RTNETLINK answers: Permission denied

[xLogiiCx]

[#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.xx.xx.131/32 dev wg0 [#] ip -6 address add fc00:bbbb:xxxx:xxxx::0:xxxx/128 dev wg0 RTNETLINK answers: Permission denied [#] ip link delete dev wg0 2021-03-22 10:39:49.130124 [INFO] VPN_ENABLED defined as 'yes' 2021-03-22 10:39:49.150408 [INFO] VPN_TYPE defined as 'wireguard' 2021-03-22 10:39:49.181265 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf dos2unix: converting file /config/wireguard/wg0.conf to Unix format... 2021-03-22 10:39:49.204315 [INFO] VPN remote line defined as '185.xxx.xxx.70:51820' 2021-03-22 10:39:49.226832 [INFO] VPN_REMOTE defined as '185.xxx.xxx.70' 2021-03-22 10:39:49.249201 [INFO] VPN_PORT defined as '51820' 2021-03-22 10:39:49.270035 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp. 2021-03-22 10:39:49.130124 [INFO] VPN_ENABLED defined as 'yes' 2021-03-22 10:39:49.150408 [INFO] VPN_TYPE defined as 'wireguard' 2021-03-22 10:39:49.181265 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf dos2unix: converting file /config/wireguard/wg0.conf to Unix format... 2021-03-22 10:39:49.204315 [INFO] VPN remote line defined as '185.xxx.xxx.70:51820' 2021-03-22 10:39:49.226832 [INFO] VPN_REMOTE defined as '185.xxx.xxx.70' 2021-03-22 10:39:49.249201 [INFO] VPN_PORT defined as '51820' 2021-03-22 10:39:49.270035 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp. 2021-03-22 10:39:49.295977 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0. 2021-03-22 10:39:49.322001 [INFO] LAN_NETWORK defined as '192.168.178.0/24' 2021-03-22 10:39:49.344897 [INFO] NAME_SERVERS defined as '1.1.1.1,1.0.0.1' 2021-03-22 10:39:49.369305 [INFO] Adding 1.1.1.1 to resolv.conf 2021-03-22 10:39:49.392650 [INFO] Adding 1.0.0.1 to resolv.conf 2021-03-22 10:39:49.414332 [INFO] Starting WireGuard... Warning: `/config/wireguard/wg0.conf' is world accessible [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.xx.xx.131/32 dev wg0 [#] ip -6 address add fc00:xxxx:xxxx:xxxx::0:5a82/128 dev wg0 RTNETLINK answers: Permission denied [#] ip link delete dev wg0

[xLogiiCx]

I am unable to start the container. After the Permission Error it just restarts.

[PuppyLover101]

Same issue as the user above:

[#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.69.183.235/32 dev wg0 [#] ip -6 address add fc00:bbbb:bbbb:bb01::6:b7ea/128 dev wg0 RTNETLINK answers: Permission denied [#] ip link delete dev wg0 2021-03-28 03:55:23.512295 [INFO] VPN_ENABLED defined as 'yes' 2021-03-28 03:55:23.558108 [INFO] VPN_TYPE defined as 'wireguard' 2021-03-28 03:55:23.609763 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf dos2unix: converting file /config/wireguard/wg0.conf to Unix format... 2021-03-28 03:55:23.656457 [INFO] VPN remote line defined as '198.xxxxx:51820' 2021-03-28 03:55:23.695353 [INFO] VPN_REMOTE defined as '198.xxxxx' 2021-03-28 03:55:23.737439 [INFO] VPN_PORT defined as '51820' 2021-03-28 03:55:23.773759 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp. 2021-03-28 03:55:23.811952 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0. 2021-03-28 03:55:23.864672 [INFO] LAN_NETWORK defined as '192.168.2.99/24' 2021-03-28 03:55:23.911732 [INFO] NAME_SERVERS defined as '1.1.1.1,1.0.0.1' 2021-03-28 03:55:23.955980 [INFO] Adding 1.1.1.1 to resolv.conf 2021-03-28 03:55:23.996597 [INFO] Adding 1.0.0.1 to resolv.conf 2021-03-28 03:55:24.031224 [INFO] Starting WireGuard... Warning: `/config/wireguard/wg0.conf' is world accessible

[#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.69.183.235/32 dev wg0 [#] ip -6 address add xxxxxxxxx:6:b7ea/128 dev wg0 RTNETLINK answers: Permission denied [#] ip link delete dev wg0

@xLogiiCx Wishful thinking, but did you ever figure out the issue?

[xLogiiCx]

@PuppyLover101 nope, sorry i only figured out it could be a issue with IPv6

[DyonR]

Did you run the container privileged?

[PuppyLover101]

@PuppyLover101 nope, sorry i only figured out it could be a issue with IPv6

Has --sysctl net.ipv6.conf.all.disable_ipv6=1 worked for you? Doesn't work for me (unRAID)

Did you run the container privileged?

Yes, it's privileged (unRAID)

[xLogiiCx]

Has --sysctl net.ipv6.conf.all.disable_ipv6=1 worked for you? Doesn't work for me (unRAID)

No does not work for me sadly.

Did you run the container privileged?

Yes, i tried both.

@PuppyLover101 are you using a kill switch in your wireguard config file?

[xLogiiCx]

Btw. this is the command which i / unraid uses to start the container maybe that helps:

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='passthroughvpn' --net='bridge' --privileged=true -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e 'VPN_ENABLED'='yes' -e 'VPN_TYPE'='wireguard' -e 'VPN_USERNAME'='' -e 'VPN_PASSWORD'='' -e 'LAN_NETWORK'='192.168.178.0/24' -e 'ADDITIONAL_PORTS'='' -e 'RESTART_CONTAINER'='no' -e 'PUID'='99' -e 'PGID'='100' -e 'NAME_SERVERS'='1.1.1.1,1.0.0.1' -e 'UMASK'='002' -e 'HEALTH_CHECK_HOST'='one.one.one.one' -e 'HEALTH_CHECK_INTERVAL'='300' -e 'HEALTH_CHECK_SILENT'='1' -v '/mnt/user/appdata/passthroughvpn':'/config':'rw' --sysctl net.ipv6.conf.all.disable_ipv6=1 --restart unless-stopped 'dyonr/passthroughvpn'

[xLogiiCx]

Any Update?

[DyonR]

@xLogiiCx What version of Unraid are you using?
Looking at the docker run command you posted, I really can not see anything wrong.
Mine is pretty much identical, but the exposed ports.

[ep1cman]

I just had this issue and I fixed it by removing the IPv6 address in my wireguard config file

[xLogiiCx]

@ep1cman For me there is no IPv6 Address in my config file.

[xLogiiCx]

@DyonR I am using 6.9.2

[andyfore]

I resolved this for my setup by ensuring that in the MVD generator I was using IPv4 only and that the killswitch was NOT checked.