search

binhex / arch-delugevpn

Docker build script for Arch Linux base with Deluge, Privoxy and OpenVPN
GNU General Public License v3.0
691 stars 112 forks source link

Synology DSM 5.2 ERROR: Cannot open TUN/TAP #67

Closed claystation closed 6 years ago

claystation commented 6 years ago

Hi, trying to get this container to work on Synology DSM 5.2. But i keep running into an error.

Command i am trying to run (I use PIA):

docker run -d \
    --cap-add=NET_ADMIN \
    -p 8112:8112 \
    -p 8118:8118 \
    -p 58846:58846 \
    -p 58946:58946 \
    --name=delugevpn \
    -v /volume1/docker/deluge/data:/data \
    -v /volume1/docker/deluge/config:/config \
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER=username \
    -e VPN_PASS=password \
    -e VPN_PROV=pia \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=yes \
    -e LAN_NETWORK=192.168.2.0/24 \
    -e NAME_SERVERS=209.222.18.222,37.235.1.174,1.1.1.1,8.8.8.8,209.222.18.218,37.235.1.177,1.0.0.1,8.8.4.4 \
    -e DEBUG=true \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-delugevpn

Supervisord log:

Created by...
___.   .__       .__                   
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    < 
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2018-06-22 09:52:56.671240 [info] System information Linux 4c4a7a3b5e3a 3.10.35 #1 SMP Sun Jul 17 16:02:22 CEST 2016 x86_64 GNU/Linux
2018-06-22 09:52:56.719484 [info] PUID defined as '0'
2018-06-22 09:52:56.803428 [info] PGID defined as '0'
2018-06-22 09:52:56.912844 [info] UMASK defined as '000'
2018-06-22 09:52:56.961277 [info] Setting permissions recursively on volume mappings...
2018-06-22 09:52:57.018880 [info] VPN_ENABLED defined as 'yes'
2018-06-22 09:52:57.072981 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/Switzerland.ovpn
dos2unix: converting file /config/openvpn/Switzerland.ovpn to Unix format...
2018-06-22 09:52:57.194636 [info] VPN remote line defined as 'remote swiss.privateinternetaccess.com 1198'
2018-06-22 09:52:57.242982 [info] VPN_REMOTE defined as 'swiss.privateinternetaccess.com'
2018-06-22 09:52:57.291737 [info] VPN_PORT defined as '1198'
2018-06-22 09:52:57.344511 [info] VPN_PROTOCOL defined as 'udp'
2018-06-22 09:52:57.393127 [info] VPN_DEVICE_TYPE defined as 'tun0'
2018-06-22 09:52:57.441458 [info] VPN_PROV defined as 'pia'
2018-06-22 09:52:57.489672 [info] LAN_NETWORK defined as '192.168.2.0/24'
2018-06-22 09:52:57.538912 [info] NAME_SERVERS defined as '209.222.18.222,37.235.1.174,1.1.1.1,8.8.8.8,209.222.18.218,37.235.1.177,1.0.0.1,8.8.4.4'
2018-06-22 09:52:57.587293 [info] VPN_USER defined as 'username'
2018-06-22 09:52:57.637195 [info] VPN_PASS defined as 'password'
2018-06-22 09:52:57.693699 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2018-06-22 09:52:57.744301 [info] STRICT_PORT_FORWARD defined as 'yes'
2018-06-22 09:52:57.792717 [info] ENABLE_PRIVOXY defined as 'yes'
2018-06-22 09:52:57.872125 [info] Starting Supervisor...
2018-06-22 09:52:58,141 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2018-06-22 09:52:58,141 INFO Set uid to user 0 succeeded
2018-06-22 09:52:58,145 INFO supervisord started with pid 5
2018-06-22 09:52:59,148 INFO spawned: 'start-script' with pid 139
2018-06-22 09:52:59,151 INFO spawned: 'deluge-script' with pid 140
2018-06-22 09:52:59,154 INFO spawned: 'deluge-web-script' with pid 141
2018-06-22 09:52:59,157 INFO spawned: 'privoxy-script' with pid 142
2018-06-22 09:52:59,158 INFO reaped unknown pid 6
2018-06-22 09:52:59,160 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2018-06-22 09:52:59,161 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2018-06-22 09:52:59,161 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2018-06-22 09:52:59,161 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2018-06-22 09:52:59,162 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2018-06-22 09:52:59,162 DEBG 'deluge-script' stdout output:
[info] Deluge config file doesn't exist, copying default...

2018-06-22 09:52:59,163 DEBG 'start-script' stdout output:
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="4" [2]="19" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.19(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_PRIVOXY=yes
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=4c4a7a3b5e3a
HOSTTYPE=x86_64
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.2.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=209.222.18.222,37.235.1.174,1.1.1.1,8.8.8.8,209.222.18.218,37.235.1.177,1.0.0.1,8.8.4.4
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=0
PIPESTATUS=([0]="0")
PPID=5
PS4='+ '
PUID=0
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRICT_PORT_FORWARD=yes
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
UID=0
UMASK=000
VPN_CONFIG=/config/openvpn/Switzerland.ovpn
VPN_DEVICE_TYPE=tun0
VPN_ENABLED=yes
VPN_OPTIONS=
VPN_PASS=password
VPN_PORT=1198
VPN_PROTOCOL=udp
VPN_PROV=pia
VPN_REMOTE=swiss.privateinternetaccess.com
VPN_USER=username
_='[debug] Environment variables defined as follows'
[debug] Directory listing of files in /config/openvpn as follows

2018-06-22 09:52:59,165 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2018-06-22 09:52:59,165 DEBG 'deluge-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-06-22 09:52:59,170 DEBG 'start-script' stdout output:
total 20
drwxrwxr-x 2 root root 4096 Jun 22 09:52 .
drwxrwxr-x 3 root root 4096 Jun 22 09:52 ..
-rwxrwxr-x 1 root root 2025 Jun  4 12:37 ca.rsa.2048.crt
-rwxrwxr-x 1 root root  869 Jun  4 12:37 crl.rsa.2048.pem
-rwxrwxr-x 1 root root  281 Jun 22 09:52 Switzerland.ovpn

2018-06-22 09:52:59,172 DEBG 'privoxy-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-06-22 09:52:59,256 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/Switzerland.ovpn as follows...

2018-06-22 09:52:59,257 DEBG 'start-script' stdout output:
remote swiss.privateinternetaccess.com 1198
client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
comp-lzo
verb 1
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ

2018-06-22 09:52:59,272 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.42.1

2018-06-22 09:52:59,278 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf

2018-06-22 09:52:59,283 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2018-06-22 09:52:59,289 DEBG 'start-script' stdout output:
[info] Adding 1.1.1.1 to /etc/resolv.conf

2018-06-22 09:52:59,295 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf

2018-06-22 09:52:59,300 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf

2018-06-22 09:52:59,305 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2018-06-22 09:52:59,310 DEBG 'start-script' stdout output:
[info] Adding 1.0.0.1 to /etc/resolv.conf

2018-06-22 09:52:59,316 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf

2018-06-22 09:52:59,438 DEBG 'start-script' stdout output:
[info] Remote VPN endpoint resolves to the following A record(s)...
82.102.24.252 185.230.125.34 185.230.125.40 185.230.125.38 185.230.125.39 185.230.125.44 185.230.125.43 82.102.24.162 185.230.125.84 185.230.125.36 185.230.125.45 185.230.125.86 185.230.125.47

2018-06-22 09:52:59,462 DEBG 'start-script' stdout output:
[info] Attempting to load iptable_mangle module...

2018-06-22 09:52:59,463 DEBG 'start-script' stderr output:
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/3.10.35

2018-06-22 09:52:59,464 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module using modprobe, trying insmod...

2018-06-22 09:52:59,465 DEBG 'start-script' stderr output:
insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory

2018-06-22 09:52:59,466 DEBG 'start-script' stdout output:
[warn] Unable to load iptable_mangle module, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN
[info] unRAID/Ubuntu users: Please attempt to load the module by executing the following on your host: '/sbin/modprobe iptable_mangle'
[info] Synology users: Please attempt to load the module by executing the following on your host: 'insmod /lib/modules/iptable_mangle.ko'
[debug] Show name servers defined for container

2018-06-22 09:52:59,466 DEBG 'start-script' stdout output:
nameserver 209.222.18.222
nameserver 37.235.1.174
nameserver 1.1.1.1
nameserver 8.8.8.8
nameserver 209.222.18.218
nameserver 37.235.1.177
nameserver 1.0.0.1
nameserver 8.8.4.4
[debug] Show name resolution for VPN endpoint swiss.privateinternetaccess.com

2018-06-22 09:52:59,512 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 7682
;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; swiss.privateinternetaccess.com. IN  A

;; ANSWER SECTION:
swiss.privateinternetaccess.com.    300 IN  A   82.102.24.168
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.82
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.85
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.94
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.52
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.44
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.49
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.53
swiss.privateinternetaccess.com.    300 IN  A   82.102.24.250
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.34
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.38
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.37
swiss.privateinternetaccess.com.    300 IN  A   185.230.125.40

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 42 msec
;; SERVER: 37.235.1.174
;; WHEN: Fri Jun 22 09:52:59 2018
;; MSG SIZE  rcvd: 257

2018-06-22 09:52:59,513 DEBG 'start-script' stdout output:
[debug] Show contents of hosts file
172.17.0.9  4c4a7a3b5e3a
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
82.102.24.252    swiss.privateinternetaccess.com

2018-06-22 09:52:59,518 DEBG 'start-script' stdout output:
[info] Adding 192.168.2.0/24 as route via docker eth0

2018-06-22 09:52:59,520 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2018-06-22 09:52:59,521 DEBG 'start-script' stdout output:
default via 172.17.42.1 dev eth0 

2018-06-22 09:52:59,522 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.9 

2018-06-22 09:52:59,522 DEBG 'start-script' stdout output:
192.168.2.0/24 via 172.17.42.1 dev eth0 

2018-06-22 09:52:59,523 DEBG 'start-script' stdout output:
--------------------
[debug] Modules currently loaded for kernel

2018-06-22 09:52:59,531 DEBG 'start-script' stdout output:
Module                  Size  Used by
bridge                 54757  0
stp                     1525  1 bridge
aufs                  182453  829
macvlan                 8709  0
veth                    4271  0
xt_conntrack            2977  4
xt_addrtype             2789  1
ipt_MASQUERADE          1610  7
xt_REDIRECT             1542  0
xt_nat                  1745  6
iptable_nat             2622  1
nf_nat_ipv4             3376  1 iptable_nat
nf_nat                 11462  5 ipt_MASQUERADE,nf_nat_ipv4,xt_nat,xt_REDIRECT,iptable_nat
cifs                  247268  0
udf                    78298  0
isofs                  31935  0
loop                   17688  0
nf_conntrack_ipv6       6267  2
nf_defrag_ipv6         22249  1 nf_conntrack_ipv6
ip6table_filter         1236  2
ip6_tables             16272  1 ip6table_filter
xt_geoip                2934  0
xt_recent               8132  0
xt_iprange              1448  0
xt_limit                1721  0
xt_state                1135  0
xt_tcpudp               2311  22
xt_multiport            1630  22
xt_LOG                 12099  0
nf_conntrack_ipv4      11115  3
nf_defrag_ipv4          1147  1 nf_conntrack_ipv4
nf_conntrack           52846  8 ipt_MASQUERADE,nf_nat,xt_state,nf_nat_ipv4,xt_conntrack,iptable_nat,nf_conntrack_ipv4,nf_conntrack_ipv6
iptable_filter          1296  2
ip_tables              15570  2 iptable_filter,iptable_nat
x_tables               15527  17 ip6table_filter,xt_iprange,xt_recent,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_geoip,xt_limit,xt_state,xt_conntrack,xt_LOG,xt_nat,xt_multiport,iptable_filter,xt_REDIRECT,ip6_tables,xt_addrtype
hid_generic             1057  0
usbhid                 26686  0
hid                    82504  2 hid_generic,usbhid
usblp                  10674  0
usb_storage            46383  1
oxu210hp_hcd           24469  0
bromolow_synobios      43808  0
btrfs                 788682  0
synoacl_vfs            17043  1
zlib_deflate           20180  1 btrfs
hfsplus                91979  0
md4                     3337  0
hmac                    2793  0
mlx_compat              5376  0
tn40xx                 24739  0
fuse                   74004  0
vfat                   10009  1
fat                    50784  1 vfat
glue_helper             3914  0
lrw                     3309  0
gf128mul                5346  1 lrw
ablk_helper             1684  0
arc4                    1847  0
rng_core                3520  0
cpufreq_conservative     6240  0
cpufreq_powersave        862  0
cpufreq_performance      866  4
cpufreq_ondemand        8039  0
acpi_cpufreq            6982  0
mperf                   1107  1 acpi_cpufreq
processor              26471  1 acpi_cpufreq
cpufreq_stats           2985  0
freq_table              2380  3 cpufreq_stats,cpufreq_ondemand,acpi_cpufreq
dm_snapshot            26740  0
crc_itu_t               1235  1 udf
quota_v2                3783  2
quota_tree              7970  1 quota_v2
psnap                   1717  0
p8022                    979  0
llc                     3441  4 stp,p8022,psnap,bridge
sit                    14446  0
tunnel4                 2061  1 sit
ip_tunnel              11572  1 sit
zram                    8191  4
r8152                  49404  0
asix                   20370  0
ax88179_178a           16864  0
usbnet                 18137  2 asix,ax88179_178a
etxhci_hcd             84833  0
xhci_hcd               84493  0
ehci_pci                3504  0
ehci_hcd               39963  1 ehci_pci
uhci_hcd               22668  0
ohci_hcd               21168  0
usbcore               176728  14 asix,etxhci_hcd,r8152,usblp,uhci_hcd,oxu210hp_hcd,usb_storage,ohci_hcd,ehci_hcd,ehci_pci,usbhid,usbnet,ax88179_178a,xhci_hcd
usb_common              1488  1 usbcore
hptiop                 15828  0
3w_sas                 21786  0
3w_9xxx                33873  0
mvsas                  51605  0
cciss                  50556  0
hpsa                   87790  0
arcmsr                 28228  0
pm80xx                134800  0
aic94xx                72946  0
megaraid_sas          138070  0
megaraid_mbox          29835  0
megaraid_mm             7816  
2018-06-22 09:52:59,534 DEBG 'start-script' stdout output:
1 megaraid_mbox
nvme                   40947  0
mpt3sas               220677  0
mptsas                 39249  0
mptspi                 13047  0
mptscsih               18838  2 mptsas,mptspi
mptbase                62504  3 mptsas,mptspi,mptscsih
scsi_transport_spi     19551  1 mptspi
sg                     25017  0
ata_piix               24664  0
sata_uli                3004  0
sata_svw                4453  0
sata_qstor              5612  0
sata_sis                3884  0
pata_sis               10858  1 sata_sis
stex                   15005  0
sata_sx4                9284  0
sata_promise           10799  0
sata_nv                20623  0
sata_via                7803  0
sata_sil                7783  0
pata_amd               11054  0
pdc_adma                5868  0
pata_via                8827  0
pata_jmicron            2395  0
iscsi_tcp               8897  0
libiscsi_tcp           12850  1 iscsi_tcp
libiscsi               35195  2 libiscsi_tcp,iscsi_tcp
enic                   54982  0
qlge                   79283  0
qlcnic                214986  0
qla3xxx                36934  0
netxen_nic             98970  0
mlx4_en                67584  0
mlx4_core             169852  1 mlx4_en
cxgb4                 115680  0
cxgb3                 134726  0
cnic                   71038  0
ipv6                  303225  201 sit,nf_defrag_ipv6,nf_conntrack_ipv6
bnx2x                1430214  0
bna                   122380  0
be2net                 89072  0
sis900                 20811  0
sis190                 17297  0
jme                    34677  0
atl1e                  28011  0
atl1c                  33596  0
atl2                   23124  0
atl1                   30315  0
alx                    26373  0
sky2                   47242  0
skge                   38482  0
via_velocity           30007  0
crc_ccitt               1235  1 via_velocity
via_rhine              21014  0
r8101                 126514  0
r8168                 323361  0
r8169                  32725  0
8139too                18685  0
8139cp                 20694  0
tg3                   171348  0
broadcom                7174  0
b44                    26983  0
bnx2                  189638  0
ssb                    38587  1 b44
uio                     7592  1 cnic
forcedeth              55647  0
i40e                  249005  0
ixgbe                 247631  0
ixgb                   37937  0
igb                   178198  0
ioatdma                44390  0
e1000e                168235  0
e1000                 100754  0
e100                   29844  0
dca                     4600  3 igb,ixgbe,ioatdma
pcnet32                31251  0
amd8111e               16602  0
mdio                    3365  3 alx,bnx2x,cxgb3
mii                     3803  15 b44,jme,e100,asix,atl1,r8152,via_rhine,sis190,sis900,usbnet,pcnet32,amd8111e,8139cp,8139too,ax88179_178a
evdev                   9156  0
button                  4320  0
thermal_sys            18275  1 processor
compat                  4529  1 mlx_compat
cryptd                  7040  1 ablk_helper
ecryptfs               75063  0
sha512_generic          4976  0
sha256_generic          9884  0
sha1_generic            2206  0
ecb                     1849  0
aes_x86_64              7239  0
authenc                 6600  0
des_generic            15915  0
libcrc32c                906  1 bnx2x
ansi_cprng              3445  0
cts                     3968  0
md5                     2153  0
cbc                     2448  0

2018-06-22 09:52:59,551 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0

2018-06-22 09:52:59,557 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.9

2018-06-22 09:52:59,562 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0

2018-06-22 09:52:59,573 DEBG 'start-script' stdout output:
[info] Docker network defined as    172.17.0.0/16

2018-06-22 09:52:59,650 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2018-06-22 09:52:59,654 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.2.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 192.168.2.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.2.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 192.168.2.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2018-06-22 09:52:59,656 DEBG 'start-script' stdout output:
--------------------

2018-06-22 09:52:59,657 DEBG 'start-script' stdout output:
[debug] OpenVPN command line:- /usr/bin/openvpn --daemon --reneg-sec 0 --mute-replay-warnings --auth-nocache --setenv VPN_PROV 'pia' --setenv DEBUG 'true' --setenv VPN_DEVICE_TYPE 'tun0' --setenv VPN_REMOTE 'swiss.privateinternetaccess.com' --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --writepid /root/openvpn.pid --remap-usr1 SIGHUP --log-append /dev/stdout --pull-filter ignore 'up' --pull-filter ignore 'down' --pull-filter ignore 'route-ipv6' --pull-filter ignore 'ifconfig-ipv6' --pull-filter ignore 'tun-ipv6' --pull-filter ignore 'persist-tun' --pull-filter ignore 'reneg-sec' --remote 82.102.24.252 1198 udp --remote 185.230.125.34 1198 udp --remote 185.230.125.40 1198 udp --remote 185.230.125.38 1198 udp --remote 185.230.125.39 1198 udp --remote 185.230.125.44 1198 udp --remote 185.230.125.43 1198 udp --remote 82.102.24.162 1198 udp --remote 185.230.125.84 1198 udp --remote 185.230.125.36 1198 udp --remote 185.230.125.45 1198 udp --remote 185.230.125.86 1198 udp --remote 185.230.125.47 1198 udp --remote-random --keepalive 10 60 --setenv STRICT_PORT_FORWARD 'yes' --disable-occ --auth-user-pass credentials.conf --cd /config/openvpn --config '/config/openvpn/Switzerland.ovpn'
[info] Starting OpenVPN...

2018-06-22 09:52:59,668 DEBG 'start-script' stdout output:
Fri Jun 22 09:52:59 2018 WARNING: file 'credentials.conf' is group or others accessible

2018-06-22 09:52:59,669 DEBG 'start-script' stdout output:
Fri Jun 22 09:52:59 2018 OpenVPN 2.4.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar  1 2018
Fri Jun 22 09:52:59 2018 library versions: OpenSSL 1.1.0g  2 Nov 2017, LZO 2.10

2018-06-22 09:52:59,670 DEBG 'start-script' stdout output:
[info] OpenVPN started

2018-06-22 09:52:59,670 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...
Fri Jun 22 09:52:59 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2018-06-22 09:52:59,672 DEBG 'start-script' stdout output:
Fri Jun 22 09:52:59 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]82.102.24.252:1198
Fri Jun 22 09:52:59 2018 UDP link local: (not bound)

2018-06-22 09:52:59,672 DEBG 'start-script' stdout output:
Fri Jun 22 09:52:59 2018 UDP link remote: [AF_INET]82.102.24.252:1198

2018-06-22 09:52:59,783 DEBG 'start-script' stdout output:
Fri Jun 22 09:52:59 2018 [84c7c1a94fa3d3a25b751a777d024efb] Peer Connection Initiated with [AF_INET]82.102.24.252:1198

2018-06-22 09:53:05,888 DEBG 'start-script' stdout output:
Fri Jun 22 09:53:05 2018 auth-token received, disabling auth-nocache for the authentication token

2018-06-22 09:53:05,909 DEBG 'start-script' stdout output:
Fri Jun 22 09:53:05 2018 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Fri Jun 22 09:53:05 2018 Exiting due to fatal error

I tried the command with --privileged, --net-cap=NET_ADMIN or both. I tried the --device=/dev/net/tun. Also, i verified the /dev/net/tun adapter exists on my host. 

# ls -l /dev/net/
crw-------    1 root     root       10, 200 Jun 22 10:03 tun

Totally out of options and no clue what to do. Anyone got a suggestion?

DSM Version: DSM 5.2-5967 Docker version: 1.6.2 build a263667

claystation commented 6 years ago

The solution for this was running insmod /lib/modules/tun.ko and insmod /lib/modules/iptable_mangle.ko before running the container. See this https://lime-technology.com/forums/topic/44109-support-binhex-delugevpn/?page=58&tab=comments#comment-542434