Closed stumpylog closed 4 years ago
That just got fixed in #190 like an hour ago. Sorry for the disruption! Feel free to comment back if it still does not work.
I agree it seems related, but I believe I'm running the commit with the fix for #190. Commit is 4cd6b33.
That's the one: https://github.com/qdm12/private-internet-access-docker/commit/4cd6b33044aab006de013cff608ed1d4c9aa55ab
It works for me again (using Shadowsocks), is it working for you?
Also make sure the firewall is on, disabling might impact the routing related to what we want (although it shouldn't but still)
Both Shadowsocks and Tinyproxy are set to off. The firewall does look to be on, and it reads the set subnets from environment.
2020-07-12T16:49:22.503-0700 INFO firewall: setting allowed subnets through firewall...,
2020-07-12T16:49:22.503-0700 INFO routing: default route found: interface eth0, gateway 172.17.2.1,
2020-07-12T16:49:22.503-0700 INFO firewall: enabled successfully,
2020-07-12T16:49:22.506-0700 INFO routing: adding 192.168.1.0/24 as route via 172.17.2.1 eth0,
2020-07-12T16:49:22.480-0700 INFO firewall: enabling...,
2020-07-12T16:49:22.480-0700 INFO routing: default route found: interface eth0, gateway 172.17.2.1,
2020-07-12T16:49:22.480-0700 INFO routing: local subnet found: 172.17.2.0/24,
<snip>
2020-07-12T16:49:22.578-0700 INFO firewall: setting VPN connections through firewall...,
2020-07-12T16:49:22.578-0700 INFO routing: default route found: interface eth0, gateway 172.17.2.1
I have it working with my usual web ui attached.
Maybe your problem is something different indeed. Can you please send your full docker-compose.yml (omit credentials) and full logs so I can have more information? Thanks
Actually there is a problem, @stumpylog no need to post your config; I'm working on it.
Awesome! Thanks so much for looking into this. Great container
Thanks @stumpylog for helping out. It's thanks to you guys that I'm driving this container development like a racer 😉 🚤
So I've fixed the bug, it was the firewall allowing basically traffic between EXTRA_SUBNET and EXTRA_SUBNET (useless) instead of LOCAL_SUBNET and EXTRA_SUBNET. I've tested it with some http server running with "service:gluetun"
and it works, so it should -finally- be fixed 👍
Referring my comment in #177, I can confirm that the current :latest build fixes my issue with port forwarding! Thanks for a fantastic container and quick work.
TLDR: EXTRA_SUBNETS feature is no longer working when FIREWALL=on
With
FIREWALL=on
andEXTRA_SUBNETS=192.168.1.0/24
, I can now no longer access a web UI of an attached container, when previously I could. The attached container is running using theservice:name
style, and is accessible from other containers, has internet access, and otherwise appears happy. I just can't reach it from inside the LAN.If
FIREWALL=off
is set, I am able to access the web UI. Let me know if I can provide further information to help (or what verbose logging would help). Maybe related to #190 ?Is this urgent?
What VPN service provider are you using?
What's the version of the program?
Running version latest built on 2020-07-12T21:22:24Z (commit 4cd6b33))
What are you using to run the container?
Extra information
Logs: Nothing that looks relevant?
Configuration file:
Host OS: Ubuntu 20.04