search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.88k stars 366 forks source link

Bug: #1157

Closed cp-michal closed 2 years ago

cp-michal commented 2 years ago

Is this urgent?

No

Host OS

Raspberry Pi

CPU arch

armv7l

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2022-09-14T13:28:28.429Z (commit e5be20d)

What's the problem πŸ€”

I can't connect to address www.partypoker.com. I'm getting UknownHostException in my java application. When I try docker exec -it gluetun ping partypoker.com Im getting: ping: bad address 'partypoker.com'

I have no problem when I connect to this address on machine with Windows 10 and ProtonVPN client.

Share your logs

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❀️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2022-09-14T13:28:28.429Z (commit e5be20d)

πŸ”§ Need help? https://github.com/qdm12/gluetun/discussions/new
πŸ› Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
β˜• Discussion? https://github.com/qdm12/gluetun/discussions/new
πŸ’» Email? quentin.mcgaw@gmail.com
πŸ’° Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2022-09-18T18:56:03Z INFO [routing] default route found: interface eth0, gateway 172.29.0.1 and assigned IP 172.29.0.2
2022-09-18T18:56:03Z INFO [routing] local ethernet link found: eth0
2022-09-18T18:56:03Z INFO [routing] local ipnet found: 172.29.0.0/16
2022-09-18T18:56:03Z INFO [firewall] enabling...
2022-09-18T18:56:03Z INFO [firewall] enabled successfully
2022-09-18T18:56:04Z INFO [storage] creating /gluetun/servers.json with 11721 hardcoded servers
2022-09-18T18:56:05Z INFO Alpine version: 3.16.2
2022-09-18T18:56:05Z INFO OpenVPN 2.4 version: 2.4.12
2022-09-18T18:56:05Z INFO OpenVPN 2.5 version: 2.5.6
2022-09-18T18:56:05Z INFO Unbound version: 1.15.0
2022-09-18T18:56:05Z INFO IPtables version: v1.8.8
2022-09-18T18:56:05Z INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: protonvpn
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       β”œβ”€β”€ Countries: united states
|   |       β”œβ”€β”€ Free only servers: yes
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.4
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: root
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   β”œβ”€β”€ DNS server address to use: 127.0.0.1
|   β”œβ”€β”€ Keep existing nameserver(s): no
|   └── DNS over TLS settings:
|       β”œβ”€β”€ Enabled: yes
|       β”œβ”€β”€ Update period: every 24h0m0s
|       β”œβ”€β”€ Unbound settings:
|       |   β”œβ”€β”€ Authoritative servers:
|       |   |   └── cloudflare
|       |   β”œβ”€β”€ Caching: yes
|       |   β”œβ”€β”€ IPv6: no
|       |   β”œβ”€β”€ Verbosity level: 1
|       |   β”œβ”€β”€ Verbosity details level: 0
|       |   β”œβ”€β”€ Validation log level: 0
|       |   β”œβ”€β”€ System user: root
|       |   └── Allowed networks:
|       |       β”œβ”€β”€ 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           β”œβ”€β”€ Block malicious: yes
|           β”œβ”€β”€ Block ads: no
|           β”œβ”€β”€ Block surveillance: no
|           └── Blocked IP networks:
|               β”œβ”€β”€ 127.0.0.1/8
|               β”œβ”€β”€ 10.0.0.0/8
|               β”œβ”€β”€ 172.16.0.0/12
|               β”œβ”€β”€ 192.168.0.0/16
|               β”œβ”€β”€ 169.254.0.0/16
|               β”œβ”€β”€ ::1/128
|               β”œβ”€β”€ fc00::/7
|               β”œβ”€β”€ fe80::/10
|               β”œβ”€β”€ ::ffff:7f00:1/104
|               β”œβ”€β”€ ::ffff:a00:0/104
|               β”œβ”€β”€ ::ffff:a9fe:0/112
|               β”œβ”€β”€ ::ffff:ac10:0/108
|               └── ::ffff:c0a8:0/112
β”œβ”€β”€ Firewall settings:
|   └── Enabled: yes
β”œβ”€β”€ Log settings:
|   └── Log level: INFO
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: cloudflare.com:443
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 1000
|   └── Process GID: 1000
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   └── IP file path: /tmp/gluetun/ip
└── Version settings:
    └── Enabled: yes
2022-09-18T18:56:05Z INFO IPv6 is not supported
2022-09-18T18:56:05Z INFO [routing] default route found: interface eth0, gateway 172.29.0.1 and assigned IP 172.29.0.2
2022-09-18T18:56:05Z INFO [routing] adding route for 0.0.0.0/0
2022-09-18T18:56:05Z INFO [firewall] setting allowed subnets...
2022-09-18T18:56:05Z INFO [routing] default route found: interface eth0, gateway 172.29.0.1 and assigned IP 172.29.0.2
2022-09-18T18:56:05Z INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2022-09-18T18:56:05Z INFO [pprof] http server listening on [::]:6060
2022-09-18T18:56:05Z INFO [http server] http server listening on [::]:8000
2022-09-18T18:56:05Z INFO [healthcheck] listening on 127.0.0.1:9999
2022-09-18T18:56:05Z INFO [dns over tls] using plaintext DNS at address 1.1.1.1
2022-09-18T18:56:05Z INFO [firewall] allowing VPN connection...
2022-09-18T18:56:05Z INFO [openvpn] OpenVPN 2.4.12 armv7-alpine-linux-musleabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 24 2022
2022-09-18T18:56:05Z INFO [openvpn] library versions: OpenSSL 1.1.1q  5 Jul 2022, LZO 2.10
2022-09-18T18:56:05Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.44.181:1194
2022-09-18T18:56:05Z INFO [openvpn] UDP link local: (not bound)
2022-09-18T18:56:05Z INFO [openvpn] UDP link remote: [AF_INET]143.244.44.181:1194
2022-09-18T18:56:05Z WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-09-18T18:56:05Z WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-09-18T18:56:05Z INFO [openvpn] [node-us-159.protonvpn.net] Peer Connection Initiated with [AF_INET]143.244.44.181:1194
2022-09-18T18:56:07Z INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2022-09-18T18:56:07Z INFO [openvpn] TUN/TAP device tun0 opened
2022-09-18T18:56:07Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2022-09-18T18:56:07Z INFO [openvpn] /sbin/ip addr add dev tun0 10.18.0.4/16 broadcast 10.18.255.255
2022-09-18T18:56:07Z INFO [openvpn] UID set to nonrootuser
2022-09-18T18:56:07Z INFO [openvpn] Initialization Sequence Completed
2022-09-18T18:56:07Z INFO [dns over tls] downloading DNS over TLS cryptographic files
2022-09-18T18:56:08Z INFO [healthcheck] healthy!
2022-09-18T18:56:09Z INFO [dns over tls] downloading hostnames and IP block lists
2022-09-18T18:56:21Z INFO [healthcheck] unhealthy: cannot dial: dial tcp4: lookup cloudflare.com: i/o timeout
2022-09-18T18:56:25Z INFO [dns over tls] init module 0: validator
2022-09-18T18:56:25Z INFO [dns over tls] init module 1: iterator
2022-09-18T18:56:26Z INFO [dns over tls] start of service (unbound 1.15.0).
2022-09-18T18:56:26Z INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-09-18T18:56:26Z INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-09-18T18:56:27Z INFO [healthcheck] healthy!
2022-09-18T18:56:27Z INFO [dns over tls] ready
2022-09-18T18:56:29Z INFO [vpn] You are running on the bleeding edge of latest!
2022-09-18T18:56:29Z INFO [ip getter] Public IP address is 143.244.44.185 (United States, New York, New York City)

Share your configuration

version: '3.1'

volumes:
  db-data:

services:

  db:
    image: postgres
    restart: always
    container_name: db
    volumes:
      - db-data:/var/lib/postgresql/data
    environment:
      POSTGRES_PASSWORD: xxx
      POSTGRES_USER: xxx
      POSTGRES_DB: xxx
    network_mode: "service:gluetun"

  adminer:
    image: adminer
    restart: always
    ports:
      - 5000:8080

  ppponline:
    image: ppponline
    restart: always
    container_name: ppponline
    depends_on:
      - db
    network_mode: "service:gluetun"

  gluetun:
    image: qmcgaw/gluetun
    container_name: "gluetun"
    hostname: "gluetun"
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - OPENVPN_USER=xxx
      - OPENVPN_PASSWORD=xxx
      - SERVER_COUNTRIES=United States
      - FREE_ONLY=on
      - OPENVPN_VERSION=2.4
    ports:
            - 8080:8080
            - 5432:5432
qdm12 commented 2 years ago

That address is listed in https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated so it's blocked by the built-in DNS. You can set BLOCK_MALICIOUS=off to allow (or just UNBLOCK=partypocker.com)

cp-michal commented 2 years ago

Thanks ! <3