[BUG] - public IP not matching proton server IPs

Ruvonn commented 2 years ago

Version of `protonvpn-docker`

latest [2022.03.20]

Credential & Plan

[X] I have verified that my VPN credentials are valid
[X] I am using OpenVPN credentials and not my proton account credentials.
[X] I have verified that the servers I am trying to connect to are available under my plan.

System Architecture

x86_64

Running on a NAS?

Yes

Container Runtime

Docker with defaults

Version of Kubernetes

NA

Version of docker/podman runtime

NA

Troubleshooting

[X] I have tried steps mentioned in TROUBLESHOOTING
[X] I am using latest version of the docker image

Relevant log output

[cont-init.d] 70-vpn-setup: exited 0.
[cont-init.d] done.
[services.d] starting services
2022-03-20 06:18:30+00:00 [INFO    ] PROTONVPN_CHECK_INTERVAL is set to #60 
2022-03-20 06:18:30+00:00 [INFO    ] Reconnect threshold is #3 
2022-03-20 06:18:30+00:00 [INFO    ] Checking orphaned openvpn process 
2022-03-20 06:18:30+00:00 [INFO    ] This appears to be a fresh start! 
2022-03-20 06:18:30+00:00 [INFO    ] resolv.conf.backup - not found 
2022-03-20 06:18:30+00:00 [NOTICE  ] Using fastest server from COUNTRY: CH 
[services.d] done.
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:18:34+00:00 [INFO    ] VPN is running and healthy 
2022-03-20 06:19:34+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:19:34+00:00 [ERROR   ] Healthcheck #1 Failed! 
2022-03-20 06:20:35+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:20:35+00:00 [ERROR   ] Healthcheck #2 Failed! 
2022-03-20 06:21:35+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:21:35+00:00 [ERROR   ] Healthcheck #3 Failed! 
2022-03-20 06:22:36+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:22:36+00:00 [ERROR   ] Healthcheck #4 Failed! 
2022-03-20 06:22:36+00:00 [ERROR   ] Reconnecting! (3) 
2022-03-20 06:22:36+00:00 [WARNING ] Reconnecting... 
There is already a VPN connection running.
Terminating previous connection...
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:22:39+00:00 [INFO    ] Reconnection successful 
2022-03-20 06:23:39+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:23:39+00:00 [ERROR   ] Healthcheck #5 Failed! 
2022-03-20 06:23:39+00:00 [ERROR   ] Reconnecting! (3) 
2022-03-20 06:23:39+00:00 [WARNING ] Reconnecting... 
There is already a VPN connection running.
Terminating previous connection...
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:23:42+00:00 [INFO    ] Reconnection successful 
2022-03-20 06:24:42+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:24:42+00:00 [ERROR   ] Healthcheck #6 Failed! 
2022-03-20 06:24:42+00:00 [ERROR   ] Reconnecting! (3) 
2022-03-20 06:24:42+00:00 [WARNING ] Reconnecting... 
There is already a VPN connection running.
Terminating previous connection...
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:24:45+00:00 [INFO    ] Reconnection successful 
2022-03-20 06:25:46+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:25:46+00:00 [ERROR   ] Healthcheck #7 Failed! 
2022-03-20 06:25:46+00:00 [ERROR   ] Reconnecting! (3) 
2022-03-20 06:25:46+00:00 [WARNING ] Reconnecting... 
There is already a VPN connection running.
Terminating previous connection...
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:25:49+00:00 [INFO    ] Reconnection successful 
2022-03-20 06:26:49+0000  [ERROR   ] Your current public IP 185.159.157.129, does not match any IPs from server CH#12
2022-03-20 06:26:49+00:00 [ERROR   ] Healthcheck #8 Failed! 
2022-03-20 06:26:49+00:00 [ERROR   ] Reconnecting! (3) 
2022-03-20 06:26:49+00:00 [WARNING ] Reconnecting... 
There is already a VPN connection running.
Terminating previous connection...
Connecting to CH#12 via UDP...
Connected!
2022-03-20 06:26:52+00:00 [INFO    ] Reconnection successful

Any additional info

the container will just reconnect all the time going to https://whois.domaintools.com/185.159.157.129 shows it is a ProtonVPN IP and I'm really not sure what the problem is, does the image possibly have an outdated list of allowed IPs? this only happens when it's connected to certain IPs like the one in this log, other times it's running perfectly until I restart the host or the container and it happens to catch an IP it doesn't like (but will always get the same IP and never try a different server?) has been looping for days at some point

Code of Conduct & PII Redaction

[X] I agree to follow this project's Code of Conduct
[X] I have removed any sensitive personally identifying information(PII) and secrets from in this issue report.

guildencrantz commented 2 years ago

I was consistently seeing this and it appears that when I was connecting a P2P client that the reported IP switched from the ExitIP to the EntryIP.

ghost commented 2 years ago

This bug has plagued this software for months. We need the ability to disable the healthcheck entirely.

o42o commented 2 years ago

Same problem here. @tprasadtp, any ways we can help to solve this?

o42o commented 2 years ago

@Ruvon @guildencrantz @jss8gw9slxcek

I'm not very good with docker, but I have corrected the bug on my server. Here what I did :

Fork the repo tprasadtp/protonvpn-docker
On my fork, edit /root/usr/bin/healthcheck and add a line : connected_server_ips.append(server["EntryIP"]) (line 57 here : https://github.com/o42o/protonvpn-docker/blob/master/root/usr/bin/healthcheck)
Start the tprasadtp/protonvpn-docker container on my server
With Portainer, select that container and go into the console of that container
cd usr/bin/
Rename the healthcheck file (healthcheck_old)
curl http://raw.githubusercontent.com/o42o/protonvpn-docker/master/root/usr/bin/healthcheck > healthcheck
copy the file permission of healthcheck_old to healthcheck : chmod --reference=healthcheck_old healthcheck
That's it!

No more VPN disconnect and reconnect because of the healthcheck fail when downloading torrent with qBittorrent. Thank you @guildencrantz for the tip in your comment!

Now, I don't think it will survive an update of the container, but it's an easy fix to implement for @tprasadtp I think into the image. I only added one line of code and it's look good!

hadim commented 2 years ago

I am having the same error too. But I think it's a false positive since calling curl http://ipinfo.io within the container shows a correct Proton IP in the correct country.

b-col commented 1 year ago

Still an issue in 2023

tprasadtp / protonvpn-docker