alpine-qbittorrent-openvpn
alpine-qbittorrent-openvpn copied to clipboard
guillaumedsde
iptables invalid port/service
I don't know whether this is related to the provider or a more general bug. The error seems to be related to iptables:
[cont-init.d] 03-setup-iptables: executing...
iptables v1.8.4 (legacy): invalid port/service `443
5995
8443' specified
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.8.4 (legacy): invalid port/service `443
5995
8443' specified
Try `iptables -h' or 'iptables --help' for more information.
$ dc version
docker-compose version 1.26.0dev, build unknown
docker-py version: 4.3.1
CPython version: 3.7.6
OpenSSL version: OpenSSL 1.1.1g 21 Apr 2020
torr:
container_name: torr
image: guillaumedsde/alpine-qbittorrent-openvpn:development # i also tried `latest` and `python`
volumes:
- /home/hadim/Configurations/torr/config:/config
- "/etc/localtime:/etc/localtime:ro"
- freda_Download:/downloads
environment:
- PGID=1000
- PUID=1000
- TZ=EST
- UMASK_SET=022
- OPENVPN_PROVIDER=PROTONVPN
- OPENVPN_CONFIG=ca-27.protonvpn.com.tcp # I also tried using `udp`
- OPENVPN_USERNAME=xxxxxx
- OPENVPN_PASSWORD=xxxxxxxx
- LAN=192.168.0.0/16
# - CREATE_TUN_DEVICE=true
- QBT_WEBUI_PORT=8788
# - WEBPROXY_ENABLED=false
# - DNS=1.1.1.1
# - HEALTH_CHECK_HOST=8.8.8.8
ports:
- 8788:8080
cap_add:
- NET_ADMIN
restart: unless-stopped
dns:
- 1.1.1.1
- 8.8.8.8
labels:
- "traefik.enable=true"
- "traefik.http.routers.torr.rule=Host(`torr.xxxx.org`)"
- "traefik.http.routers.torr.entrypoints=websecure"
- "traefik.http.routers.torr.tls.certresolver=mydnschallenge"
- "traefik.http.services.torr.loadbalancer.server.port=8788"
and here is the associated error when running the service:
Attaching to torr
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-setup-permissions: executing...
[cont-init.d] 01-setup-permissions: exited 0.
[cont-init.d] 02-setup-openvpn: executing...
Thu Sep 10 13:51:02 2020 TUN/TAP device tun0 opened
Thu Sep 10 13:51:02 2020 Persist state set to: ON
INFO: Trying to use OpenVPN provider: PROTONVPN
A
A protonvpn/us-wa-16.protonvpn.com.tcp.ovpn
A protonvpn/us-wa-16.protonvpn.com.udp.ovpn
A protonvpn/za-05.protonvpn.com.tcp.ovpn
A protonvpn/za-05.protonvpn.com.udp.ovpn
A protonvpn/za-06.protonvpn.com.tcp.ovpn
A protonvpn/za-06.protonvpn.com.udp.ovpn
A protonvpn/za-07.protonvpn.com.tcp.ovpn
A protonvpn/za-07.protonvpn.com.udp.ovpn
# ...
A protonvpn/za-08.protonvpn.com.tcp.ovpn
A protonvpn/za-08.protonvpn.com.udp.ovpn
A protonvpn/za-09.protonvpn.com.tcp.ovpn
A protonvpn/za-09.protonvpn.com.udp.ovpn
A protonvpn/za-10.protonvpn.com.tcp.ovpn
A protonvpn/za-10.protonvpn.com.udp.ovpn
A protonvpn/za-11.protonvpn.com.tcp.ovpn
A protonvpn/za-11.protonvpn.com.udp.ovpn
A protonvpn/za-12.protonvpn.com.tcp.ovpn
A protonvpn/za-12.protonvpn.com.udp.ovpn
Exported revision 2308.
INFO: Found OpenVPN configuration: "ca-27.protonvpn.com.tcp" for provider "PROTONVPN" using it
[cont-init.d] 02-setup-openvpn: exited 0.
[cont-init.d] 03-setup-iptables: executing...
iptables v1.8.4 (legacy): invalid port/service `443
5995
8443' specified
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.8.4 (legacy): invalid port/service `443
5995
8443' specified
Try `iptables -h' or 'iptables --help' for more information.
[cont-init.d] 03-setup-iptables: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Thu Sep 10 13:51:05 2020 OpenVPN 2.4.9 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Thu Sep 10 13:51:05 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
Thu Sep 10 13:51:05 2020 NOTE: --fast-io is disabled since we are not using UDP
Thu Sep 10 13:51:05 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Sep 10 13:51:05 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Sep 10 13:51:05 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xx:443
It looks like the ip in the ovpn file is now different so I tried to use a custom ovpn file but I have the same error:
client
dev tun
proto tcp
remote 37.120.205.85 443
remote 37.120.205.85 5995
remote 37.120.205.85 8443
remote-random
resolv-retry infinite
nobind
cipher AES-256-CBC
auth SHA512
compress
verb 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
reneg-sec 0
remote-cert-tls server
auth-user-pass /config/openvpn-credentials.txt
pull
fast-io
<ca>
torr | OpenVPN provider not set. Using configuration at /config/openvpn/config.ovpn
torr | [cont-init.d] 02-setup-openvpn: exited 0.
torr | [cont-init.d] 03-setup-iptables: executing...
torr | iptables v1.8.4 (legacy): invalid port/service `443
torr | 5995
torr | 8443' specified
torr | Try `iptables -h' or 'iptables --help' for more information.
torr | iptables v1.8.4 (legacy): invalid port/service `443
torr | 5995
torr | 8443' specified
torr | Try `iptables -h' or 'iptables --help' for more information.
Note that using the same ovpn file on my desktop station works well.
Indeed something is wrong with internet connectivity inside the container:
$ docker-compose exec torr ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: Operation not permitted
so this is probably iptables related.
Hi @hadim I've merged This PR from @Mithror which might fix the problem you're having, let me know if that fixes it for you :)
Ty but I have since switched to https://github.com/tprasadtp/protonvpn-docker.
Seems to me that this probably never worked, because the *.ovpn files for protonvpn always seem to have had multiple remote entries defined (and remote-random)?
Hum, you're probably right @Mithror looks like I'll need to spend some time updating the scripts and file layout in the repo according to @haugene's repo