search

MarkusMcNugen / docker-qBittorrentvpn

Docker container which runs a headless qBittorrent client with WebUI and optional OpenVPN
https://hub.docker.com/r/markusmcnugen/qbittorrentvpn/
GNU General Public License v3.0
168 stars 92 forks source link

I couldn't run Qbittorent via Mullvad with error Linux ip -6 addr add failed: external program exited with error status: 2 #107

Open gakguei opened 2 years ago

gakguei commented 2 years ago

The below is the error code of mine. I run it with synology DS220+ with DSM 7.0 And my VPN is mullvad vpn.

2021-10-05 06:19:22.336034 [info] VPN_ENABLED defined as 'yes' 2021-10-05 06:19:22.379316 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/mullvad_jp_tyo.ovpn dos2unix:converting file /config/openvpn/mullvad_jp_tyo.ovpn to Unix format... 2021-10-05 06:19:22.420231 [info] VPN remote line defined as 'jp-tyo-105.mullvad.net 1197 2021-10-05 06:19:22.488134 [info] VPN_REMOTE defined as 'jp-tyo-105.mullvad.net' 2021-10-05 06:19:22.525626 [info] VPN_PORT defined as '1197' 2021-10-05 06:19:22.560333 [info] VPN_PROTOCOL defined as 'udp' 2021-10-05 06:19:22.595375 [info] VPN_DEVICE_TYPE defined as 'tun0' 2021-10-05 06:19:22.629501 [info] LAN_NETWORK defined as '192.168.1.0/24' 2021-10-05 06:19:22.663843 [info] NAME_SERVERS defined as '8.8.8.8,8.8.4.4' 2021-10-05 06:19:22.698002 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS) 2021-10-05 06:19:22.732447 [info] Adding 8.8.8.8 to resolv.conf 2021-10-05 06:19:22.766799 [info] Adding 8.8.4.4 to resolv.conf 2021-10-05 06:19:22.799351 [info] Starting OpenVPN... Tue Oct 5 06:19:22 2021 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun >handling anymore. Tue Oct 5 06:19:22 2021 WARNING: file 'credentials.conf' is group or others accessible Tue Oct 5 06:19:22 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] >[AEAD] built on Jul 19 2021 Tue Oct 5 06:19:22 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10 Tue Oct 5 06:19:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]217.138.252.50:1197 Tue Oct 5 06:19:22 2021 Socket Buffers: R=[212992->425984] S=[212992->425984] Tue Oct 5 06:19:22 2021 UDP link local: (not bound) Tue Oct 5 06:19:22 2021 UDP link remote: [AF_INET]217.138.252.50:1197 Tue Oct 5 06:19:22 2021 TLS: Initial packet from [AF_INET]217.138.252.50:1197, sid=44525bb6 e7135657 Tue Oct 5 06:19:22 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to> >prevent this Tue Oct 5 06:19:23 2021 VERIFY OK: depth=2, C=SE, ST=Gotaland, L=Gothenburg, O=Amagicom AB, OU=Mullvad, >CN=Mullvad Root CA v2, emailAddress=security@mullvad.net Tue Oct 5 06:19:23 2021 VERIFY OK: depth=1, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=Mullvad >Intermediate CA v3, emailAddress=security@mullvad.net Tue Oct 5 06:19:23 2021 VERIFY KU OK Tue Oct 5 06:19:23 2021 Validating certificate extended key usage Tue Oct 5 06:19:23 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Tue Oct 5 06:19:23 2021 VERIFY EKU OK Tue Oct 5 06:19:23 2021 VERIFY OK: depth=0, C=SE, ST=Gotaland, O=Amagicom AB, OU=Mullvad, CN=jp-tyo->101.mullvad.net, emailAddress=security@mullvad.net Tue Oct 5 06:19:23 2021 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1558' Tue Oct 5 06:19:23 2021 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo' Tue Oct 5 06:19:23 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA Tue Oct 5 06:19:23 2021 [jp-tyo-101.mullvad.net] Peer Connection Initiated with [AF_INET]217.138.252.50:1197 Tue Oct 5 06:19:24 2021 SENT CONTROL [jp-tyo-101.mullvad.net]: 'PUSH_REQUEST' (status=1) Tue Oct 5 06:19:29 2021 SENT CONTROL [jp-tyo-101.mullvad.net]: 'PUSH_REQUEST' (status=1) Tue Oct 5 06:19:29 2021 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.11.0.1,redirect-gateway def1 >bypass-dhcp,route-ipv6 0000::/2,route-ipv6 4000::/2,route-ipv6 8000::/2,route-ipv6 C000::/2,comp-lzo no,route-gateway >10.11.0.1,topology subnet,socket-flags TCP_NODELAY,ifconfig-ipv6 fdda:d0d0:cafe:1197::1001/64 >fdda:d0d0:cafe:1197::,ifconfig 10.11.0.3 255.255.0.0,peer-id 1,cipher AES-256-GCM' Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: compression parms modified Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: --socket-flags option modified Tue Oct 5 06:19:29 2021 NOTE: setsockopt TCP_NODELAY=1 failed Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: --ifconfig/up options modified Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: route options modified Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: route-related options modified Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: peer-id set Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: adjusting link_mtu to 1624 Tue Oct 5 06:19:29 2021 OPTIONS IMPORT: data channel crypto options modified Tue Oct 5 06:19:29 2021 Data Channel: using negotiated cipher 'AES-256-GCM' Tue Oct 5 06:19:29 2021 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Tue Oct 5 06:19:29 2021 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Tue Oct 5 06:19:29 2021 ROUTE_GATEWAY 172.20.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:14:00:02 Tue Oct 5 06:19:29 2021 GDG6: remote_host_ipv6=n/a Tue Oct 5 06:19:29 2021 ROUTE6: default_gateway=UNDEF Tue Oct 5 06:19:29 2021 TUN/TAP device tun0 opened Tue Oct 5 06:19:29 2021 TUN/TAP TX queue length set to 100 Tue Oct 5 06:19:29 2021 /sbin/ip link set dev tun0 up mtu 1500 Tue Oct 5 06:19:29 2021 /sbin/ip addr add dev tun0 10.11.0.3/16 broadcast 10.11.255.255 Tue Oct 5 06:19:29 2021 /sbin/ip -6 addr add fdda:d0d0:cafe:1197::1001/64 dev tun0 RTNETLINK answers: Permission denied Tue Oct 5 06:19:29 2021 Linux ip -6 addr add failed: external program exited with error status: 2 Tue Oct 5 06:19:29 2021 Exiting due to fatal error

Mullvad VPN have so much problem with this. At mullvad VPN site i found that i should change my vpn config but i doesn't image

So, I googled it so much so i find that i could solve this problem with adding "--sysctl net.ipv6.conf.all.disable_ipv6=0" How could i insert this quote in my Docker?

adamlwgriffiths commented 2 years ago

The changes mentioned above should work. Try also removing the line tun-ipv6

After having done this, I can't access the web interface, I get: write UDPv4: Operation not permitted (code=1)

kozak-codes commented 2 years ago

Try adding

pull-filter ignore "dhcp-option DNS6"
pull-filter ignore "tun-ipv6"
pull-filter ignore "ifconfig-ipv6"

to your ovpn file and make sure you are running in privileged mode.

https://www.reddit.com/r/synology/comments/k6bmo8/how_to_setup_the_haugenetransmissionopenvpn/

https://github.com/haugene/docker-transmission-openvpn/issues/847#issuecomment-508707104

ntford commented 2 years ago

@KleptoKat Even with your additions to my .ovpn file I am still getting "write UDPv4: Operation not permitted (code=1)". In my docker-compose I have "privileged: true".

Any other suggestions?

kozak-codes commented 2 years ago

@ntford To be honest I gave up and went back to Transmission.

ntford commented 2 years ago

Actually after I added

pull-filter ignore "dhcp-option DNS6"
pull-filter ignore "tun-ipv6"
pull-filter ignore "ifconfig-ipv6"

I changed proto udp4 back to proto udp and the error went away and qbittorrent works.

Is there a way to confirm that the traffic is actually running through Mullvad?