guillaumedsde
commented
4 years ago Hi :wave: dropping default route is not compatible with all VPN provider: see here.
If your provider isnt compatible, then, non VPN traffic might still be allowed through, however, the qbittorrent config is modified on every container startup to bind to the the VPN IP address which should make it use the VPN tunnel.
Describe the problem
So before I discovered the fact that in order to prevent IP leaks, you need to set the variable DROP_DEFAULT ROUTE to true. This was causing me to have IP leaks every time I restarted the container. Now after making that change, it isn't showing my IP anymore when I use ipleak.net's torrent test. However, if I restart the container and immediately run curl to discover my IP address
sudo docker restart containername && sudo docker exec -it containername curl ifconfig.me, it shows my real IP address even though the default route isn't in the routing tables. Add your docker run commandIts kinda jank since I bypassed the authentication built in and default presets.
sudo docker create \--name=qbittorrent \--cap-add=NET_ADMIN \-v /home/docker/qbittorrent/data/:/data \-v /home/docker/qbittorrent/downloads:/config/qBittorrent/downloads/ \-v /home/docker/qbittorrent/config/:/etc/openvpn/custom/ \-v /mnt/gdrive:/mnt/gdrive/ \-v /home/docker/default-wflixus.ovpn:/etc/openvpn/custom/default.ovpn \-v /home/docker/auth.txt:/etc/openvpn/auth.txt \-v /etc/localtime:/etc/localtime:ro \-e CREATE_TUN_DEVICE=true \-e DROP_DEFAULT_ROUTE=true \-e OPENVPN_PROVIDER=CUSTOM \-e OPENVPN_USERNAME=blam \-e OPENVPN_PASSWORD=blam \-e WEBPROXY_ENABLED=false \-e LOCAL_NETWORK=192.168.1.0/24 \--log-driver json-file \--log-opt max-size=10m \-e PUID=1000 \-e PGID=1000 \-p 8080:8080 \--dns 10.255.255.1 \--dns 1.1.1.1 \--dns 1.0.0.1 \--restart unless-stopped \guillaumedsde/qbittorrent-openvpnLogs
Host system:
Linux hostname 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux Docker version 19.03.8, build afacb8b7f0