Can't access web interface remotely

rgusick commented 6 years ago

I'm running on Ubuntu 18.04 with Docker version 18.03.0-ce, build 0520e24. I have port 8112 open in my firewall, and the below log shows an error loading "iptable_mangle", as well as "tun". I followed the remediation message for ubuntu (unRAID/Ubuntu users: Please attempt to load the module by executing the following on your host: '/sbin/modprobe iptable_mangle') and get the following error:

[root@034f1c6431f0 /]# /sbin/modprobe iptable_mangle modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.15.0-33-generic

Any help would be greatly appreciated. Robert

Created by...,
___.   .__       .__                   ,
\_ |__ |__| ____ |  |__   ____ ___  ___,
 | __ \|  |/    \|  |  \_/ __ \\  \/  /,
 | \_\ \  |   |  \   Y  \  ___/ >    < ,
 |___  /__|___|  /___|  /\___  >__/\_ \,
     \/        \/     \/     \/      \/,
   https://hub.docker.com/u/binhex/,
,
2018-08-23 16:04:15.365102 [info] System information Linux 034f1c6431f0 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 16:00:05 UTC 2018 x86_64 GNU/Linux,
2018-08-23 16:04:15.405281 [info] PUID defined as '130',
2018-08-23 16:04:15.456570 [info] PGID defined as '139',
2018-08-23 16:04:18.415454 [info] UMASK defined as '000',
2018-08-23 16:04:18.782792 [info] Permissions already set for volume mappings,
2018-08-23 16:04:18.925891 [info] VPN_ENABLED defined as 'yes',
2018-08-23 16:04:19.235958 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/Switzerland.ovpn,
dos2unix: converting file /config/openvpn/Switzerland.ovpn to Unix format...,
2018-08-23 16:04:19.420207 [info] VPN remote line defined as 'remote swiss.privateinternetaccess.com 1198',
2018-08-23 16:04:19.463605 [info] VPN_REMOTE defined as 'swiss.privateinternetaccess.com',
2018-08-23 16:04:19.522806 [info] VPN_PORT defined as '1198',
2018-08-23 16:04:19.606591 [info] VPN_PROTOCOL defined as 'udp',
2018-08-23 16:04:19.646909 [info] VPN_DEVICE_TYPE defined as 'tun0',
2018-08-23 16:04:19.689322 [info] VPN_PROV defined as 'pia',
2018-08-23 16:04:19.730983 [info] LAN_NETWORK defined as '192.168.18.0/24',
2018-08-23 16:04:19.771076 [info] NAME_SERVERS defined as '209.222.18.222,37.235.1.174,8.8.8.8,209.222.18.218,37.235.1.177,8.8.4.4',
2018-08-23 16:04:19.804255 [info] VPN_USER defined as '********',
2018-08-23 16:04:19.874782 [info] VPN_PASS defined as '**********',
2018-08-23 16:04:19.937824 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS),
2018-08-23 16:04:19.997364 [info] STRICT_PORT_FORWARD defined as 'yes',
2018-08-23 16:04:20.062313 [info] ENABLE_PRIVOXY defined as 'yes',
2018-08-23 16:04:21.146502 [info] Starting Supervisor...,
2018-08-23 16:04:22,161 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing,
2018-08-23 16:04:22,161 INFO Set uid to user 0 succeeded,
2018-08-23 16:04:22,237 INFO supervisord started with pid 7,
2018-08-23 16:04:23,239 INFO spawned: 'start-script' with pid 137,
2018-08-23 16:04:23,240 INFO spawned: 'deluge-script' with pid 138,
2018-08-23 16:04:23,243 INFO spawned: 'deluge-web-script' with pid 139,
2018-08-23 16:04:23,263 INFO spawned: 'privoxy-script' with pid 140,
2018-08-23 16:04:23,316 INFO reaped unknown pid 8,
2018-08-23 16:04:23,317 DEBG 'start-script' stdout output:,
[info] VPN is enabled, beginning configuration of VPN,
,
2018-08-23 16:04:23,317 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs),
2018-08-23 16:04:23,317 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs),
2018-08-23 16:04:23,320 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs),
2018-08-23 16:04:23,321 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs),
2018-08-23 16:04:23,321 DEBG 'deluge-script' stdout output:,
[info] Deluge config file already exists, skipping copy,
,
2018-08-23 16:04:23,324 DEBG 'deluge-script' stdout output:,
[info] VPN is enabled, checking VPN tunnel local ip is valid,
,
2018-08-23 16:04:23,715 DEBG 'start-script' stdout output:,
[info] Default route for container is 172.17.0.1,
,
2018-08-23 16:04:23,789 DEBG 'start-script' stdout output:,
[info] Adding 209.222.18.222 to /etc/resolv.conf,
,
2018-08-23 16:04:23,798 DEBG 'start-script' stdout output:,
[info] Adding 37.235.1.174 to /etc/resolv.conf,
,
2018-08-23 16:04:23,802 DEBG 'start-script' stdout output:,
[info] Adding 8.8.8.8 to /etc/resolv.conf,
,
2018-08-23 16:04:23,806 DEBG 'start-script' stdout output:,
[info] Adding 209.222.18.218 to /etc/resolv.conf,
,
2018-08-23 16:04:23,810 DEBG 'start-script' stdout output:,
[info] Adding 37.235.1.177 to /etc/resolv.conf,
,
2018-08-23 16:04:23,868 DEBG 'start-script' stdout output:,
[info] Adding 8.8.4.4 to /etc/resolv.conf,
,
2018-08-23 16:04:24,233 DEBG 'start-script' stdout output:,
[info] Attempting to load tun kernel module...,
,
2018-08-23 16:04:24,284 DEBG 'start-script' stderr output:,
modprobe: FATAL: Module tun not found in directory /lib/modules/4.15.0-33-generic,
,
2018-08-23 16:04:24,284 DEBG 'start-script' stdout output:,
[warn] Unable to load tun kernel module using modprobe, trying insmod...,
,
2018-08-23 16:04:24,295 DEBG 'start-script' stderr output:,
insmod: ERROR: could not load module /lib/modules/tun.ko: No such file or directory,
,
2018-08-23 16:04:24,296 DEBG 'start-script' stdout output:,
[warn] Unable to load tun kernel module, assuming its dynamically loaded,
,
2018-08-23 16:04:24,314 DEBG 'start-script' stdout output:,
[info] Attempting to load iptable_mangle module...,
,
2018-08-23 16:04:24,315 DEBG 'start-script' stderr output:,
modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.15.0-33-generic,
,
2018-08-23 16:04:24,315 DEBG 'start-script' stdout output:,
[warn] Unable to load iptable_mangle module using modprobe, trying insmod...,
,
2018-08-23 16:04:24,316 DEBG 'start-script' stderr output:,
insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory,
,
2018-08-23 16:04:24,316 DEBG 'start-script' stdout output:,
[warn] Unable to load iptable_mangle module, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN,
[info] unRAID/Ubuntu users: Please attempt to load the module by executing the following on your host: '/sbin/modprobe iptable_mangle',
[info] Synology users: Please attempt to load the module by executing the following on your host: 'insmod /lib/modules/iptable_mangle.ko',
,
2018-08-23 16:04:24,321 DEBG 'start-script' stdout output:,
[info] Adding 192.168.18.0/24 as route via docker eth0,
,
2018-08-23 16:04:24,323 DEBG 'start-script' stdout output:,
[info] ip route defined as follows...,
--------------------,
,
2018-08-23 16:04:24,324 DEBG 'start-script' stdout output:,
default via 172.17.0.1 dev eth0 ,
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.4 ,
192.168.18.0/24 via 172.17.0.1 dev eth0 ,
,
2018-08-23 16:04:24,325 DEBG 'start-script' stdout output:,
--------------------,
,
2018-08-23 16:04:24,358 DEBG 'start-script' stdout output:,
[info] Docker network defined as    172.17.0.0/16,
,
2018-08-23 16:04:24,796 DEBG 'start-script' stdout output:,
[info] iptables defined as follows...,
--------------------,
,
2018-08-23 16:04:24,799 DEBG 'start-script' stdout output:,
-P INPUT DROP,
-P FORWARD ACCEPT,
-P OUTPUT DROP,
-A INPUT -i tun0 -j ACCEPT,
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT,
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT,
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT,
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT,
-A INPUT -s 192.168.18.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT,
-A INPUT -s 192.168.18.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT,
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT,
-A INPUT -i lo -j ACCEPT,
-A OUTPUT -o tun0 -j ACCEPT,
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT,
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT,
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT,
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT,
-A OUTPUT -d 192.168.18.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT,
-A OUTPUT -s 172.17.0.0/16 -d 192.168.18.0/24 -o eth0 -p tcp -j ACCEPT,
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT,
-A OUTPUT -o lo -j ACCEPT,
,
2018-08-23 16:04:24,799 DEBG 'start-script' stdout output:,
--------------------,
,
2018-08-23 16:04:24,810 DEBG 'start-script' stdout output:,
fo] Starting OpenVPN...,
,
2018-08-23 16:04:24,938 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:24 2018 WARNING: file 'credentials.conf' is group or others accessible,
,
2018-08-23 16:04:24,938 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:24 2018 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018,
Thu Aug 23 16:04:24 2018 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10,
,
2018-08-23 16:04:24,941 DEBG 'start-script' stdout output:,
[info] OpenVPN started,
,
2018-08-23 16:04:24,977 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:24 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
,
2018-08-23 16:04:24,992 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:24 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]185.230.125.85:1198,
Thu Aug 23 16:04:24 2018 UDP link local: (not bound),
Thu Aug 23 16:04:24 2018 UDP link remote: [AF_INET]185.230.125.85:1198,
,
2018-08-23 16:04:25,532 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:25 2018 [652a7df4f46d8fe197fde759ddd2bb9e] Peer Connection Initiated with [AF_INET]185.230.125.85:1198,
,
2018-08-23 16:04:26,759 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:26 2018 auth-token received, disabling auth-nocache for the authentication token,
,
2018-08-23 16:04:26,760 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:26 2018 TUN/TAP device tun0 opened,
Thu Aug 23 16:04:26 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0,
Thu Aug 23 16:04:26 2018 /usr/bin/ip link set dev tun0 up mtu 1500,
,
2018-08-23 16:04:26,762 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:26 2018 /usr/bin/ip addr add dev tun0 local 10.47.10.6 peer 10.47.10.5,
,
2018-08-23 16:04:26,764 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:26 2018 /root/openvpnup.sh tun0 1500 1558 10.47.10.6 10.47.10.5 init,
,
2018-08-23 16:04:26,820 DEBG 'start-script' stdout output:,
Thu Aug 23 16:04:26 2018 Initialization Sequence Completed,
,
2018-08-23 16:04:26,895 DEBG 'privoxy-script' stdout output:,
[info] Configuring Privoxy...,
,
2018-08-23 16:04:27,038 DEBG 'deluge-script' stdout output:,
[info] Deluge not running,
[info] Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.47.10.6 different, marking for reconfigure,
,
2018-08-23 16:04:27,133 DEBG 'start-script' stdout output:,
[info] Attempting to curl http://209.222.18.222:2000/?client_id=38448f21beefcc90e4c72ecaba0e79540d6e635df1c665395cc3f6edc2525c6f...,
,
2018-08-23 16:04:27,171 DEBG 'privoxy-script' stdout output:,
[info] All checks complete, starting Privoxy...,
,
2018-08-23 16:04:27,234 DEBG 'privoxy-script' stderr output:,
2018-08-23 16:04:27.201 7f238d3a60c0 Info: Privoxy version 3.0.26,
2018-08-23 16:04:27.201 7f238d3a60c0 Info: Program name: /usr/bin/privoxy,
,
2018-08-23 16:04:27,511 DEBG 'start-script' stdout output:,
[info] Successfully retrieved external IP address 185.230.125.85,
,
2018-08-23 16:04:29,515 DEBG 'start-script' stdout output:,
[info] Curl successful for http://209.222.18.222:2000/?client_id=38448f21beefcc90e4c72ecaba0e79540d6e635df1c665395cc3f6edc2525c6f, response code 200,
,
2018-08-23 16:04:30,082 DEBG 'deluge-script' stdout output:,
[info] Attempting to start Deluge...,
,
2018-08-23 16:04:30,797 DEBG 'deluge-script' stdout output:,
[info] Deluge listening interface currently defined as 10.66.10.6,
[info] Deluge listening interface will be changed to 10.47.10.6,
[info] Saving changes to Deluge config file /config/core.conf...,
,
2018-08-23 16:04:31,471 DEBG 'deluge-web-script' stdout output:,
[info] Starting Deluge webui...,
,
2018-08-23 16:04:32,146 DEBG 'deluge-script' stdout output:,
Setting random_port to False..,
Configuration value successfully updated.,
,
2018-08-23 16:04:32,462 DEBG 'deluge-web-script' stderr output:,
/usr/lib/python2.7/site-packages/pkg_resources/__init__.py:1231: UserWarning: /home/nobody/.cache/Python-Eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable).,
  warnings.warn(msg, UserWarning),
,
2018-08-23 16:04:32,929 DEBG 'deluge-script' stdout output:,
Setting listen_ports to (28188, 28188)..,
Configuration value successfully updated.,
,
2018-08-23 16:04:32,969 DEBG 'deluge-script' stdout output:,
[info] Deluge started,
,

gurabli commented 6 years ago

I just started to experiment with DelugeVPN in Plexguide project. From your logs I see that you are missing the iptable_mangle module, the same happened on my VPS (Ubuntu Server 16.04). Prior starting DelugeVPN load the module:

modprobe iptable_mangle

To make it permanently, I think it needs to be added to /etc/modules and than run update-initramfs -u For me mangle is loaded and no errors in log, but still can't access WebUI from subdomain.

I'm sure binhex will find a solution for this:) Btw, there is a thread at Plexguide forums where some of us are having problems with DelugeVPN: Link

What I see there, if I deploy DelugeVPN, then PIA Netherland config is always loaded, even if I select Sweden at installation. I need to remove Netherland manually, but DelugeVPN still not accessible.

binhex commented 5 years ago

As this is more a question of how to load a specific os module i think you would have a lot more luck asking question on the forum for the os distro you are running.

@gurabli just FYI VPS is not supported, no LAN means no easy way to secure against ip leakage and still have web ui access.

binhex / arch-delugevpn

Can't access web interface remotely #71