search

edgd1er / nordlynx-proxy

use nordvpn app to open a vpn connection, run a socks proxy
16 stars 8 forks source link

Multiple errors in logs #43

Open KaKi87 opened 1 week ago

KaKi87 commented 1 week ago

Hi,

I'm seeing several errors when running docker compose logs :

proxy-1  | 2024/06/23 14:45:41 error retrieving nameservers: cdn api: X-Accept-Before UNIX value is lower than current local time
proxy-1  | Response: HTTP/3.0 200 - map[Alt-Svc:[h3=":443"; ma=86400] Cache-Control:[public, max-age=30, s-maxage=30, stale-if-error=120] Cf-Cache-Status:[DYNAMIC] Cf-Ray:[898493a508023c8c-CDG] Content-Encoding:[gzip] Content-Type:[application/json;charset=utf-8] Date:[Sun, 23 Jun 2024 12:45:42 GMT] Server:[cloudflare] Set-Cookie:[__cf_bm=...; path=/; expires=Sun, 23-Jun-24 13:15:42 GMT; domain=.nordvpn.com; HttpOnly; Secure; SameSite=None] Strict-Transport-Security:[max-age=31536000; includeSubDomains; preload] Vary:[Accept-Encoding] X-Accept-Before:[1719189938] X-Authorization:[key-id="rsa-key-1",algorithm="rsa-sha256"] X-Digest:[...] X-Host-Signature:[...] X-Signature:[...]] 
proxy-1  | Response: HTTP/3.0 200 - map[Alt-Svc:[h3=":443"; ma=86400] Cache-Control:[public, max-age=30, s-maxage=30, stale-if-error=120] Cf-Cache-Status:[DYNAMIC] Cf-Ray:[898493a528123c8c-CDG] Content-Encoding:[gzip] Content-Type:[application/json;charset=utf-8] Date:[Sun, 23 Jun 2024 12:45:42 GMT] Server:[cloudflare] Set-Cookie:[__cf_bm=...; path=/; expires=Sun, 23-Jun-24 13:15:42 GMT; domain=.nordvpn.com; HttpOnly; Secure; SameSite=None] Strict-Transport-Security:[max-age=31536000; includeSubDomains; preload] Vary:[Accept-Encoding] X-Accept-Before:[1719189939] X-Authorization:[key-id="rsa-key-1",algorithm="rsa-sha256"] X-Digest:[...] X-Host-Signature:[...] X-Signature:[...]] 
proxy-1  | 2024-06-23T12:45:44.089622Z ERROR libmoose::job: send_all_objs errored with error: Dispatch(DispatchError { reason: 520, message: "http error with RC 520" })
proxy-1  | Response: HTTP/1.1 200 - map[Alt-Svc:[h3=":443"; ma=86400] Cache-Control:[public, max-age=30, s-maxage=30, stale-if-error=120] Cf-Cache-Status:[DYNAMIC] Cf-Ray:[89849408186c00a4-CDG] Connection:[keep-alive] Content-Encoding:[gzip] Content-Length:[1784] Content-Type:[application/json;charset=utf-8] Date:[Sun, 23 Jun 2024 12:45:58 GMT] Server:[cloudflare] Set-Cookie:[__cf_bm=...; path=/; expires=Sun, 23-Jun-24 13:15:58 GMT; domain=.nordvpn.com; HttpOnly; Secure; SameSite=None] Strict-Transport-Security:[max-age=31536000; includeSubDomains; preload] Vary:[Accept-Encoding] X-Accept-Before:[1719189958] X-Authorization:[key-id="rsa-key-1",algorithm="rsa-sha256"] X-Digest:[...] X-Host-Signature:[...]] 
proxy-1  | Response: HTTP/1.1 200 - map[Alt-Svc:[h3=":443"; ma=86400] Cache-Control:[public, max-age=30, s-maxage=30, stale-if-error=120] Cf-Cache-Status:[DYNAMIC] Cf-Ray:[898494111ac7702a-CDG] Connection:[keep-alive] Content-Encoding:[gzip] Content-Length:[1784] Content-Type:[application/json;charset=utf-8] Date:[Sun, 23 Jun 2024 12:45:59 GMT] Server:[cloudflare] Set-Cookie:[__cf_bm=...; path=/; expires=Sun, 23-Jun-24 13:15:59 GMT; domain=.nordvpn.com; HttpOnly; Secure; SameSite=None] Strict-Transport-Security:[max-age=31536000; includeSubDomains; preload] Vary:[Accept-Encoding] X-Accept-Before:[1719189959] X-Authorization:[key-id="rsa-key-1",algorithm="rsa-sha256"] X-Digest:[...] X-Host-Signature:[...] X-Signature:[...]]

Here are the full logs : logs.txt

Also, here are the output of all troubleshooting commands :

root@30e1398d49b6:/app# checkhttp

root@30e1398d49b6:/app# checksocks

root@30e1398d49b6:/app# checkip

root@30e1398d49b6:/app# checkvpn
Disconnected
root@30e1398d49b6:/app# getcheck
bash: getcheck: command not found
root@30e1398d49b6:/app# getdante
grep: /etc/sockd.conf: No such file or directory
root@30e1398d49b6:/app# gettiny
User tinyproxy
Group tinyproxy
Port 8888
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatFile "/usr/share/tinyproxy/stats.html"
LogFile "/var/log/tinyproxy/tinyproxy.log"
LogLevel Info
PidFile "/run/tinyproxy/tinyproxy.pid"
MaxClients 100
Allow 127.0.0.1
Allow ::1
ViaProxyName "tinyproxy"

For authentication I set an access token in nordvpn_creds.

What to do ?

Thanks

edgd1er commented 1 week ago 
proxy-1  | 2024-06-23 14:46:01: ERROR: NORDVPN: cannot connect to fr
proxy-1  | 2024-06-23 14:46:01,149 WARN exited: start_vpn (exit status 1; not expected)

so startup script exited unexpectedly possibly because of 

proxy-1  | 2024/06/23 14:46:00 [Warning] removing suppress prefix rule: no such file or directory
proxy-1  | 2024/06/23 14:46:00 [Warning] removing fwmark rule: no such file or directory
proxy-1  | 2024/06/23 14:46:00 [Warning] removing suppress prefix rule: no such file or directory
proxy-1  | 2024/06/23 14:46:00 [Warning] removing fwmark rule: no such file or directory
proxy-1  | 2024/06/23 14:46:00 [Defer] unsetting rp filter: unsetting rp_filter: setting the value of 'net.ipv4.conf.all.rp_filter' to '1': setting net.ipv4.conf.all.rp_filter to 1: exit status 1: sysctl: permission denied on key "net.ipv4.conf.all.rp_filter"

version 3.17.x require privileged rights to execute. Did you add that to the launch command or to the docker-compose.yml ?

you could either try

KaKi87 commented 1 week ago

That works, thanks !

However, I'm downloading at 1.3 MB/s, on a server that can download way faster than that ?

PS : sorry for the version thing, I did read the README but understood it backwards, believing that older versions were the ones having an issue, instead of the opposite :sweat_smile:

edgd1er commented 1 week ago

PS : sorry for the version thing, I did read the README but understood it backwards, believing that older versions were the ones having an issue, instead of the opposite 😅 if this part is unclear, feel free to suggest a better wording.

As for the download rate, wireguard (nordlynx client) rate are 5 to 10 times better than openvpn's. The download rate depends highly on vpn's server usage and remote server(s). There was an api to monitor vpn's server usage that has been deprecated for a while. There is an alias dltest that is an estimation of the best download rate you could expect..

KaKi87 commented 1 week ago

wireguard (nordlynx client) rate are 5 to 10 times better than openvpn's

Exactly, for now I've actually been directly using their SOCKS5 proxies, which achieves 100 MB/s, but since my server can do better, I'd like to switch to WireGuard, on which NordVPN says they can deliver up to 10 Gbps.

There is an alias dltest that is an estimation of the best download rate you could expect

Yeah I'm doing almost the same thing xD

edgd1er commented 1 week ago

Exactly, for now I've actually been directly using their SOCKS5 proxies, which achieves 100 MB/s, but since my server can do better, I'd like to switch to WireGuard, on which NordVPN says they can deliver up to 10 Gbps.

Nordvpn by default is set to use wireguard (nordlynx) protocol. example from docker compose:

- TECHNOLOGY=NordLynx #OpenVPN or NordLynx

I can(t say if docker has a network limitation so other container also have access to the network

KaKi87 commented 1 week ago

a network limitation so other container also have access to the network

What do you mean ?

I'm accessing your container's proxy from the host.