GPSMapper
commented
4 years ago Same issue was reported here, closed without clear comments https://github.com/haugene/docker-transmission-openvpn/issues/1153
Closed GPSMapper closed 4 years ago
GPSMapper
commented
4 years ago Same issue was reported here, closed without clear comments https://github.com/haugene/docker-transmission-openvpn/issues/1153
GPSMapper
commented
4 years ago OK, I've been talking to NordVPN support and takeaway was very confusing as they have stated that NordVPN API has never been public and external calls should not be normally working... but they apparently do...
so, after reviewing the logs I have realized that maybe my own internet IP was blacklisted by API server, because docker was restarting every 30 seconds or so during last 4-16 hours. So probably it was temp blacklisted. So, I have tested the same API calls from another public IP and they worked!
And after a few hours, my IP got unblocked and API calls are working again.
HOWEVER, the root cause is not resolved. When I had installed Docker on my qnap and configured the container - it was working fine. But I was doing numerous changes to the ENV file, stopping and restarting docker and ended up with the situation that Transmission container was restarting every 20-40 seconds without any obvious reason, connection established, all good, no errors... 20 seconds... restart (nothing suspicious in the log)
I have tried almost everything, even uninstalled docker station and cleaned up all files, did a fresh install with basic config which was 100% working before - no luck. Container kept restarting every 30 sec or so.
At the end I've restarted QNAP (it was middle of the night) and thought I would try again in the morning.... Next day when I've logged to the NAS - container was UP and Running smoothly! Every 60 mins was refreshing the key. Everything remained smooth even after 2 days, so I decided that it was some weird issue with cache on NAS which was resolved by reboot.
But it seems yesterday/today this has reoccured, no changes were made to the NAS/config/container - but container now began restarting every 30 seconds again....
UPDATE: After another QNAP reboot container seems to be running OK. I'll monitor the situation for the next few days, please keep this opened for a while...
screwfaze
commented
4 years ago I too am having this problem and have tried downgrading but did not work so looking for any advice. Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/nordvpn/default.ovpn:1: html (2.4.4)
Thanks
GPSMapper
commented
4 years ago screwfaze, please share the log, as the RC could be different. In my case container started to restart every 30 sec and was spamming NordVPN API with calls. So my IP got blacklisted for some time and script was not getting proper configs from API.
screwfaze
commented
4 years ago screwfaze, please share the log, as the RC could be different. In my case container started to restart every 30 sec and was spamming NordVPN API with calls. So my IP got blacklisted for some time and script was not getting proper configs from API. Here is the log below and thanks for replying let me know if this is what you need.
adding route to local network 192.168.0.0/24 via 172.20.0.1 dev eth0 Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/nordvpn/default.ovpn:1: html (2.4.4)
Use --help for more information. Using OpenVPN provider: NORDVPN Setting NORDVPN_PROTOCOL to: SWITZERLAND 2020-05-04 20:33:38 Checking curl installation 2020-05-04 20:33:38 Removing existing configs 2020-05-04 20:33:38 Selecting the best server... 2020-05-04 20:33:38 Searching for group: legacy_p2p 2020-05-04 20:33:38 Best server : uk1456.nordvpn.com 2020-05-04 20:33:38 Downloading config: default.ovpn 2020-05-04 20:33:38 Downloading from: https://downloads.nordcdn.com/configs/filesuk1456.nordvpn.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 2020-05-04 20:33:38 Using OpenVPN CONFIG :: switzerland 2020-05-04 20:33:38 Downloading config: switzerland.ovpn 2020-05-04 20:33:38 Downloading from: https://downloads.nordcdn.com/configs/filesswitzerland % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 2020-05-04 20:33:38 Checking line endings 2020-05-04 20:33:38 Updating configs for docker-transmission-openvpn Supplied config Switzerland.ovpn could not be found. Using default OpenVPN gateway for provider nordvpn Setting OPENVPN credentials... adding route to local network 192.168.0.0/24 via 172.20.0.1 dev eth0 Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/nordvpn/default.ovpn:1: html (2.4.4)
GPSMapper
commented
4 years ago share you configs. You have issue there.
Setting NORDVPN_PROTOCOL to: SWITZERLAND
accepted values for this option are tcp or udp. Probably you've messed your settings
https://haugene.github.io/docker-transmission-openvpn/nordvpn-script/
so in your case it should be smth like:
NORDVPN_COUNTRY=CH NORDVPN_CATEGORY=p2p NORDVPN_PROTOCOL=udp
screwfaze
commented
4 years ago share you configs. You have issue there.
Setting NORDVPN_PROTOCOL to: SWITZERLAND
accepted values for this option are tcp or udp. Probably you've messed your settings
https://haugene.github.io/docker-transmission-openvpn/nordvpn-script/
so in your case it should be smth like:
NORDVPN_COUNTRY=CH NORDVPN_CATEGORY=p2p NORDVPN_PROTOCOL=udp
That's weird coz it has been working for like a year this way. I will play with this and see if it works.
Thanks
screwfaze
commented
4 years ago share you configs. You have issue there. Setting NORDVPN_PROTOCOL to: SWITZERLAND accepted values for this option are tcp or udp. Probably you've messed your settings https://haugene.github.io/docker-transmission-openvpn/nordvpn-script/ so in your case it should be smth like: NORDVPN_COUNTRY=CH NORDVPN_CATEGORY=p2p NORDVPN_PROTOCOL=udp
That's weird coz it has been working for like a year this way. I will play with this and see if it works.
Thanks
This is actually what I have in my docker options.
GPSMapper
commented
4 years ago please try removing OPENVPN_CONFIG env variable (it is conflicting with NORDVPN) and add NORDVPN_COUNTRY=CH instead.
You should have smth like: OPENVPN_PROVIDER=NORDVPN OPENVPN_USERNAME=XXXXXXXXXX OPENVPN_PASSWORD=XXXXXXXXX NORDVPN_COUNTRY=CH NORDVPN_PROTOCOL=tcp NORDVPN_CATEGORY=P2P OPENVPN_OPTS="--inactive 3600 --ping 10 --ping-exit 60"
screwfaze
commented
4 years ago please try removing OPENVPN_CONFIG env variable (it is conflicting with NORDVPN) and add NORDVPN_COUNTRY=CH instead.
You should have smth like: OPENVPN_PROVIDER=NORDVPN OPENVPN_USERNAME=XXXXXXXXXX OPENVPN_PASSWORD=XXXXXXXXX NORDVPN_COUNTRY=CH NORDVPN_PROTOCOL=tcp NORDVPN_CATEGORY=P2P OPENVPN_OPTS="--inactive 3600 --ping 10 --ping-exit 60"
I have done as you suggested and I can confirm this is working now, thank you so much for the assist. Weird how I have never changed the config and has been working for so long. Feels good to get Transmission working again!!
GPSMapper
commented
4 years ago OK, after 4 days I've got continuous container restart again every 10 seconds or so No obvious reason and no errors in logs... nothing suspicious in qnap system logs either. all other containers continue working fine. checked crontab to see if there are any jobs running which could create a conflict - nothing
p.s. obviously last time it was 'restarting' for hours and my IP was temporary blacklisted by API server. This time I managed to catch the issue early.
last log lines of correct work;
Sat May 9 02:50:52 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA, Sat May 9 02:50:52 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA4, Sat May 9 02:50:52 2020 VERIFY KU OK, Sat May 9 02:50:52 2020 Validating certificate extended key usage, Sat May 9 02:50:52 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication, Sat May 9 02:50:52 2020 VERIFY EKU OK, Sat May 9 02:50:52 2020 VERIFY OK: depth=0, CN=pl73.nordvpn.com, Sat May 9 02:50:52 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 02:50:52 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 02:50:52 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA,
and suddenly started restarting
Using OpenVPN provider: NORDVPN, 2020-05-09 03:09:38 Checking curl installation, 2020-05-09 03:09:38 Removing existing configs, 2020-05-09 03:09:38 Selecting the best server..., 2020-05-09 03:09:38 Searching for technology: openvpn_udp, 2020-05-09 03:09:38 Unable to find a server with the specified parameters, using any recommended server, 2020-05-09 03:09:38 Best server : pl117.nordvpn.com, 2020-05-09 03:09:38 Downloading config: default.ovpn, 2020-05-09 03:09:38 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed,
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 30868 0 --:--:-- --:--:-- --:--:-- 30868, 2020-05-09 03:09:38 Selecting the best server..., 2020-05-09 03:09:38 Searching for country : PL (174), 2020-05-09 03:09:38 Searching for group: legacy_p2p, 2020-05-09 03:09:38 Searching for technology: openvpn_udp, 2020-05-09 03:09:38 Best server : pl117.nordvpn.com, 2020-05-09 03:09:38 Downloading config: pl117.nordvpn.com.ovpn, 2020-05-09 03:09:38 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed,
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 41308 0 --:--:-- --:--:-- --:--:-- 41925, 2020-05-09 03:09:38 Checking line endings, 2020-05-09 03:09:38 Updating configs for docker-transmission-openvpn, Starting OpenVPN using config pl117.nordvpn.com.ovpn, Setting OPENVPN credentials..., adding route to local network 192.168.1.0/24 via 10.0.3.1 dev eth0, Sat May 9 03:10:15 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019, Sat May 9 03:10:15 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08, Sat May 9 03:10:15 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts, Sat May 9 03:10:15 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:15 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:15 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:15 2020 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576], Sat May 9 03:10:15 2020 UDP link local: (not bound), Sat May 9 03:10:15 2020 UDP link remote: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:15 2020 TLS: Initial packet from [AF_INET]37.120.211.131:1194, sid=b9defa91 8400fd03, Sat May 9 03:10:15 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this, Sat May 9 03:10:15 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA, Sat May 9 03:10:15 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA4, Sat May 9 03:10:15 2020 VERIFY KU OK, Sat May 9 03:10:15 2020 Validating certificate extended key usage, Sat May 9 03:10:15 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication, Sat May 9 03:10:15 2020 VERIFY EKU OK, Sat May 9 03:10:15 2020 VERIFY OK: depth=0, CN=pl117.nordvpn.com, Sat May 9 03:10:16 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA, Sat May 9 03:10:16 2020 [pl117.nordvpn.com] Peer Connection Initiated with [AF_INET]37.120.211.131:1194, Using OpenVPN provider: NORDVPN, 2020-05-09 03:10:18 Checking curl installation, 2020-05-09 03:10:18 Removing existing configs, 2020-05-09 03:10:18 Selecting the best server..., 2020-05-09 03:10:18 Searching for group: legacy_p2p, 2020-05-09 03:10:18 Searching for technology: openvpn_udp, 2020-05-09 03:10:18 Best server : pl117.nordvpn.com, 2020-05-09 03:10:18 Downloading config: default.ovpn, 2020-05-09 03:10:18 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed,
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 38479 0 --:--:-- --:--:-- --:--:-- 38479, 2020-05-09 03:10:18 Selecting the best server..., 2020-05-09 03:10:18 Searching for country : PL (174), 2020-05-09 03:10:18 Searching for group: legacy_p2p, 2020-05-09 03:10:18 Searching for technology: openvpn_udp, 2020-05-09 03:10:18 Best server : pl117.nordvpn.com, 2020-05-09 03:10:18 Downloading config: pl117.nordvpn.com.ovpn, 2020-05-09 03:10:18 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed,
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 35556 0 --:--:-- --:--:-- --:--:-- 35556, 2020-05-09 03:10:18 Checking line endings, 2020-05-09 03:10:18 Updating configs for docker-transmission-openvpn, Starting OpenVPN using config pl117.nordvpn.com.ovpn, Setting OPENVPN credentials..., adding route to local network 192.168.1.0/24 via 10.0.3.1 dev eth0, Sat May 9 03:10:20 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019, Sat May 9 03:10:20 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08, Sat May 9 03:10:20 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts, Sat May 9 03:10:20 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:20 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:20 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:20 2020 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576], Sat May 9 03:10:20 2020 UDP link local: (not bound), Sat May 9 03:10:20 2020 UDP link remote: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:20 2020 TLS: Initial packet from [AF_INET]37.120.211.131:1194, sid=2f414a2f f0e21012, Sat May 9 03:10:20 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this, Sat May 9 03:10:20 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA, Sat May 9 03:10:20 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA4, Sat May 9 03:10:20 2020 VERIFY KU OK, Sat May 9 03:10:20 2020 Validating certificate extended key usage, Sat May 9 03:10:20 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication, Sat May 9 03:10:20 2020 VERIFY EKU OK, Sat May 9 03:10:20 2020 VERIFY OK: depth=0, CN=pl117.nordvpn.com, Sat May 9 03:10:20 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA, Sat May 9 03:10:20 2020 [pl117.nordvpn.com] Peer Connection Initiated with [AF_INET]37.120.211.131:1194, Sat May 9 03:10:21 2020 SENT CONTROL [pl117.nordvpn.com]: 'PUSH_REQUEST' (status=1), Sat May 9 03:10:21 2020 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.0.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.0.8 255.255.255.0,peer-id 5,cipher AES-256-GCM', Sat May 9 03:10:21 2020 Option 'explicit-exit-notify' in [PUSH-OPTIONS]:6 is ignored by previous
blocks , Sat May 9 03:10:21 2020 OPTIONS IMPORT: timers and/or timeouts modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: explicit notify parm(s) modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: compression parms modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified, Sat May 9 03:10:21 2020 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576], Sat May 9 03:10:21 2020 OPTIONS IMPORT: --ifconfig/up options modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: route options modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: route-related options modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified, Sat May 9 03:10:21 2020 OPTIONS IMPORT: peer-id set, Sat May 9 03:10:21 2020 OPTIONS IMPORT: adjusting link_mtu to 1657, Sat May 9 03:10:21 2020 OPTIONS IMPORT: data channel crypto options modified, Sat May 9 03:10:21 2020 Data Channel: using negotiated cipher 'AES-256-GCM', Sat May 9 03:10:21 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 03:10:21 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 03:10:21 2020 ROUTE_GATEWAY 10.0.3.1/255.255.255.0 IFACE=eth0 HWADDR=02:42:0a:00:03:02, Sat May 9 03:10:21 2020 TUN/TAP device tun0 opened, Sat May 9 03:10:21 2020 TUN/TAP TX queue length set to 100, Sat May 9 03:10:21 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0, Sat May 9 03:10:21 2020 /sbin/ip link set dev tun0 up mtu 1500, Sat May 9 03:10:21 2020 /sbin/ip addr add dev tun0 10.8.0.8/24 broadcast 10.8.0.255, Sat May 9 03:10:21 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.0.8 255.255.255.0 init, Up script executed with tun0 1500 1585 10.8.0.8 255.255.255.0 init, Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.0.8, Generating transmission settings.json from env variables, sed'ing True to true, , -------------------------------------, Transmission will run as, -------------------------------------, User name: root, User uid: 0, User gid: 0, -------------------------------------, , STARTING TRANSMISSION, NO PORT UPDATER FOR THIS PROVIDER, Transmission startup script complete., Sat May 9 03:10:21 2020 /sbin/ip route add 37.120.211.131/32 via 10.0.3.1, Sat May 9 03:10:21 2020 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1, Sat May 9 03:10:21 2020 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1, Sat May 9 03:10:21 2020 Initialization Sequence Completed, Using OpenVPN provider: NORDVPN, 2020-05-09 03:10:33 Checking curl installation, 2020-05-09 03:10:33 Removing existing configs, 2020-05-09 03:10:33 Selecting the best server..., 2020-05-09 03:10:33 Searching for group: legacy_p2p, 2020-05-09 03:10:33 Searching for technology: openvpn_udp, 2020-05-09 03:10:33 Best server : pl117.nordvpn.com, 2020-05-09 03:10:33 Downloading config: default.ovpn, 2020-05-09 03:10:33 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed, 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 36012 0 --:--:-- --:--:-- --:--:-- 36012, 2020-05-09 03:10:33 Selecting the best server..., 2020-05-09 03:10:33 Searching for country : PL (174), 2020-05-09 03:10:33 Searching for group: legacy_p2p, 2020-05-09 03:10:33 Searching for technology: openvpn_udp, 2020-05-09 03:10:33 Best server : pl117.nordvpn.com, 2020-05-09 03:10:33 Downloading config: pl117.nordvpn.com.ovpn, 2020-05-09 03:10:33 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/pl117.nordvpn.com.udp.ovpn, % Total % Received % Xferd Average Speed Time Time Time Current, Dload Upload Total Spent Left Speed,
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 2809 100 2809 0 0 46049 0 --:--:-- --:--:-- --:--:-- 46049, 2020-05-09 03:10:33 Checking line endings, 2020-05-09 03:10:33 Updating configs for docker-transmission-openvpn, Starting OpenVPN using config pl117.nordvpn.com.ovpn, Setting OPENVPN credentials..., adding route to local network 192.168.1.0/24 via 10.0.3.1 dev eth0, Sat May 9 03:10:35 2020 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019, Sat May 9 03:10:35 2020 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08, Sat May 9 03:10:35 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts, Sat May 9 03:10:35 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:35 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication, Sat May 9 03:10:35 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:35 2020 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576], Sat May 9 03:10:35 2020 UDP link local: (not bound), Sat May 9 03:10:35 2020 UDP link remote: [AF_INET]37.120.211.131:1194, Sat May 9 03:10:35 2020 TLS: Initial packet from [AF_INET]37.120.211.131:1194, sid=c0807b65 5a69eb10, Sat May 9 03:10:35 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this, Sat May 9 03:10:35 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA, Sat May 9 03:10:35 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA4, Sat May 9 03:10:35 2020 VERIFY KU OK, Sat May 9 03:10:35 2020 Validating certificate extended key usage, Sat May 9 03:10:35 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication, Sat May 9 03:10:35 2020 VERIFY EKU OK, Sat May 9 03:10:35 2020 VERIFY OK: depth=0, CN=pl117.nordvpn.com, Sat May 9 03:10:35 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA, Sat May 9 03:10:35 2020 [pl117.nordvpn.com] Peer Connection Initiated with [AF_INET]37.120.211.131:1194, Sat May 9 03:10:36 2020 SENT CONTROL [pl117.nordvpn.com]: 'PUSH_REQUEST' (status=1), Sat May 9 03:10:36 2020 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.1.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.1.22 255.255.255.0,peer-id 23,cipher AES-256-GCM', Sat May 9 03:10:36 2020 Option 'explicit-exit-notify' in [PUSH-OPTIONS]:6 is ignored by previous
blocks , Sat May 9 03:10:36 2020 OPTIONS IMPORT: timers and/or timeouts modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: explicit notify parm(s) modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: compression parms modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified, Sat May 9 03:10:36 2020 Socket Buffers: R=[1048576->1048576] S=[1048576->1048576], Sat May 9 03:10:36 2020 OPTIONS IMPORT: --ifconfig/up options modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: route options modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: route-related options modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified, Sat May 9 03:10:36 2020 OPTIONS IMPORT: peer-id set, Sat May 9 03:10:36 2020 OPTIONS IMPORT: adjusting link_mtu to 1657, Sat May 9 03:10:36 2020 OPTIONS IMPORT: data channel crypto options modified, Sat May 9 03:10:36 2020 Data Channel: using negotiated cipher 'AES-256-GCM', Sat May 9 03:10:36 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 03:10:36 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key, Sat May 9 03:10:36 2020 ROUTE_GATEWAY 10.0.3.1/255.255.255.0 IFACE=eth0 HWADDR=02:42:0a:00:03:02, Sat May 9 03:10:36 2020 TUN/TAP device tun0 opened, Sat May 9 03:10:36 2020 TUN/TAP TX queue length set to 100, Sat May 9 03:10:36 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0, Sat May 9 03:10:36 2020 /sbin/ip link set dev tun0 up mtu 1500, Sat May 9 03:10:36 2020 /sbin/ip addr add dev tun0 10.8.1.22/24 broadcast 10.8.1.255, Sat May 9 03:10:36 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.1.22 255.255.255.0 init, Up script executed with tun0 1500 1585 10.8.1.22 255.255.255.0 init, Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.1.22, Generating transmission settings.json from env variables, sed'ing True to true, , -------------------------------------, Transmission will run as, -------------------------------------, User name: root, User uid: 0, User gid: 0, -------------------------------------, , STARTING TRANSMISSION, NO PORT UPDATER FOR THIS PROVIDER, Transmission startup script complete., Sat May 9 03:10:36 2020 /sbin/ip route add 37.120.211.131/32 via 10.0.3.1, Sat May 9 03:10:36 2020 /sbin/ip route add 0.0.0.0/1 via 10.8.1.1, Sat May 9 03:10:36 2020 /sbin/ip route add 128.0.0.0/1 via 10.8.1.1, Sat May 9 03:10:36 2020 Initialization Sequence Completed, Using OpenVPN provider: NORDVPN, 2020-05-09 03:11:04 Checking curl installation, 2020-05-09 03:11:04 Removing existing configs,
GPSMapper
commented
4 years ago seems to be known issue as discussed in #336 Will be trying a workaround from here: https://github.com/haugene/docker-transmission-openvpn/issues/336#issuecomment-486931704
GPSMapper
commented
4 years ago OK, finally we are making some progress! Found a topic on QNAP forum which confirms that there is a conflict with supervisor process watching for and killing any "openvpn" process other than the one from QVPN. This happens every couple of seconds which explains that you can successfully start up the docker image, but then it stops without any connectivity issue.
Workaround 1:
--cap-add=NET_ADMIN
-e CREATE_TUN_DEVICE=trueWorkaround 2: If you need/want to keep QVPN service on your NAS:
sed -i 's/exec openvpn/exec myopenvpn/g' /etc/openvpn/start.sh ; mv /usr/sbin/openvpn /usr/sbin/myopenvpnHowever this needs to be repeated after each image pull / update
Proposed solution for all use cases:
@haugene , could you please advise if proposal above could be considered in the future release? If, for whatever reason, you need to keep openvpn binary name for some compatibility, maybe adding another one with a custom name and with control of the ENV flag (OVPN_BINARY=QNAP) would do the job (if QNAP flag used, 'custom' binary is used instead of default openvpn)
GPSMapper
commented
4 years ago So, I confirm that after removal of QVPN service no more issues with container reboots. So, the workarounds for QNAP users are above:
If devs are not in a position to consider proposed solution to get this solved 'out of the box' (renaming bundled openvpn binary to prevent its detection) please consider closing this issue.
pkishino
commented
4 years ago Well, hopefully, others can use this as info for a WA, but I feel this should be fixed on QNAPs side as that is very strange behaviour. I do not see renaming the binary as the right way forward, will close for now
nicomarti83
commented
4 years ago So, I confirm that after removal of QVPN service no more issues with container reboots. So, the workarounds for QNAP users are above:
- completely unistall stock QVPN or (if you need it)
- see in my previous post above
If devs are not in a position to consider proposed solution to get this solved 'out of the box' (renaming bundled openvpn binary to prevent its detection) please consider closing this issue.
Hi, if I uninstall QVPN I can't use this container at all
container-station/docker: Error response from daemon: linux runtime spec devices: error gathering device information while adding custom device "/dev/net/tun": no such file or directory.
nicomarti83
commented
4 years ago My bad, it work with "--privileged" ...
Problem description NordVPN API script doesn't seem to work properly Everything was fine 1-2 days ago.
docker run command
ENV file OPENVPN_PROVIDER=NORDVPN OPENVPN_USERNAME=* OPENVPN_PASSWORD=**** OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60 LOCAL_NETWORK=192.168.1.0/24 NORDVPN_COUNTRY=PL NORDVPN_PROTOCOL=udp NORDVPN_CATEGORY=P2P TRANSMISSION_BLOCKLIST_ENABLED=true TRANSMISSION_BLOCKLIST_URL=http://www.bluetack.co.uk/config/level1.gz TRANSMISSION_CACHE_SIZE_MB=8 TRANSMISSION_DHT_ENABLED=true TRANSMISSION_DOWNLOAD_DIR=/data/completed TRANSMISSION_DOWNLOAD_QUEUE_ENABLED=true TRANSMISSION_DOWNLOAD_QUEUE_SIZE=15 TRANSMISSION_INCOMPLETE_DIR=/data/incomplete TRANSMISSION_INCOMPLETE_DIR_ENABLED=true TRANSMISSION_LPD_ENABLED=true TRANSMISSION_MAX_PEERS_GLOBAL=200 TRANSMISSION_PEER_LIMIT_GLOBAL=200 TRANSMISSION_PEER_LIMIT_PER_TORRENT=50 TRANSMISSION_PEER_PORT=51413 TRANSMISSION_PREALLOCATION=2 TRANSMISSION_PREFETCH_ENABLED=1 TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=true TRANSMISSION_RPC_PASSWORD=*** TRANSMISSION_RPC_USERNAME=transmission TRANSMISSION_RPC_WHITELIST=***** TRANSMISSION_RPC_WHITELIST_ENABLED=true TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES=true TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT=15 TRANSMISSION_WATCH_DIR=/data/watch TRANSMISSION_WATCH_DIR_ENABLED=true
Logs Using OpenVPN provider: NORDVPN 2020-05-02 17:39:45 Checking curl installation 2020-05-02 17:39:45 Removing existing configs 2020-05-02 17:39:45 Selecting the best server... parse error: Invalid numeric literal at EOF at line 1, column 4 2020-05-02 17:39:45 Searching for technology: openvpn_udp parse error: Invalid numeric literal at EOF at line 1, column 4 2020-05-02 17:39:45 Unable to find a server with the specified parameters, using any recommended server parse error: Invalid numeric literal at EOF at line 1, column 4 2020-05-02 17:39:45 Best server : 2020-05-02 17:39:45 Downloading config: default.ovpn 2020-05-02 17:39:45 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/.udp.ovpn % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 162 100 162 0 0 269 0 --:--:-- --:--:-- --:--:-- 268
Host system: QNAP NAS TS-453B QTS 4.4.2.1270