search

binhex / arch-qbittorrentvpn

Docker build script for Arch Linux base with qBittorrent, Privoxy and OpenVPN
GNU General Public License v3.0
466 stars 48 forks source link

Network issue since Docker and image update #266

Open elite4jonny opened 2 months ago

elite4jonny commented 2 months ago

Had this image running fine for a couple of years,

here is my last sucessful boot (I noticed the ip6tables issue and it seems to have been with me for a long time)

___.   .__       .__
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    <
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2024-08-19 17:48:47.547061 [info] System information Linux 264c2d6a96f1 6.1.0-22-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.94-1 (2024-06-21) x86_64 GNU/Linux
2024-08-19 17:48:47.600563 [info] PUID defined as '1000'
2024-08-19 17:48:47.661178 [info] PGID defined as '1000'
2024-08-19 17:48:47.727724 [info] UMASK defined as '000'
2024-08-19 17:48:47.790957 [info] Permissions already set for '/config'
2024-08-19 17:48:47.840253 [info] Deleting files in /tmp (non recursive)...
2024-08-19 17:48:47.890605 [info] VPN_ENABLED defined as 'yes'
2024-08-19 17:48:47.924040 [info] VPN_CLIENT defined as 'wireguard'
2024-08-19 17:48:47.957859 [info] VPN_PROV defined as 'AirVPN'
2024-08-19 17:48:48.147292 [info] WireGuard config file (conf extension) is located at /config/wireguard/wg0.conf
2024-08-19 17:48:48.231794 [info] VPN_REMOTE_SERVER defined as 'europe.vpn.airdns.org'
2024-08-19 17:48:48.267730 [info] VPN_REMOTE_PORT defined as '1637'
2024-08-19 17:48:48.298568 [info] VPN_DEVICE_TYPE defined as 'wg0'
2024-08-19 17:48:48.328557 [info] VPN_REMOTE_PROTOCOL defined as 'udp'
modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.1.0-22-amd64
ip6tables v1.8.10 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
2024-08-19 17:48:49.047229 [warn] ip6tables default policies not available, skipping ip6tables drops
2024-08-19 17:48:49.124636 [info] LAN_NETWORK defined as '192.168.1.0/24'
2024-08-19 17:48:49.194441 [info] LAN_NETWORK exported as '192.168.1.0/24'
2024-08-19 17:48:49.241679 [info] NAME_SERVERS defined as '84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1'
2024-08-19 17:48:49.275859 [warn] VPN_USER not defined (via -e VPN_USER), assuming authentication via other method
2024-08-19 17:48:49.308871 [warn] VPN_PASS not defined (via -e VPN_PASS), assuming authentication via other method
2024-08-19 17:48:49.342675 [info] ENABLE_PRIVOXY defined as 'no'
2024-08-19 17:48:49.377689 [info] VPN_INPUT_PORTS defined as '1234'
2024-08-19 17:48:49.414990 [info] VPN_OUTPUT_PORTS defined as '5678'
2024-08-19 17:48:49.448464 [info] ENABLE_STARTUP_SCRIPTS not defined (via -e ENABLE_STARTUP_SCRIPTS), defaulting to 'no'
2024-08-19 17:48:49.481152 [info] WEBUI_PORT defined as '8080'
2024-08-19 17:48:49.517233 [info] Starting Supervisor...
2024-08-19 17:48:49,855 INFO Included extra file "/etc/supervisor/conf.d/qbittorrent.conf" during parsing
2024-08-19 17:48:49,855 INFO Set uid to user 0 succeeded
2024-08-19 17:48:49,858 INFO supervisord started with pid 8
2024-08-19 17:48:50,861 INFO spawned: 'start-script' with pid 225
2024-08-19 17:48:50,863 INFO spawned: 'watchdog-script' with pid 226
2024-08-19 17:48:50,863 INFO reaped unknown pid 9 (exit status 0)
2024-08-19 17:48:50,874 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2024-08-19 17:48:50,874 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2024-08-19 17:48:50,874 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2024-08-19 17:48:50,882 DEBG 'start-script' stdout output:
[info] Adding 84.200.69.80 to /etc/resolv.conf

Here is my latest unsuccesful boot, I changed the wireguard config after experiencing problems, so that is why it shows a new server

Created by...
___.   .__       .__
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    <
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2024-08-22 17:39:21.151120 [info] System information Linux b5d189eacd8b 6.1.0-23-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.99-1 (2024-07-15) x86_64 GNU/Linux
2024-08-22 17:39:21.184630 [info] SHARED_NETWORK not defined (via -e SHARED_NETWORK), defaulting to 'no'
2024-08-22 17:39:21.216267 [info] PUID defined as '1000'
2024-08-22 17:39:21.290420 [info] PGID defined as '1000'
2024-08-22 17:39:21.327516 [info] UMASK defined as '000'
2024-08-22 17:39:21.359320 [info] Permissions already set for '/config'
2024-08-22 17:39:21.391566 [info] Deleting files in /tmp (non recursive)...
2024-08-22 17:39:21.433047 [info] VPN_ENABLED defined as 'yes'
2024-08-22 17:39:21.465912 [info] VPN_CLIENT defined as 'wireguard'
2024-08-22 17:39:21.497489 [info] VPN_PROV defined as 'AirVPN'
2024-08-22 17:39:21.546369 [info] WireGuard config file (conf extension) is located at /config/wireguard/wg0.conf
2024-08-22 17:39:21.590231 [info] VPN_REMOTE_SERVER defined as 'europe3.vpn.airdns.org'
2024-08-22 17:39:21.622663 [info] VPN_REMOTE_PORT defined as '1637'
2024-08-22 17:39:21.650638 [info] VPN_DEVICE_TYPE defined as 'wg0'
2024-08-22 17:39:21.678471 [info] VPN_REMOTE_PROTOCOL defined as 'udp'
2024-08-22 17:39:21.710109 [info] USERSPACE_WIREGUARD not defined (via -e USERSPACE_WIREGUARD), defaulting to 'no'
2024-08-22 17:39:21.741674 [info] NAME_SERVERS defined as '84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1'
modprobe: FATAL: Module ip6_tables not found in directory /lib/modules/6.1.0-23-amd64
ip6tables v1.8.10 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
2024-08-22 17:39:21.780432 [warn] ip6tables default policies not available, skipping ip6tables drops
Error: error sending query: Could not send or receive, because of network error
Error: error sending query: Could not send or receive, because of network error
Error: error sending query: Could not send or receive, because of network error

I am using the following command to launch:

sudo docker run -d --sysctl="net.ipv4.conf.all.src_valid_mark=1" --privileged=true -p 6881:6881 -p 6881:6881/udp -p 8080:8080 -p 8118:8118 --name=qbit -v /mnt/media:/data -v /mnt/media/config:/config -v /etc/localtime:/etc/localtime:ro -e VPN_ENABLED=yes -e VPN_PROV=AirVPN -e VPN_CLIENT=wireguard -e ENABLE_PRIVOXY=no -e LAN_NETWORK=192.168.1.0/24 -e NAME_SERVERS=84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1 -e VPN_INPUT_PORTS=1234 -e VPN_OUTPUT_PORTS=5678 -e DEBUG=false -e WEBUI_PORT=8080 -e UMASK=000 -e PUID=1000 -e PGID=1000 --restart unless-stopped binhex/arch-qbittorrentvpn

I can see that there are two lines that weren't there before

[info] SHARED_NETWORK not defined (via -e SHARED_NETWORK), defaulting to 'no'

And

[info] USERSPACE_WIREGUARD not defined (via -e USERSPACE_WIREGUARD), defaulting to 'no'

But I'm not sure why this is

elite4jonny commented 2 months ago

Ok, I have done some further troubleshooting. Switched to OpenVPN, and I get this debug line

[debug] Having issues resolving name 'no3.vpn.airdns.org', sleeping before retry...

Now if I manually resolve that name it is 185.206.225.61 I place that into the config, and I can connect to VPN

I guess I have two questions - what is going wrong to block the DNS resolution, and is it safe manually editing the config like this?

AnotherAsian123 commented 2 weeks ago

Ok, I have done some further troubleshooting. Switched to OpenVPN, and I get this debug line

[debug] Having issues resolving name 'no3.vpn.airdns.org', sleeping before retry...

Now if I manually resolve that name it is 185.206.225.61 I place that into the config, and I can connect to VPN

I guess I have two questions - what is going wrong to block the DNS resolution, and is it safe manually editing the config like this?

Hi @elite4jonny, I seem to be having the same issue, however i'm connecting to asia server on airvpn. How did you manually resolve the name? I'm new to unraid so still finding my way around. Sorry if it's an easy question.

elite4jonny commented 2 weeks ago

To lookup the IP manually go into the debug or config and find the server you're using (or a server pool) and type it into nslookup in the terminal

Eg:

Nslookup no3.airvpn.org

Or whatever your particular server is called. Then take that IP address and replace the name in the config with the IP address.

On Fri, 25 Oct 2024, 12:55 Jonathan Teo, @.***> wrote:

Ok, I have done some further troubleshooting. Switched to OpenVPN, and I get this debug line

[debug] Having issues resolving name 'no3.vpn.airdns.org', sleeping before retry...

Now if I manually resolve that name it is 185.206.225.61 I place that into the config, and I can connect to VPN

I guess I have two questions - what is going wrong to block the DNS resolution, and is it safe manually editing the config like this?

Hi @elite4jonny https://github.com/elite4jonny, I seem to be having the same issue, however i'm connecting to asia server on airvpn. How did you manually resolve the name? I'm new to unraid so still finding my way around. Sorry if it's an easy question.

— Reply to this email directly, view it on GitHub https://github.com/binhex/arch-qbittorrentvpn/issues/266#issuecomment-2437588597, or unsubscribe https://github.com/notifications/unsubscribe-auth/AE6HKVWSECA54FA6PHJPYQTZ5IWRZAVCNFSM6AAAAABM6RJDZOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZXGU4DQNJZG4 . You are receiving this because you were mentioned.Message ID: @.***>

AnotherAsian123 commented 2 weeks ago

Okay, I think I added it? I'm still getting the same error though. I can't access the webui at the moment. The server resolved to the ip 103.230.144.102 asdfasf23r

iceman73 commented 2 weeks ago

try enter some well known public dns server for this env variable

-e NAME_SERVERS=<name server ip(s)> \

use 8.8.8.8

AnotherAsian123 commented 2 weeks ago

try enter some well known public dns server for this env variable

-e NAME_SERVERS=<name server ip(s)> \

use 8.8.8.8

Yeah I added google's 8.8.8.8 as you said, but it still gives me that error.

AnotherAsian123 commented 2 weeks ago

Okay, i think i found out what was causing the issue. I had the Tailscale plugin installed and it was interfering with the connection for whatever reason. I uninstalled it and now i can access the webui for qbit.

elite4jonny commented 2 weeks ago

If you use Tailscales "Smart DNS" or however they name it, then it sends all DNS requests through tailscale. This is so you can give your devices names instead of using IP addresses. Not sure why the settings in the docker container can't over ride that. You can disable the behaviour in tailscale, think it's in the config on the website.

On Sat, 26 Oct 2024, 06:34 Jonathan Teo, @.***> wrote:

Okay, i think i found out what was causing the issue. I had the Tailscale plugin installed and it was interfering with the connection for whatever reason. I uninstalled it and now i can access the webui for qbit.

— Reply to this email directly, view it on GitHub https://github.com/binhex/arch-qbittorrentvpn/issues/266#issuecomment-2439361542, or unsubscribe https://github.com/notifications/unsubscribe-auth/AE6HKVW5YCIFDVXQS6AYKKDZ5MSW7AVCNFSM6AAAAABM6RJDZOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZZGM3DCNJUGI . You are receiving this because you were mentioned.Message ID: @.***>

AnotherAsian123 commented 1 week ago

If you use Tailscales "Smart DNS" or however they name it, then it sends all DNS requests through tailscale. This is so you can give your devices names instead of using IP addresses. Not sure why the settings in the docker container can't over ride that. You can disable the behaviour in tailscale, think it's in the config on the website. On Sat, 26 Oct 2024, 06:34 , @.> wrote: Okay, i think i found out what was causing the issue. I had the Tailscale plugin installed and it was interfering with the connection for whatever reason. I uninstalled it and now i can access the webui for qbit. — Reply to this email directly, view it on GitHub <#266 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/AE6HKVW5YCIFDVXQS6AYKKDZ5MSW7AVCNFSM6AAAAABM6RJDZOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZZGM3DCNJUGI . You are receiving this because you were mentioned.Message ID: @.>

Hey, that works! Tailscale calls it "MagicDNS" and can be found in the DNS section of the Tailscale dashboard, not in the unraid plugin. You are one smart cookie @elite4jonny. I never even thought of that. Thank you heaps!