VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
TLDR: Unbound seems to refuse two simultaneous calls from the same port from the Go program to resolve raw.githubusercontent.com for block lists
Is this urgent?
[x] Yes
[ ] No
What VPN service provider are you using?
[x] PIA
[ ] Mullvad
[ ] Windscribe
What's the version of the program? latest
What are you using to run the container?
[ ] Docker run
[x] Docker Compose
[ ] Kubernetes
[ ] Docker stack
[ ] Docker swarm
[ ] Podman
[ ] Other:
Extra information
Logs:
2020-05-05T17:58:44.900Z INFO openvpn: Tue May 5 17:58:44 2020 Initialization Sequence Completed
2020-05-05T17:58:44.900Z INFO dns configurator: using DNS address 1.1.1.1 internally
2020-05-05T17:58:44.900Z INFO dns configurator: using DNS address 1.1.1.1 system wide
2020-05-05T17:58:44.900Z INFO dns configurator: downloading root hints from https://raw.githubusercontent.com/qdm12/file
s/master/named.root.updated
2020-05-05T17:58:44.901Z INFO Tunnel IP is 86.105.25.68, see more information at https://ipinfo.io/86.105.25.68
2020-05-05T17:58:45.866Z INFO dns configurator: downloading root key from https://raw.githubusercontent.com/qdm12/files/
master/root.key.updated
2020-05-05T17:58:46.180Z INFO dns configurator: generating Unbound configuration
# This works without Unbound
2020-05-05T17:58:47.763Z INFO dns configurator: 66056 hostnames blocked overall
2020-05-05T17:58:47.763Z INFO dns configurator: 2631 IP addresses blocked overall
2020-05-05T17:58:47.790Z INFO dns configurator: starting unbound
2020-05-05T17:58:47.791Z INFO dns configurator: using DNS address 127.0.0.1 internally
2020-05-05T17:58:47.791Z INFO dns configurator: using DNS address 127.0.0.1 system wide
2020-05-05T17:58:47.934Z INFO unbound: [1588701527] unbound[71:0] notice: init module 0: validator
2020-05-05T17:58:47.935Z INFO unbound: [1588701527] unbound[71:0] notice: init module 1: iterator
2020-05-05T17:58:47.945Z INFO unbound: [1588701527] unbound[71:0] info: start of service (unbound 1.9.6).
2020-05-05T17:58:48.572Z INFO unbound: [1588701528] unbound[71:0] info: generate keytag query _ta-4a5c-4f66. NULL IN
2020-05-05T17:58:50.500Z INFO http server: listening on 0.0.0.0:8000
2020-05-05T17:59:07.790Z ERROR unbound: stream error: read |0: file already closed
2020-05-05T17:59:07.792Z INFO unbound dns over tls setup: attempting restart
# This works with Unbound because it's synchronous on the same port
2020-05-05T17:59:07.792Z INFO dns configurator: downloading root hints from https://raw.githubusercontent.com/qdm12/files/master/named.root.updated
2020-05-05T17:59:07.949Z INFO dns configurator: downloading root key from https://raw.githubusercontent.com/qdm12/files/master/root.key.updated
2020-05-05T17:59:08.107Z INFO dns configurator: generating Unbound configuration
2020-05-05T17:59:08.443Z INFO dns configurator: 8199 hostnames blocked overall
2020-05-05T17:59:08.443Z INFO dns configurator: 2631 IP addresses blocked overall
# Does not work because it calls Unbound at the same time on the same port
2020-05-05T17:59:08.446Z WARN dns configurator: cannot GET content of URL https://raw.githubusercontent.com/qdm12/files/
master/surveillance-ips.updated: Get "https://raw.githubusercontent.com/qdm12/files/master/surveillance-ips.updated": dial tcp: lookup raw
.githubusercontent.com on 127.0.0.1:53: read udp 127.0.0.1:34540->127.0.0.1:53: read: connection refused
2020-05-05T17:59:08.446Z WARN dns configurator: cannot GET content of URL https://raw.githubusercontent.com/qdm12/files/
master/malicious-hostnames.updated: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: look
up raw.githubusercontent.com on 127.0.0.1:53: read udp 127.0.0.1:34540->127.0.0.1:53: read: connection refused
2020-05-05T17:59:08.447Z INFO dns configurator: starting unbound
2020-05-05T17:59:08.447Z INFO dns configurator: using DNS address 127.0.0.1 internally
2020-05-05T17:59:08.447Z INFO dns configurator: using DNS address 127.0.0.1 system wide
2020-05-05T17:59:08.472Z INFO unbound: [1588701548] unbound[72:0] notice: init module 0: validator
2020-05-05T17:59:08.472Z INFO unbound: [1588701548] unbound[72:0] notice: init module 1: iterator
2020-05-05T17:59:08.486Z INFO unbound: [1588701548] unbound[72:0] info: start of service (unbound 1.9.6).
2020-05-05T17:59:09.229Z INFO unbound: [1588701549] unbound[72:0] info: generate keytag query _ta-4a5c-4f66. NULL IN
TLDR: Unbound seems to refuse two simultaneous calls from the same port from the Go program to resolve raw.githubusercontent.com for block lists
Is this urgent?
What VPN service provider are you using?
What's the version of the program?
latest
What are you using to run the container?
Extra information
Logs: