search

MarkusMcNugen / docker-qBittorrentvpn

Docker container which runs a headless qBittorrent client with WebUI and optional OpenVPN
https://hub.docker.com/r/markusmcnugen/qbittorrentvpn/
GNU General Public License v3.0
171 stars 92 forks source link

DNS failed on Synology DS918+ #58

Open janusn opened 4 years ago

janusn commented 4 years ago

I cannot get DNS working on Synology DS918+. The same OpenVPN config file and credentials work on my phone and Mac.

# cat /etc/resolv.conf                                                                                                
nameserver      10.27.0.1                                                                                                                                 
domain  ngs                                                                                                                                               
nameserver 8.8.8.8                                                                                                                                        
nameserver 37.235.1.174                                                                                                                                   
nameserver 8.8.4.4                                                                                                                                        
nameserver 37.235.1.177                                                                                                                                   
# ping 8.8.8.8                                                                                                        
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.                                                                                                              
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=331 ms                                                                                                      
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=299 ms                                                                                                      
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=303 ms                                                                                                      
64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=308 ms                                                                                                      
^C                                                                                                                                                        
--- 8.8.8.8 ping statistics ---                                                                                                                           
4 packets transmitted, 4 received, 0% packet loss, time 3000ms                                                                                            
rtt min/avg/max/mdev = 299.747/310.635/331.381/12.353 ms                                                                                                  
# ping google.com                                                                                                     
ping: google.com: Temporary failure in name resolution                                                                                                    
# nslookup google.com                                                                                                 
;; connection timed out; no servers could be reached                                                                                                      

# nslookup google.com 8.8.8.8                                                                                         
;; connection timed out; no servers could be reached

Docker version:

$ docker -v
Docker version 18.09.8, build bfed4f5

docker config:

$ sudo docker inspect markusmcnugen-qbittorrentvpn1
[
    {
        "Id": "6ca10188252d09678321b6e5acda683ae30595baf3a56d40eb8d1450ed26769a",
        "Created": "2020-06-08T16:36:44.973421984Z",
        "Path": "/bin/bash",
        "Args": [
            "/etc/openvpn/start.sh"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 8169,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2020-06-08T16:49:09.995003547Z",
            "FinishedAt": "2020-06-08T16:48:53.00900966Z",
            "StartedTs": 1591634949,
            "FinishedTs": 1591634933
        },
        "Image": "sha256:76bbe926f3462e5d8af558a8613e518fac9921e2fe1ba750f5df0533879784ae",
        "ResolvConfPath": "/volume2/@docker/containers/6ca10188252d09678321b6e5acda683ae30595baf3a56d40eb8d1450ed26769a/resolv.conf",
        "HostnamePath": "/volume2/@docker/containers/6ca10188252d09678321b6e5acda683ae30595baf3a56d40eb8d1450ed26769a/hostname",
        "HostsPath": "/volume2/@docker/containers/6ca10188252d09678321b6e5acda683ae30595baf3a56d40eb8d1450ed26769a/hosts",
        "LogPath": "/volume2/@docker/containers/6ca10188252d09678321b6e5acda683ae30595baf3a56d40eb8d1450ed26769a/log.db",
        "Name": "/markusmcnugen-qbittorrentvpn1",
        "RestartCount": 0,
        "Driver": "btrfs",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "unconfined",
        "ExecIDs": [
            "8072314d61b204a38a2f11b0de32b524e3c40aa6baec9b2cfc7e5187a11e3f8f"
        ],
        "HostConfig": {
            "Binds": [
                "/volume2/Media/torrents/watch:/download:rw",
                "/volume2/Media/Docker Configs/qbittorrentvpn/config:/config:rw"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "db",
                "Config": {}
            },
            "NetworkMode": "bridge",
            "PortBindings": {
                "8080/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "18080"
                    }
                ],
                "8999/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": ""
                    }
                ],
                "8999/udp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": ""
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "shareable",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": true,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "Env": [
                "VPN_ENABLED=yes",
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "DEBIAN_FRONTEND=noninteractive",
                "LAN_NETWORK=10.27.0.0/24",
                "TZ=Europe/London",
                "PGID=100",
                "PUID=1038"
            ],
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 50,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": null,
            "ReadonlyPaths": null
        },
        "GraphDriver": {
            "Data": null,
            "Name": "btrfs"
        },
        "Mounts": [
            {
                "Type": "volume",
                "Name": "4c79634f6be9f857a44826e7a6fe8bf926bf0105d2f8867264d55160f395d3d4",
                "Source": "/volume2/@docker/volumes/4c79634f6be9f857a44826e7a6fe8bf926bf0105d2f8867264d55160f395d3d4/_data",
                "Destination": "/downloads",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            },
            {
                "Type": "bind",
                "Source": "/volume2/Media/torrents/watch",
                "Destination": "/download",
                "Mode": "rw",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "/volume2/Media/Docker Configs/qbittorrentvpn/config",
                "Destination": "/config",
                "Mode": "rw",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "markusmcnugen-qbittorrentvpn1",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "8080/tcp": {},
                "8999/tcp": {},
                "8999/udp": {}
            },
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": false,
            "Env": [
                "VPN_ENABLED=yes",
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "DEBIAN_FRONTEND=noninteractive",
                "LAN_NETWORK=10.27.0.0/24",
                "TZ=Europe/London",
                "PGID=100",
                "PUID=1038"
            ],
            "Cmd": [
                "/bin/bash",
                "/etc/openvpn/start.sh"
            ],
            "ArgsEscaped": true,
            "Image": "markusmcnugen/qbittorrentvpn:latest",
            "Volumes": {
                "/config": {},
                "/downloads": {}
            },
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {},
            "DDSM": false
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "a8f1a879a1f92ffab193a00508a17bb1c99da0ce6c4477f212e5e0522a9473ec",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "8080/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "18080"
                    }
                ],
                "8999/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "32772"
                    }
                ],
                "8999/udp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "32772"
                    }
                ]
            },
            "SandboxKey": "/var/run/docker/netns/a8f1a879a1f9",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "9fa94838044ee75d41dcc577ef2fba7c5a1307eb24fec410645fdc12d1cf6732",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.12",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:0c",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "8cb67d92dd634e17db3b2c3e2f2965dc2dd6ad62eb74a672c5414462d75df97c",
                    "EndpointID": "9fa94838044ee75d41dcc577ef2fba7c5a1307eb24fec410645fdc12d1cf6732",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.12",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:0c",
                    "DriverOpts": null
                }
            }
        }
    }
]

log:

$ sudo docker container logs markusmcnugen-qbittorrentvpn1
2020-06-08 16:49:10.050679 [info] VPN_ENABLED defined as 'yes'
2020-06-08 16:49:10.154362 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/alanlee.no-ip.com.ovpn
dos2unix: converting file /config/openvpn/alanlee.no-ip.com.ovpn to Unix format...
2020-06-08 16:49:10.255496 [info] VPN remote line defined as 'alanlee.no-ip.com 1194'
2020-06-08 16:49:10.316868 [info] VPN_REMOTE defined as 'alanlee.no-ip.com'
2020-06-08 16:49:10.377542 [info] VPN_PORT defined as '1194'
2020-06-08 16:49:10.451349 [info] VPN_PROTOCOL defined as 'udp'
2020-06-08 16:49:10.529998 [info] VPN_DEVICE_TYPE defined as 'tun0'
2020-06-08 16:49:10.589678 [info] LAN_NETWORK defined as '10.27.0.0/24'
2020-06-08 16:49:10.649080 [warn] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to Google and FreeDNS name servers
2020-06-08 16:49:10.708824 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2020-06-08 16:49:10.770638 [info] Adding 8.8.8.8 to resolv.conf
2020-06-08 16:49:10.832978 [info] Adding 37.235.1.174 to resolv.conf
2020-06-08 16:49:10.894769 [info] Adding 8.8.4.4 to resolv.conf
2020-06-08 16:49:10.955396 [info] Adding 37.235.1.177 to resolv.conf
2020-06-08 16:49:11.011984 [info] Starting OpenVPN...
Mon Jun  8 16:49:11 2020 WARNING: file 'credentials.conf' is group or others accessible
Mon Jun  8 16:49:11 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Mon Jun  8 16:49:11 2020 library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Mon Jun  8 16:49:11 2020 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Jun  8 16:49:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]42.3.114.43:1194
Mon Jun  8 16:49:11 2020 UDP link local: (not bound)
Mon Jun  8 16:49:11 2020 UDP link remote: [AF_INET]42.3.114.43:1194
Mon Jun  8 16:49:11 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jun  8 16:49:14 2020 [TS Series NAS] Peer Connection Initiated with [AF_INET]42.3.114.43:1194
Mon Jun  8 16:49:29 2020 TUN/TAP device tun2001 opened
Mon Jun  8 16:49:29 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jun  8 16:49:29 2020 /sbin/ip link set dev tun2001 up mtu 1500
Mon Jun  8 16:49:29 2020 /sbin/ip addr add dev tun2001 local 10.8.0.10 peer 10.8.0.9
Mon Jun  8 16:49:29 2020 Initialization Sequence Completed
2020-06-08 16:49:30.185429 [info] WebUI port defined as 
2020-06-08 16:49:30.248338 [info] LAN Network defined as 10.27.0.0/24
2020-06-08 16:49:30.308007 [info] Default gateway defined as 172.17.0.1
2020-06-08 16:49:30.374466 [info] ip route defined as follows...
--------------------
0.0.0.0/1 via 10.8.0.9 dev tun2001 
default via 172.17.0.1 dev eth0 
10.8.0.0/24 via 10.8.0.9 dev tun2001 
10.8.0.9 dev tun2001 proto kernel scope link src 10.8.0.10 
10.27.0.0/24 via 172.17.0.1 dev eth0 
42.3.114.43 via 172.17.0.1 dev eth0 
128.0.0.0/1 via 10.8.0.9 dev tun2001 
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.12 
--------------------
iptable_mangle          1656  0
ip_tables              14092  3 iptable_filter,iptable_mangle,iptable_nat
x_tables               16302  19 ip6table_filter,xt_ipvs,xt_iprange,xt_mark,xt_recent,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_limit,xt_state,xt_conntrack,xt_LOG,xt_nat,xt_multiport,iptable_filter,xt_REDIRECT,iptable_mangle,ip6_tables,xt_addrtype
2020-06-08 16:49:30.444368 [info] iptable_mangle support detected, adding fwmark for tables
2020-06-08 16:49:30.545403 [info] Docker network defined as 172.17.0.0/16
2020-06-08 16:49:30.652219 [info] iptables defined as follows...
--------------------
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
-A INPUT -s 10.27.0.0/24 -i eth0 -p tcp -m tcp --dport 8999 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
-A OUTPUT -d 10.27.0.0/24 -o eth0 -p tcp -m tcp --sport 8999 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
--------------------
Adding 100 group
groupadd: GID '100' already exists
Adding 1038 user
useradd: user 'qbittorent' already exists
2020-06-08 16:49:30.732376 [warn] UMASK not defined (via -e UMASK), defaulting to '002'
2020-06-08 16:49:30.789265 [info] Starting qBittorrent daemon...
Logging to /config/qBittorrent/data/logs/qbittorrent-daemon.log.
2020-06-08 16:49:31.856330 [info] qBittorrent PID: 246
2020-06-08 16:49:31.866822 [info] Started qBittorrent daemon successfully...