search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.69k stars 359 forks source link

Bug: cannot update filter block lists: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated" #2516

Closed Lokilicious closed 1 week ago

Lokilicious commented 1 week ago

Is this urgent?

Yes

Host OS

No response

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-10-08T19:06:21.725Z (commit 5b2923c)

What's the problem ๐Ÿค”

Gluetun doesn't get healthy since yesterday.

Apparently it is trying to fetch a block list from "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated" which is not accessible for gluetun.

Share your logs (at least 10 lines)

2024-10-09T06:51:21Z WARN [dns] cannot update filter block lists: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:56039->1.1.1.1:53: i/o timeout, Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-ips.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:56039->1.1.1.1:53: i/o timeout
2024-10-09T06:51:21Z INFO [dns] attempting restart in 20s
2024-10-09T06:51:41Z INFO [dns] downloading hostnames and IP block lists
2024-10-09T06:51:51Z WARN [dns] cannot update filter block lists: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:41274->1.1.1.1:53: i/o timeout, Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-ips.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:41274->1.1.1.1:53: i/o timeout
2024-10-09T06:51:51Z INFO [dns] attempting restart in 40s
2024-10-09T06:52:07Z INFO [http server] 200 GET /ip wrote 17B to 172.24.0.1:48620 in 209.004ยตs
2024-10-09T06:52:31Z INFO [dns] downloading hostnames and IP block lists
2024-10-09T06:52:41Z WARN [dns] cannot update filter block lists: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:56757->1.1.1.1:53: i/o timeout, Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-ips.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:56757->1.1.1.1:53: i/o timeout
2024-10-09T06:52:41Z INFO [dns] attempting restart in 1m20s
2024-10-09T06:53:19Z ERROR [vpn] starting port forwarding service: port forwarding for the first time: getting external IPv4 address: executing remote procedure call: connection timeout: failed attempts: read udp 10.2.0.2:44713->10.2.0.1:5351: i/o timeout (tries 1, 2, 3, 4, 5, 6, 7, 8, 9)
2024-10-09T06:53:19Z INFO [vpn] starting
2024-10-09T06:53:19Z INFO [firewall] allowing VPN connection...
2024-10-09T06:53:19Z INFO [wireguard] Using available kernelspace implementation
2024-10-09T06:53:19Z INFO [wireguard] Connecting to 149.88.102.110:51820
2024-10-09T06:53:19Z INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2024-10-09T06:53:29Z ERROR [vpn] getting public IP address information: fetching information: Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 1.1.1.1:53: read udp 10.2.0.2:49966->1.1.1.1:53: i/o timeout
2024-10-09T06:53:29Z INFO [port forwarding] starting
2024-10-09T06:53:39Z INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-10-09T06:53:39Z INFO [healthcheck] ๐Ÿ‘‰ See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-10-09T06:53:39Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-10-09T06:53:39Z INFO [vpn] stopping
2024-10-09T06:54:01Z INFO [dns] downloading hostnames and IP block lists
2024-10-09T06:54:11Z WARN [dns] cannot update filter block lists: Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:52351->1.1.1.1:53: i/o timeout, Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-ips.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.2.0.2:52351->1.1.1.1:53: i/o timeout
2024-10-09T06:54:11Z INFO [dns] attempting restart in 2m40s

Share your configuration

gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=100
      - VPN_TYPE=wireguard
      - VPN_SERVICE_PROVIDER=protonvpn
      - WIREGUARD_PRIVATE_KEY=X
      - SERVER_CITIES=Frankfurt
      - PORT_FORWARD_ONLY=on
      - VPN_PORT_FORWARDING=on
      - VPN_PORT_FORWARDING_PROVIDER=protonvpn
    restart: unless-stopped
    volumes:
      - /lib/modules:/lib/modules:ro
      - ./config/gluetun:/gluetun
    ports:
      - 5800:5800 #Jdownloader
      - 8080:8080/tcp #qBittorrent
      - 8000:8000 #gluetun
    networks:
      gluetun_network:
github-actions[bot] commented 1 week ago

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:

Lokilicious commented 1 week ago

I just noticed the URL is accessible from other machines, but gluetun fails to access it.

Tried to run wget from within the gluetun container returning:

/ # wget https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated
--2024-10-09 07:02:52--  https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... failed: Try again.
wget: unable to resolve host address 'raw.githubusercontent.com'
/ # exit
Lokilicious commented 1 week ago

Full log: gluetun.log

Lokilicious commented 1 week ago

Also tried to go back to the v3 tag - without success

github-actions[bot] commented 1 week ago

Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.

Lokilicious commented 1 week ago

Turns out it was a wireguard issue ๐Ÿ™ˆ