search

soxfor / qbittorrent-natmap

The objective of this container is to run a script that requests a port forward (via NAT-PMP) from the VPN provider and upon success changes the listening port of the qBittorrent client when running in Docker
162 stars 21 forks source link

[ProtonVPN Wireguard] port sometime detected as changed but seems to be wrong #16

Closed OrpheeGT closed 1 year ago

OrpheeGT commented 1 year ago

Hello,

It happens sometime :

2023-08-11 14:02:40 | qBittorrent SessionID Ok!
2023-08-11 14:02:40 | Public IP: [Retracted]
2023-08-11 14:02:40 | Configured Port: 51121
2023-08-11 14:02:40 | Active Port: 51121
2023-08-11 14:02:40 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:02:40 | NAT-PMP/UPnP Ok!
2023-08-11 14:02:40 | Sleeping for 5 minutes
2023-08-11 14:07:40 | qBittorrent SessionID Ok!
2023-08-11 14:07:40 | Public IP: [Retracted]
2023-08-11 14:07:40 | Configured Port: 51121
2023-08-11 14:07:40 | Active Port: 51121
2023-08-11 14:07:40 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:07:41 | NAT-PMP/UPnP Ok!
2023-08-11 14:07:41 | Sleeping for 5 minutes
2023-08-11 14:12:41 | qBittorrent SessionID Ok!
2023-08-11 14:12:41 | Public IP: [Retracted]
2023-08-11 14:12:41 | Configured Port: 51121
2023-08-11 14:12:41 | Active Port: 51121
2023-08-11 14:12:41 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:12:41 | NAT-PMP/UPnP Ok!
2023-08-11 14:12:41 | Sleeping for 5 minutes
2023-08-11 14:17:41 | qBittorrent SessionID Ok!
2023-08-11 14:17:41 | Public IP: [Retracted]
2023-08-11 14:17:41 | Configured Port: 51121
2023-08-11 14:17:41 | Active Port: 51121
2023-08-11 14:17:41 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:17:42 | NAT-PMP/UPnP Ok!
2023-08-11 14:17:42 | Sleeping for 5 minutes
2023-08-11 14:22:42 | qBittorrent SessionID Ok!
2023-08-11 14:22:43 | Public IP: [Retracted]
2023-08-11 14:22:43 | Configured Port: 51121
2023-08-11 14:22:43 | Active Port: 51121
2023-08-11 14:22:43 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:22:43 | NAT-PMP/UPnP Ok!
2023-08-11 14:22:43 | Sleeping for 5 minutes
2023-08-11 14:27:45 | qBittorrent SessionID Ok!
2023-08-11 14:27:45 | Public IP: [Retracted]
2023-08-11 14:27:45 | Configured Port: 51121
2023-08-11 14:27:45 | Active Port: 51121
2023-08-11 14:27:45 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:27:46 | NAT-PMP/UPnP Ok!
2023-08-11 14:27:46 | Sleeping for 5 minutes
2023-08-11 14:32:46 | qBittorrent SessionID Ok!
2023-08-11 14:32:47 | Public IP: [Retracted]
2023-08-11 14:32:47 | Configured Port: 51121
2023-08-11 14:32:47 | Active Port: 51121
2023-08-11 14:32:47 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:32:47 | NAT-PMP/UPnP Ok!
2023-08-11 14:32:47 | Sleeping for 5 minutes
2023-08-11 14:37:48 | qBittorrent SessionID Ok!
2023-08-11 14:37:49 | Public IP: [Retracted]
2023-08-11 14:37:49 | Configured Port: 51121
2023-08-11 14:37:49 | Active Port: 51121
2023-08-11 14:37:49 | Port OK (Act: 51121 Cfg: 51121)
2023-08-11 14:37:49 | NAT-PMP/UPnP Ok!
2023-08-11 14:37:49 | Sleeping for 5 minutes
2023-08-11 14:42:50 | qBittorrent SessionID Ok!
2023-08-11 14:42:51 | Public IP: [Retracted]
2023-08-11 14:42:51 | Configured Port: 51121
2023-08-11 14:42:51 | Active Port: 924
2023-08-11 14:42:53 | IPTables rule deleted for port 51121 on gluetun container
2023-08-11 14:42:53 | Port Changed to: 924
2023-08-11 14:42:53 | IPTables rule added for port 924 on gluetun container
2023-08-11 14:42:53 | NAT-PMP/UPnP Ok!
2023-08-11 14:42:54 | Sleeping for 5 minutes
2023-08-11 14:47:55 | qBittorrent SessionID Ok!
2023-08-11 14:47:56 | Public IP: [Retracted]
2023-08-11 14:47:56 | Configured Port: 924
2023-08-11 14:47:56 | Active Port: 51121
2023-08-11 14:47:57 | IPTables rule deleted for port 924 on gluetun container
2023-08-11 14:47:57 | Port Changed to: 51121
2023-08-11 14:47:57 | IPTables rule added for port 51121 on gluetun container
2023-08-11 14:47:57 | NAT-PMP/UPnP Ok!
2023-08-11 14:47:57 | Sleeping for 5 minutes
2023-08-11 14:52:58 | qBittorrent SessionID Ok!
2023-08-11 14:53:00 | Public IP: [Retracted]
2023-08-11 14:53:00 | Configured Port: 51121
2023-08-11 14:53:00 | Active Port: 924
2023-08-11 14:53:02 | IPTables rule deleted for port 51121 on gluetun container
2023-08-11 14:53:02 | Port Changed to: 924
2023-08-11 14:53:02 | IPTables rule added for port 924 on gluetun container
2023-08-11 14:53:02 | NAT-PMP/UPnP Ok!
2023-08-11 14:53:02 | Sleeping for 5 minutes
2023-08-11 14:58:03 | qBittorrent SessionID Ok!
2023-08-11 14:58:04 | Public IP: [Retracted]
2023-08-11 14:58:04 | Configured Port: 924
2023-08-11 14:58:04 | Active Port: 51121
2023-08-11 14:58:04 | IPTables rule deleted for port 924 on gluetun container
2023-08-11 14:58:04 | Port Changed to: 51121
2023-08-11 14:58:06 | IPTables rule added for port 51121 on gluetun container
2023-08-11 14:58:06 | NAT-PMP/UPnP Ok!
2023-08-11 14:58:06 | Sleeping for 5 minutes

When it change to the low range port (here 924, but it can be something like 4656) Port is actually closed, and qBittorrent show the orange fire icon. Confirmed by https://portchecker.co/ reporting port as closed

When it detects back the right port (here 51121) qBittorrent icon switch back to green earth and port is tested open OK from portchecker website. image

Is there something to do to fix this ? Thanks

OrpheeGT commented 1 year ago

It seems to happen when I have some torrents in download. While when I only upload, does not seems to happen.

The gluetun container consum high CPU usage : image

image

Edit : As soon as I stop qbittorrent container manually, gluetun CPU usage drops down.

OrpheeGT commented 1 year ago

I can confirm it seems to happen only when I have files in download... all night only seeding, no issue. Added 4 files to download near 10:50 am (quite fast download ~40MB/s) and it happened again

2023-08-12 10:03:09 | qBittorrent SessionID Ok!
2023-08-12 10:03:09 | Public IP: [Retracted]
2023-08-12 10:03:09 | Configured Port: 37713
2023-08-12 10:03:09 | Active Port: 37713
2023-08-12 10:03:09 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:03:09 | NAT-PMP/UPnP Ok!
2023-08-12 10:03:09 | Sleeping for 5 minutes
2023-08-12 10:08:09 | qBittorrent SessionID Ok!
2023-08-12 10:08:09 | Public IP: [Retracted]
2023-08-12 10:08:09 | Configured Port: 37713
2023-08-12 10:08:09 | Active Port: 37713
2023-08-12 10:08:09 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:08:09 | NAT-PMP/UPnP Ok!
2023-08-12 10:08:09 | Sleeping for 5 minutes
2023-08-12 10:13:10 | qBittorrent SessionID Ok!
2023-08-12 10:13:10 | Public IP: [Retracted]
2023-08-12 10:13:10 | Configured Port: 37713
2023-08-12 10:13:10 | Active Port: 37713
2023-08-12 10:13:10 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:13:10 | NAT-PMP/UPnP Ok!
2023-08-12 10:13:10 | Sleeping for 5 minutes
2023-08-12 10:18:10 | qBittorrent SessionID Ok!
2023-08-12 10:18:10 | Public IP: [Retracted]
2023-08-12 10:18:10 | Configured Port: 37713
2023-08-12 10:18:10 | Active Port: 37713
2023-08-12 10:18:10 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:18:10 | NAT-PMP/UPnP Ok!
2023-08-12 10:18:10 | Sleeping for 5 minutes
2023-08-12 10:23:11 | qBittorrent SessionID Ok!
2023-08-12 10:23:11 | Public IP: [Retracted]
2023-08-12 10:23:11 | Configured Port: 37713
2023-08-12 10:23:11 | Active Port: 37713
2023-08-12 10:23:11 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:23:11 | NAT-PMP/UPnP Ok!
2023-08-12 10:23:11 | Sleeping for 5 minutes
2023-08-12 10:28:11 | qBittorrent SessionID Ok!
2023-08-12 10:28:11 | Public IP: [Retracted]
2023-08-12 10:28:11 | Configured Port: 37713
2023-08-12 10:28:11 | Active Port: 37713
2023-08-12 10:28:11 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:28:11 | NAT-PMP/UPnP Ok!
2023-08-12 10:28:11 | Sleeping for 5 minutes
2023-08-12 10:33:11 | qBittorrent SessionID Ok!
2023-08-12 10:33:11 | Public IP: [Retracted]
2023-08-12 10:33:11 | Configured Port: 37713
2023-08-12 10:33:11 | Active Port: 37713
2023-08-12 10:33:11 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:33:12 | NAT-PMP/UPnP Ok!
2023-08-12 10:33:12 | Sleeping for 5 minutes
2023-08-12 10:38:13 | qBittorrent SessionID Ok!
2023-08-12 10:38:15 | Public IP: [Retracted]
2023-08-12 10:38:15 | Configured Port: 37713
2023-08-12 10:38:15 | Active Port: 37713
2023-08-12 10:38:15 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:38:15 | NAT-PMP/UPnP Ok!
2023-08-12 10:38:15 | Sleeping for 5 minutes
2023-08-12 10:43:17 | qBittorrent SessionID Ok!
2023-08-12 10:43:19 | Public IP: [Retracted]
2023-08-12 10:43:19 | Configured Port: 37713
2023-08-12 10:43:19 | Active Port: 37713
2023-08-12 10:43:19 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:43:19 | NAT-PMP/UPnP Ok!
2023-08-12 10:43:19 | Sleeping for 5 minutes
2023-08-12 10:48:22 | qBittorrent SessionID Ok!
2023-08-12 10:48:22 | Public IP: [Retracted]
2023-08-12 10:48:22 | Configured Port: 37713
2023-08-12 10:48:22 | Active Port: 37713
2023-08-12 10:48:22 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 10:48:23 | NAT-PMP/UPnP Ok!
2023-08-12 10:48:23 | Sleeping for 5 minutes
2023-08-12 10:53:26 | qBittorrent SessionID Ok!
2023-08-12 10:53:27 | Public IP: [Retracted]
2023-08-12 10:53:27 | Configured Port: 37713
2023-08-12 10:53:27 | Active Port: 26053
2023-08-12 10:53:29 | IPTables rule deleted for port 37713 on gluetun container
2023-08-12 10:53:29 | Port Changed to: 26053
2023-08-12 10:53:29 | IPTables rule added for port 26053 on gluetun container
2023-08-12 10:53:29 | NAT-PMP/UPnP Ok!
2023-08-12 10:53:29 | Sleeping for 5 minutes
2023-08-12 10:58:32 | qBittorrent SessionID Ok!
2023-08-12 10:58:34 | Public IP: [Retracted]
2023-08-12 10:58:34 | Configured Port: 26053
2023-08-12 10:58:34 | Active Port: 26053
2023-08-12 10:58:34 | Port OK (Act: 26053 Cfg: 26053)
2023-08-12 10:58:35 | NAT-PMP/UPnP Ok!
2023-08-12 10:58:35 | Sleeping for 5 minutes
2023-08-12 11:03:40 | qBittorrent SessionID Ok!
2023-08-12 11:03:40 | Public IP: [Retracted]
2023-08-12 11:03:40 | Configured Port: 26053
2023-08-12 11:03:40 | Active Port: 37713
2023-08-12 11:03:41 | IPTables rule deleted for port 26053 on gluetun container
2023-08-12 11:03:41 | Port Changed to: 37713
2023-08-12 11:03:42 | IPTables rule added for port 37713 on gluetun container
2023-08-12 11:03:42 | NAT-PMP/UPnP Ok!
2023-08-12 11:03:42 | Sleeping for 5 minutes
2023-08-12 11:08:46 | qBittorrent SessionID Ok!
2023-08-12 11:08:47 | Public IP: [Retracted]
2023-08-12 11:08:47 | Configured Port: 37713
2023-08-12 11:08:47 | Active Port: 37713
2023-08-12 11:08:47 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 11:08:48 | NAT-PMP/UPnP Ok!
2023-08-12 11:08:48 | Sleeping for 5 minutes
OrpheeGT commented 1 year ago

I played a bit inside natmap container an ran natpmpc command manually 

root@7d66855382e5:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 300
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4672192
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 37713 protocol TCP to local port 37713 liftime 60
epoch = 4672192
    # networks:
closenatpmp() returned 0 (SUCCESS)

root@7d66855382e5:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 120
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4672349
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 37713 protocol TCP to local port 37713 liftime 60
epoch = 4672349
closenatpmp() returned 0 (SUCCESS)

root@7d66855382e5:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 45
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4672352
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 37713 protocol TCP to local port 37713 liftime 45
epoch = 4672352
closenatpmp() returned 0 (SUCCESS)

root@7d66855382e5:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 60
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4672356
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 37713 protocol TCP to local port 37713 liftime 60
epoch = 4672356
closenatpmp() returned 0 (SUCCESS)

root@7d66855382e5:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 300
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4672359
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 37713 protocol TCP to local port 37713 liftime 60
epoch = 4672359
closenatpmp() returned 0 (SUCCESS)

Actually, it seems max leasetime/lifetime is 60 seconds with ProtonVPN, no matter what. So I modified docker-compose settings to : 

  - CHECK_INTERVAL=45
  - NAT_LEASE_LIFETIME=60

taking example on official documentation : https://protonvpn.com/support/port-forwarding-manual-setup/

Sadly it does not change the issue, as soon as I put some files in download, same bahavior

2023-08-12 12:03:51 | qBittorrent SessionID Ok!
2023-08-12 12:03:51 | Public IP: [Retracted]
2023-08-12 12:03:51 | Configured Port: 37713
2023-08-12 12:03:51 | Active Port: 37713
2023-08-12 12:03:51 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 12:03:51 | NAT-PMP/UPnP Ok!
2023-08-12 12:03:51 | Sleeping for 0 minutes
2023-08-12 12:04:36 | qBittorrent SessionID Ok!
2023-08-12 12:04:37 | Public IP: [Retracted]
2023-08-12 12:04:37 | Configured Port: 37713
2023-08-12 12:04:37 | Active Port: 37713
2023-08-12 12:04:37 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 12:04:37 | NAT-PMP/UPnP Ok!
2023-08-12 12:04:37 | Sleeping for 0 minutes
2023-08-12 12:05:23 | qBittorrent SessionID Ok!
2023-08-12 12:05:23 | Public IP: [Retracted]
2023-08-12 12:05:23 | Configured Port: 37713
2023-08-12 12:05:23 | Active Port: 37713
2023-08-12 12:05:23 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 12:05:24 | NAT-PMP/UPnP Ok!
2023-08-12 12:05:24 | Sleeping for 0 minutes
2023-08-12 12:06:10 | qBittorrent SessionID Ok!
2023-08-12 12:06:11 | Public IP: [Retracted]
2023-08-12 12:06:11 | Configured Port: 37713
2023-08-12 12:06:11 | Active Port: 26053
2023-08-12 12:06:11 | IPTables rule deleted for port 37713 on gluetun container
2023-08-12 12:06:11 | Port Changed to: 26053
2023-08-12 12:06:12 | IPTables rule added for port 26053 on gluetun container
2023-08-12 12:06:12 | NAT-PMP/UPnP Ok!
2023-08-12 12:06:12 | Sleeping for 0 minutes
2023-08-12 12:06:57 | qBittorrent SessionID Ok!
2023-08-12 12:06:59 | Public IP: [Retracted]
2023-08-12 12:06:59 | Configured Port: 26053
2023-08-12 12:06:59 | Active Port: 37713
2023-08-12 12:07:00 | IPTables rule deleted for port 26053 on gluetun container
2023-08-12 12:07:00 | Port Changed to: 37713
2023-08-12 12:07:00 | IPTables rule added for port 37713 on gluetun container
2023-08-12 12:07:00 | NAT-PMP/UPnP Ok!
2023-08-12 12:07:00 | Sleeping for 0 minutes
2023-08-12 12:07:47 | qBittorrent SessionID Ok!
2023-08-12 12:07:49 | Public IP: [Retracted]
2023-08-12 12:07:49 | Configured Port: 37713
2023-08-12 12:07:49 | Active Port: 26053
2023-08-12 12:07:50 | IPTables rule deleted for port 37713 on gluetun container
2023-08-12 12:07:50 | Port Changed to: 26053
2023-08-12 12:07:50 | IPTables rule added for port 26053 on gluetun container
2023-08-12 12:07:50 | NAT-PMP/UPnP Ok!
2023-08-12 12:07:50 | Sleeping for 0 minutes
2023-08-12 12:08:36 | qBittorrent SessionID Ok!
2023-08-12 12:08:38 | Public IP: [Retracted]
2023-08-12 12:08:38 | Configured Port: 26053
2023-08-12 12:08:38 | Active Port: 26053
2023-08-12 12:08:38 | Port OK (Act: 26053 Cfg: 26053)
2023-08-12 12:08:38 | NAT-PMP/UPnP Ok!
2023-08-12 12:08:38 | Sleeping for 0 minutes
2023-08-12 12:09:25 | qBittorrent SessionID Ok!
2023-08-12 12:09:27 | Public IP: [Retracted]
2023-08-12 12:09:27 | Configured Port: 26053
2023-08-12 12:09:27 | Active Port: 26053
2023-08-12 12:09:27 | Port OK (Act: 26053 Cfg: 26053)
2023-08-12 12:09:28 | NAT-PMP/UPnP Ok!
2023-08-12 12:09:28 | Sleeping for 0 minutes
2023-08-12 12:10:14 | qBittorrent SessionID Ok!
2023-08-12 12:10:16 | Public IP: [Retracted]
2023-08-12 12:10:16 | Configured Port: 26053
2023-08-12 12:10:16 | Active Port: 26053
2023-08-12 12:10:16 | Port OK (Act: 26053 Cfg: 26053)
2023-08-12 12:10:16 | NAT-PMP/UPnP Ok!
2023-08-12 12:10:16 | Sleeping for 0 minutes
2023-08-12 12:11:02 | qBittorrent SessionID Ok!
2023-08-12 12:11:02 | Public IP: [Retracted]
2023-08-12 12:11:02 | Configured Port: 26053
2023-08-12 12:11:02 | Active Port: 37713
2023-08-12 12:11:04 | IPTables rule deleted for port 26053 on gluetun container
2023-08-12 12:11:04 | Port Changed to: 37713
2023-08-12 12:11:06 | IPTables rule added for port 37713 on gluetun container
2023-08-12 12:11:06 | NAT-PMP/UPnP Ok!
2023-08-12 12:11:06 | Sleeping for 0 minutes
OrpheeGT commented 1 year ago

I was able to retrieve logs running the command manually while heavy traffic load : 

root@8415cf6013fd:/# natpmpc -g 10.2.0.1 -a 0 0 tcp 60
initnatpmp() returned 0 (SUCCESS)
using gateway : 10.2.0.1
sendpublicaddressrequest returned 2 (SUCCESS)
readnatpmpresponseorretry returned -100 (TRY AGAIN)
readnatpmpresponseorretry returned -100 (TRY AGAIN)
readnatpmpresponseorretry returned 0 (OK)
Public IP address : [Retracted]
epoch = 4681492
sendnewportmappingrequest returned 12 (SUCCESS)
readnatpmpresponseorretry returned -100 (TRY AGAIN)
readnatpmpresponseorretry returned 0 (OK)
Mapped public port 26053 protocol UNKNOWN to local port 38569 liftime 0
epoch = 4681492
closenatpmp() returned 0 (SUCCESS)
OrpheeGT commented 1 year ago

Until the real issue is identified, I created a workaround...

--- start.sh.orig       2023-08-12 15:28:24.184514086 +0200
+++ start.sh    2023-08-12 18:29:07.605034670 +0200
@@ -52,7 +52,7 @@
     # shellcheck disable=SC2086
     natpmpc -g ${VPN_GATEWAY} -a 0 0 udp ${NAT_LEASE_LIFETIME} >/dev/null 2>&1
     # shellcheck disable=SC2086
-    natpmpc -g ${VPN_GATEWAY} -a 0 0 tcp ${NAT_LEASE_LIFETIME} | grep -oP '(?<=Mapped public port.).*(?=.protocol.*)'
+    natpmpc -g ${VPN_GATEWAY} -a 0 0 tcp ${NAT_LEASE_LIFETIME} | grep -oP '(?<=Mapped public port.).*(?=.protocol.TCP.*)'
 }

 qbt_login() {
@@ -121,18 +121,20 @@
     echo "$(timestamp) | Active Port: ${active_port}"

     # shellcheck disable=SC2086
-    if [ ${configured_port} != ${active_port} ]; then
-        if qbt_changeport "${qbt_sid}" ${active_port}; then
-            if fw_delrule; then
-                echo "$(timestamp) | IPTables rule deleted for port ${configured_port} on ${VPN_CT_NAME} container"
+    if [ ! -z ${active_port} ]; then
+        if [ ${configured_port} != ${active_port} ]; then
+            if qbt_changeport "${qbt_sid}" ${active_port}; then
+                if fw_delrule; then
+                    echo "$(timestamp) | IPTables rule deleted for port ${configured_port} on ${VPN_CT_NAME} container"
+                fi
+                echo "$(timestamp) | Port Changed to: $(findconfiguredport ${qbt_sid})"
+            else
+                echo "$(timestamp) | Port Change failed."
+                res=1
             fi
-            echo "$(timestamp) | Port Changed to: $(findconfiguredport ${qbt_sid})"
         else
-            echo "$(timestamp) | Port Change failed."
-            res=1
+            echo "$(timestamp) | Port OK (Act: ${active_port} Cfg: ${configured_port})"
         fi
-    else
-        echo "$(timestamp) | Port OK (Act: ${active_port} Cfg: ${configured_port})"
     fi

     if fw_addrule; then

adding TCP word in the grep command gives an empty result when the issue occurs because of "UNKNOWN" catched instead of "TCP" word.

Then added a condition to avoid check if "activeport" is empty.

2023-08-12 15:18:31 | qBittorrent SessionID Ok!
2023-08-12 15:18:33 | Public IP: [Retracted]
2023-08-12 15:18:33 | Configured Port: 37713
2023-08-12 15:18:33 | Active Port:
2023-08-12 15:18:33 | NAT-PMP/UPnP Ok!
2023-08-12 15:18:33 | Sleeping for 0 minutes
2023-08-12 15:19:18 | qBittorrent SessionID Ok!
2023-08-12 15:19:20 | Public IP: [Retracted]
2023-08-12 15:19:20 | Configured Port: 37713
2023-08-12 15:19:20 | Active Port:
2023-08-12 15:19:20 | NAT-PMP/UPnP Ok!
2023-08-12 15:19:20 | Sleeping for 0 minutes
2023-08-12 15:20:06 | qBittorrent SessionID Ok!
2023-08-12 15:20:06 | Public IP: [Retracted]
2023-08-12 15:20:06 | Configured Port: 37713
2023-08-12 15:20:06 | Active Port: 37713
2023-08-12 15:20:06 | Port OK (Act: 37713 Cfg: 37713)
2023-08-12 15:20:09 | NAT-PMP/UPnP Ok!
2023-08-12 15:20:09 | Sleeping for 0 minutes

Probably not the best way, but at least it won't close the port and update firewall rule with wrong data...

OrpheeGT commented 1 year ago

I'm still searching the issue...

And the bottleneck seems to be on the network, don't know where yet...

But when the issue above appears, from inside gluetun container, when I ping VPN Gateway 10.2.0.1 I have very high values (~1000/2000ms)

On a dedicated server with 1Gbps/250Mbps bandwidth capacity...

From qbittorrent container, when no download running, if I run a wget download, no issue at all... so it seems to be more an issue with number of active connexions related to torrents than just a bandwidth issue...

Tested OpenVPN protocol, but performances are quite low with it, 15MB/s max no matter what... but no issue with OpenVPN protocol...

So the issue is actually because of a network bottleneck natpmpc does not receive response from server fast enough...

At container start without any download :

/ # ping 10.2.0.1
PING 10.2.0.1 (10.2.0.1): 56 data bytes
64 bytes from 10.2.0.1: seq=0 ttl=64 time=16.277 ms
64 bytes from 10.2.0.1: seq=1 ttl=64 time=16.882 ms
64 bytes from 10.2.0.1: seq=2 ttl=64 time=16.712 ms
64 bytes from 10.2.0.1: seq=3 ttl=64 time=16.787 ms

Then with active downloads running :

64 bytes from 10.2.0.1: seq=385 ttl=64 time=377.547 ms
64 bytes from 10.2.0.1: seq=386 ttl=64 time=544.240 ms
64 bytes from 10.2.0.1: seq=387 ttl=64 time=380.243 ms
64 bytes from 10.2.0.1: seq=388 ttl=64 time=449.049 ms
64 bytes from 10.2.0.1: seq=389 ttl=64 time=514.798 ms
64 bytes from 10.2.0.1: seq=390 ttl=64 time=741.825 ms
64 bytes from 10.2.0.1: seq=391 ttl=64 time=370.984 ms
64 bytes from 10.2.0.1: seq=392 ttl=64 time=409.645 ms
64 bytes from 10.2.0.1: seq=393 ttl=64 time=334.498 ms
64 bytes from 10.2.0.1: seq=394 ttl=64 time=434.350 ms
64 bytes from 10.2.0.1: seq=395 ttl=64 time=399.647 ms
64 bytes from 10.2.0.1: seq=396 ttl=64 time=456.702 ms
64 bytes from 10.2.0.1: seq=397 ttl=64 time=406.026 ms
64 bytes from 10.2.0.1: seq=398 ttl=64 time=291.218 ms
64 bytes from 10.2.0.1: seq=399 ttl=64 time=402.838 ms
64 bytes from 10.2.0.1: seq=400 ttl=64 time=424.630 ms
64 bytes from 10.2.0.1: seq=401 ttl=64 time=198.697 ms
64 bytes from 10.2.0.1: seq=402 ttl=64 time=518.768 ms
64 bytes from 10.2.0.1: seq=403 ttl=64 time=581.380 ms
64 bytes from 10.2.0.1: seq=404 ttl=64 time=335.299 ms
64 bytes from 10.2.0.1: seq=405 ttl=64 time=424.103 ms
64 bytes from 10.2.0.1: seq=406 ttl=64 time=356.770 ms
64 bytes from 10.2.0.1: seq=407 ttl=64 time=355.606 ms
64 bytes from 10.2.0.1: seq=408 ttl=64 time=388.788 ms
64 bytes from 10.2.0.1: seq=409 ttl=64 time=424.730 ms
64 bytes from 10.2.0.1: seq=410 ttl=64 time=351.312 ms
64 bytes from 10.2.0.1: seq=411 ttl=64 time=321.712 ms

If I set some torrent queuing with max 1 download at a time : 

64 bytes from 10.2.0.1: seq=623 ttl=64 time=560.571 ms
64 bytes from 10.2.0.1: seq=624 ttl=64 time=596.489 ms
64 bytes from 10.2.0.1: seq=625 ttl=64 time=792.681 ms
64 bytes from 10.2.0.1: seq=626 ttl=64 time=676.339 ms
64 bytes from 10.2.0.1: seq=627 ttl=64 time=668.736 ms
64 bytes from 10.2.0.1: seq=628 ttl=64 time=766.678 ms
64 bytes from 10.2.0.1: seq=629 ttl=64 time=506.209 ms
64 bytes from 10.2.0.1: seq=630 ttl=64 time=196.710 ms
[queing enabled]
64 bytes from 10.2.0.1: seq=631 ttl=64 time=49.091 ms
64 bytes from 10.2.0.1: seq=632 ttl=64 time=57.412 ms
64 bytes from 10.2.0.1: seq=633 ttl=64 time=51.658 ms
64 bytes from 10.2.0.1: seq=634 ttl=64 time=49.790 ms
64 bytes from 10.2.0.1: seq=635 ttl=64 time=72.221 ms
64 bytes from 10.2.0.1: seq=636 ttl=64 time=57.020 ms
64 bytes from 10.2.0.1: seq=637 ttl=64 time=80.515 ms
64 bytes from 10.2.0.1: seq=638 ttl=64 time=68.990 ms
64 bytes from 10.2.0.1: seq=639 ttl=64 time=71.532 ms
64 bytes from 10.2.0.1: seq=640 ttl=64 time=58.171 ms
64 bytes from 10.2.0.1: seq=641 ttl=64 time=42.842 ms
64 bytes from 10.2.0.1: seq=642 ttl=64 time=84.084 ms
64 bytes from 10.2.0.1: seq=643 ttl=64 time=78.168 ms
64 bytes from 10.2.0.1: seq=644 ttl=64 time=60.456 ms
64 bytes from 10.2.0.1: seq=645 ttl=64 time=81.318 ms
64 bytes from 10.2.0.1: seq=646 ttl=64 time=85.914 ms
2023-08-18 16:41:06 | qBittorrent SessionID Ok!
2023-08-18 16:41:08 | Public IP: [Retracted]
2023-08-18 16:41:08 | Configured Port: 35516
2023-08-18 16:41:08 | Active Port:
2023-08-18 16:41:08 | NAT-PMP/UPnP Ok!
2023-08-18 16:41:08 | Sleeping for 0 minutes
[Queing enabled]
2023-08-18 16:41:53 | qBittorrent SessionID Ok!
2023-08-18 16:41:53 | Public IP: [Retracted]
2023-08-18 16:41:53 | Configured Port: 35516
2023-08-18 16:41:53 | Active Port: 35516
2023-08-18 16:41:53 | Port OK (Act: 35516 Cfg: 35516)
2023-08-18 16:41:54 | NAT-PMP/UPnP Ok!
2023-08-18 16:41:54 | Sleeping for 0 minutes
2023-08-18 16:42:39 | qBittorrent SessionID Ok!
2023-08-18 16:42:39 | Public IP: [Retracted]
2023-08-18 16:42:39 | Configured Port: 35516
2023-08-18 16:42:39 | Active Port: 35516
2023-08-18 16:42:39 | Port OK (Act: 35516 Cfg: 35516)
2023-08-18 16:42:39 | NAT-PMP/UPnP Ok!
2023-08-18 16:42:39 | Sleeping for 0 minutes

And to check if it was a qbittorrent issue, or more a number of connexions issues, I stopped qbittorrent, and started a flood/rtorrent container inside gluetun service. I manually inserted right port in rtorrent, and started same kinds of downloads. Same happened...

I currently don't know what happen on network side...

OrpheeGT commented 1 year ago

Hello,

I actually just fixed the issue...

I was using "userspace implementation" of wireguard integrated with gluetun container...

Following the comment from another issue I raised on gluetun github : https://github.com/qdm12/gluetun/issues/1795#issuecomment-1684945092

Building Wireguard kernel module fixed the issue !