutes ago, norsemanGrey said:

I guess what I was thinking is that one could make env var with an option to choose to "reuse" the same port number after a restart.

that is technically possible, but right now i do not do this, one good reason not to do this is reusing the same port increases your chances of being tracked, having a dynamic ip and port assigned IMHO is a good thing.

Link to comment
8 minutes ago, binhex said:

that is technically possible, but right now i do not do this, one good reason not to do this is reusing the same port increases your chances of being tracked, having a dynamic ip and port assigned IMHO is a good thing.

That is very true. But then I guess one would have to restart the container periodically as well in order to get a new port more often than on a two months period.

 

Oh btw,  when reading through your code, as I am trying to learn, I noticed this comment in the getvpnport.sh script.

 

(note this env var is passed through to up script via openvpn --sentenv option)

 

Does that mean that the port forwarding script will only be run if using OpenVPN and not Wireguard as the protocol?

 

 

Thanks for taking the time to answer btw, a lot of this is new to me so it is very appreciated.

Edited by norsemanGrey
Link to comment
10 hours ago, norsemanGrey said:

But then I guess one would have to restart the container periodically as well in order to get a new port more often than on a two months period.

in an ideal world where the vpn tunnel is 100% reliable, yes you are right, however in the real world its rare to have a vpn tunnel stay up for longer than 1 month, drops are common and therefore port changes too.

 

10 hours ago, norsemanGrey said:

Does that mean that the port forwarding script will only be run if using OpenVPN and not Wireguard as the protocol?

no, its enabled for both and uses the same script.

Link to comment

I'm trying to run this container using NordVPN and it seems that the credentials.conf file needs the path fixed in the start-script for VPN_PROV=custom:

 

--auth-user-pass credentials.conf --cd /config/openvpn --config '/config/openvpn/ca1214.nordvpn.com.udp1194.ovpn'

 

Shouldn't --auth-user-pass credentials.conf be --auth-user-pass /config/openvpn/credentials.conf?  I keep getting AUTH_FAILED errors and I've confirmed multiple times that my username and password are correct so it seems like it's not able to find credentials.conf.

Link to comment
  • 3 weeks later...

Hi @binhex, is there anyway to use pihole along with privoxy? I tried setting the NAME_SERVER IP to my local pihole IP, but that didn't work and privoxy states that it's unable to connect to network. I assume that the privoxy container does not have access to my LAN. Am I missing something here or is it currently not possible to use pihole as DNS for privoxy?

Link to comment
  • 3 weeks later...

Hello Guys, 

 

has anyone ever tried to route Jellyfin (binhex-jellyfin) though binhex-privoxyvpn ? 
I can't get the web UI working. I set all the setting accordingly. 

Change Network of Jellyfin to "none", added the Extra Parameter "--net=container:binhex-privoxyvpn"

 

In privoxyvpn I added the port 8096 (Host and Container Port) and added the same port into the "VPN_INPUT_PORTS" list. 

It won't work. 
Maybe somebody here has an idea. 
Thank you very much in advance! 
Best Regards

Link to comment
  • 5 weeks later...

Hope someone has a solution to this one at a loss and not much online or in the forums. 

 

Been using this Docker for a while worked well until recently.    There appears to be a negative relationship between this Docker and any VM I run.   I have mostly windows but some Kali Linux for fun.   Either causes the following problem. 

 

When I run this docker after a VM has started it does not create a connection with my VPN provider.   I can see the tun0 that is created upon success using "ifconfig" and once it's created things work correctly.      I have been experimenting trying to see if there is something unique with my network setup or VMS but nothing seems to unique.   I have even started creating a test Unraid server on a old laptop for testing.  Similar results on stock install.    

 

Any suggestion as I can't see why a docker and vms would be this bonded to begin with.    Perhaps there is some networking related docker or VM that uses similar naming causing this.    Would appreciate any suggestions just not stable when I need it to be. 

 

Environment:

Latest versions on binhex/arch-privoxyvpn

Unraid 6.9.2

 

can get more details if requested.    

 

Cheers,

 

 

Update 9-5-21 

 

@binhexNot sure if it's a feature or a bug.   Here is what I found.   If you are using your VPN container and change the default network from bridge to br0 and assigned an IP address to save on port mapping conflicts. 

 

Then the above issue/relationship occurs.   If you use bridge there does not appear to be an issue.   

 

MY TEST:

   1. LAUNCH any VM and wait until start,  I use Kali it's quick.

   2. LAUNCH BINHEX - PRIVOXYVPN and open the console

   3. RUN   WATCH IFCONFIG  (this will pool ifconfig for ever) 

 

===========  Below is what I use to identify the issue =============

The tun0 failed to establish and typically will never establish...

=============================================================

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 291  bytes 98024 (95.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 322  bytes 51706 (50.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 20  bytes 1056 (1.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1056 (1.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

   4.  SHUTDOWN THE VM

   5.  WAIT about 5-10 Seconds and the tun0 will appear looking something like this. 

 

===========  Below is what believe is success connection =============

=============================================================

 

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 291  bytes 98024 (95.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 322  bytes 51706 (50.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 20  bytes 1056 (1.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1056 (1.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.200.0.58  netmask 255.255.255.255  destination 10.200.0.57
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 154  bytes 69799 (68.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 239  bytes 26190 (25.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

 

Great app,  hope this helps. 

 

If there is something you want to test I have the rigs setup to perform stuff quickly.  

 

Cheers,

-C

 

 

 

 

 

 

 

 

 

Edited by CoreyG
Link to comment
On 9/5/2021 at 3:19 AM, CoreyG said:

Not sure if it's a feature or a bug.   Here is what I found.   If you are using your VPN container and change the default network from bridge to br0 and assigned an IP address to save on port mapping conflicts. 

lol, not sure its either tbh :-), ok so when i initally designed this image fancy stuff like macvlan and custom bridge was not a thing, and its been designed around using the default docker bridge, as in network type: 'bridge'. 

 

wind forward in time and we now have custom bridges and macvlan, as well as ipvlan to come (in 6.10), as of now i know that custom bridges can work, but macvlan is a def no-no. 

 

so what i would suggest for you is either:-

a) use 'bridge' and be happy (port mapping conflicts should not be an issue, simply change the host port)

or

b) create another custom bridge just for docker and assign that to this docker container, then use br0 only for vm's, this should prevent the clash.

Link to comment
1 hour ago, binhex said:

lol, not sure its either tbh :-), ok so when i initally designed this image fancy stuff like macvlan and custom bridge was not a thing, and its been designed around using the default docker bridge, as in network type: 'bridge'. 

 

wind forward in time and we now have custom bridges and macvlan, as well as ipvlan to come (in 6.10), as of now i know that custom bridges can work, but macvlan is a def no-no. 

 

so what i would suggest for you is either:-

a) use 'bridge' and be happy (port mapping conflicts should not be an issue, simply change the host port)

or

b) create another custom bridge just for docker and assign that to this docker container, then use br0 only for vm's, this should prevent the clash.

 

thanks for the reply.  I agree I settled on the bridge and just changed the ports. 

just to know my future options  I'm playing around with the custom VLANs to see if that doesn't cause the conflict.  

 

thank you.

Link to comment
3 minutes ago, jmmrly said:

My docker has randomly stopped connecting to the internet, running curl ifconfig.io returns host doesn't exist. The docker log keeps looping this over and over;

 

@jmmrly  Don't have much info to help but try these as I recently had issues when using custom IP for dockers

 

1.  Set Docker to Bridge Mode

2.  Privileged Mode must be on

3.  If you have VMs try it first with them off. 

 

 

If this does work,  you can turn on debug mode to true and add a the line the verbose option to the opvn file.    It looks like this. 

 

remote us-ny.vpnunlimitedapp.com 1194
client
dev tun
persist-key
ping 5
ping-exit 30
nobind
comp-lzo no
remote-random
remote-cert-tls server
auth-nocache
route-metric 1
cipher AES-256-CBC
auth sha512
float

verb 4   <---------------------------  Remove this comment/and arrows but this will add more debug info --------------->
<ca>

 

Link to comment

I might have missed it in the FAQS, but where are the instructions for passing the proxy through to another client? I have this running on the Unraid server and would like to use the proxy on another PC, similar to how you might setup a proxy through your web browser settings.

 

I tried passing through ‘IP OF UNRAID SERVER:8118’ but it doesn’t seem to work. 

Edited by WuZiMu
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.