Closed VasTrp closed 1 year ago
Hi, for what is worth. I just fixed my docker setup... I am being having lots of issues similar to yours. I noticed that the errors once I create the container are different to those after I stopped the container and restart it. In the latest case, I see errors like yours. I tested different things, but it seems I just manage to fix it downgrading docker desktop to the previous version. I am no expert, but after a lot reading and trying many image releases, downgrading seems to have fixed it.
good luck
I'm having the same problem,
I ran the following command
modprobe ip6table_filter
and fixed the error
but for some reason I can't connect with my credentials, the login data is correct, but this appears "2023-03-24 18:57:57 AUTH: Received control message: AUTH_FAILED" for me =(
Chose: br-sao.prod.surfshark.com_tcp.ovpn Do not forget to expose the ports for attached container web ui access 2023-03-24 18:57:48 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2023-03-24 18:57:48 WARNING: file 'vpn-auth.txt' is group or others accessible 2023-03-24 18:57:48 OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022 2023-03-24 18:57:48 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10 2023-03-24 18:57:48 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2023-03-24 18:57:48 NOTE: --fast-io is disabled since we are not using UDP 2023-03-24 18:57:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-24 18:57:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-24 18:57:48 TCP/UDP: Preserving recently used remote address: [AF_INET]193.19.205.95:1443 2023-03-24 18:57:48 Socket Buffers: R=[131072->131072] S=[16384->16384] 2023-03-24 18:57:48 Attempting to establish TCP connection with [AF_INET]193.19.205.95:1443 [nonblock] 2023-03-24 18:57:49 TCP connection established with [AF_INET]193.19.205.95:1443 2023-03-24 18:57:49 TCP_CLIENT link local: (not bound) 2023-03-24 18:57:49 TCP_CLIENT link remote: [AF_INET]193.19.205.95:1443 2023-03-24 18:57:49 TLS: Initial packet from [AF_INET]193.19.205.95:1443, sid=79ef7944 bb706484 2023-03-24 18:57:49 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2023-03-24 18:57:49 VERIFY OK: depth=2, C=VG, O=Surfshark, CN=Surfshark Root CA 2023-03-24 18:57:49 VERIFY OK: depth=1, C=VG, O=Surfshark, CN=Surfshark Intermediate CA 2023-03-24 18:57:49 VERIFY KU OK 2023-03-24 18:57:49 Validating certificate extended key usage 2023-03-24 18:57:49 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2023-03-24 18:57:49 VERIFY EKU OK 2023-03-24 18:57:49 VERIFY OK: depth=0, CN=br-sao-v063.prod.surfshark.com 2023-03-24 18:57:50 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1635', remote='link-mtu 1583' 2023-03-24 18:57:50 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]' 2023-03-24 18:57:50 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256 2023-03-24 18:57:50 [br-sao-v063.prod.surfshark.com] Peer Connection Initiated with [AF_INET]193.19.205.95:1443 2023-03-24 18:57:51 SENT CONTROL [br-sao-v063.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-24 18:57:56 SENT CONTROL [br-sao-v063.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-24 18:57:57 AUTH: Received control message: AUTH_FAILED 2023-03-24 18:57:57 SIGTERM[soft,auth-failure] received, process exiting
@wesleynunes121 which version of the docker engine are you using?
@wesleynunes121 which version of the docker engine are you using?
# docker -v Docker version 20.10.21, build 20.10.21-0ubuntu1~20.04.1
I'm having the same problem,
I ran the following command
modprobe ip6table_filter
and fixed the error
but for some reason I can't connect with my credentials, the login data is correct, but this appears "2023-03-24 18:57:57 AUTH: Received control message: AUTH_FAILED" for me =(
Chose: br-sao.prod.surfshark.com_tcp.ovpn Do not forget to expose the ports for attached container web ui access 2023-03-24 18:57:48 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2023-03-24 18:57:48 WARNING: file 'vpn-auth.txt' is group or others accessible 2023-03-24 18:57:48 OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022 2023-03-24 18:57:48 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10 2023-03-24 18:57:48 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2023-03-24 18:57:48 NOTE: --fast-io is disabled since we are not using UDP 2023-03-24 18:57:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-24 18:57:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-24 18:57:48 TCP/UDP: Preserving recently used remote address: [AF_INET]193.19.205.95:1443 2023-03-24 18:57:48 Socket Buffers: R=[131072->131072] S=[16384->16384] 2023-03-24 18:57:48 Attempting to establish TCP connection with [AF_INET]193.19.205.95:1443 [nonblock] 2023-03-24 18:57:49 TCP connection established with [AF_INET]193.19.205.95:1443 2023-03-24 18:57:49 TCP_CLIENT link local: (not bound) 2023-03-24 18:57:49 TCP_CLIENT link remote: [AF_INET]193.19.205.95:1443 2023-03-24 18:57:49 TLS: Initial packet from [AF_INET]193.19.205.95:1443, sid=79ef7944 bb706484 2023-03-24 18:57:49 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2023-03-24 18:57:49 VERIFY OK: depth=2, C=VG, O=Surfshark, CN=Surfshark Root CA 2023-03-24 18:57:49 VERIFY OK: depth=1, C=VG, O=Surfshark, CN=Surfshark Intermediate CA 2023-03-24 18:57:49 VERIFY KU OK 2023-03-24 18:57:49 Validating certificate extended key usage 2023-03-24 18:57:49 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2023-03-24 18:57:49 VERIFY EKU OK 2023-03-24 18:57:49 VERIFY OK: depth=0, CN=br-sao-v063.prod.surfshark.com 2023-03-24 18:57:50 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1635', remote='link-mtu 1583' 2023-03-24 18:57:50 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]' 2023-03-24 18:57:50 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256 2023-03-24 18:57:50 [br-sao-v063.prod.surfshark.com] Peer Connection Initiated with [AF_INET]193.19.205.95:1443 2023-03-24 18:57:51 SENT CONTROL [br-sao-v063.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-24 18:57:56 SENT CONTROL [br-sao-v063.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-24 18:57:57 AUTH: Received control message: AUTH_FAILED 2023-03-24 18:57:57 SIGTERM[soft,auth-failure] received, process exiting
@wesleynunes121 the code -> modprobe ip6table_filter
works for me ! Thank You !
Regarding your problem with your credentials, pay attention that you shouldn't use those that you are connecting from your app. You can find the new one at surfshark.com -> VPN -> Manual Setup -> Desktop or mobile => Username + Password
Does someone want to open a PR to insert the modprobe command in the readme?
@VasTrp Thank you, I didn't know I needed to get the credentials on the website! @ilteoood maybe you should add that credential information in the readme, noobs like me might not know this lol
@wesleynunes121 it's already there since day one.
Hey guys, Surfshark doesn’t support ipv6, if you add it in you should test for dns leaks.
Hello Everyone! My system works in:
Docker version 23.0.1
The container surfshark is deploying but is stack to the status "starting". I am attaching part of the log file of this container:
Chose: it-mil.prod.surfshark.com_udp.ovpn Adding ip route add 172.17.0.0/16 via 172.18.0.1 dev eth0 for attached container web ui access Do not forget to expose the ports for attached container web ui access 2023-03-17 09:31:24 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. 2023-03-17 09:31:24 WARNING: file 'vpn-auth.txt' is group or others accessible 2023-03-17 09:31:24 OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022 2023-03-17 09:31:24 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10 2023-03-17 09:31:24 WARNING: --ping should normally be used with --ping-restart or --ping-exit 2023-03-17 09:31:24 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-17 09:31:24 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2023-03-17 09:31:24 TCP/UDP: Preserving recently used remote address: [AF_INET]212.102.55.74:1194 2023-03-17 09:31:24 Socket Buffers: R=[212992->212992] S=[212992->212992] 2023-03-17 09:31:24 UDP link local: (not bound) 2023-03-17 09:31:24 UDP link remote: [AF_INET]212.102.55.74:1194 2023-03-17 09:31:24 TLS: Initial packet from [AF_INET]212.102.55.74:1194, sid=b9caae2b b0ee9aa6 2023-03-17 09:31:24 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2023-03-17 09:31:25 VERIFY OK: depth=2, C=VG, O=Surfshark, CN=Surfshark Root CA 2023-03-17 09:31:25 VERIFY OK: depth=1, C=VG, O=Surfshark, CN=Surfshark Intermediate CA 2023-03-17 09:31:25 VERIFY KU OK 2023-03-17 09:31:25 Validating certificate extended key usage 2023-03-17 09:31:25 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2023-03-17 09:31:25 VERIFY EKU OK 2023-03-17 09:31:25 VERIFY OK: depth=0, CN=it-mil-v075.prod.surfshark.com 2023-03-17 09:31:25 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1581' 2023-03-17 09:31:25 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]' 2023-03-17 09:31:25 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256 2023-03-17 09:31:25 [it-mil-v075.prod.surfshark.com] Peer Connection Initiated with [AF_INET]212.102.55.74:1194 2023-03-17 09:31:26 SENT CONTROL [it-mil-v075.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-17 09:31:31 SENT CONTROL [it-mil-v075.prod.surfshark.com]: 'PUSH_REQUEST' (status=1) 2023-03-17 09:31:31 AUTH: Received control message: AUTH_FAILED 2023-03-17 09:31:31 SIGTERM[soft,auth-failure] received, process exiting Resetting all rules to installed defaults. Proceed with operation (y|n)? Aborted ERROR: initcaps [Errno 2] modprobe: can't change directory to '/lib/modules': No such file or directory ip6tables v1.8.8 (legacy): can't initialize ip6tables table
filter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded. ERROR: initcaps [Errno 2] modprobe: can't change directory to '/lib/modules': No such file or directory ip6tables v1.8.8 (legacy): can't initialize ip6tables tablefilter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded. ERROR: initcaps [Errno 2] modprobe: can't change directory to '/lib/modules': No such file or directory ip6tables v1.8.8 (legacy): can't initialize ip6tables table
filter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded. ERROR: initcaps [Errno 2] modprobe: can't change directory to '/lib/modules': No such file or directory ip6tables v1.8.8 (legacy): can't initialize ip6tables tablefilter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded.
Do you have any idea why is coming this error ?