alpine-qbittorrent-openvpn icon indicating copy to clipboard operation
alpine-qbittorrent-openvpn copied to clipboard

Published 20 hours ago verified publisher icon guillaumedsde

Question: Is there anyway to define multiple LANs?

Open PcInfamy opened this issue 4 years ago • 7 comments

Possible feature request, but is there anyway to define multiple LANs to access the web interface? I've tried this:

-e LAN=10.0.211.0/24 \
-e LAN=10.0.215.0/24 \

but I can only access the web UI from the 10.0.215.0/24 network.

PcInfamy avatar Feb 12 '21 03:02 PcInfamy

Why is this Lan option needed at all

Alfagun74 avatar Feb 13 '21 23:02 Alfagun74

Why is this Lan option needed at all

I believe its used to setup the iptables firewall rules to keep traffic from leaking out of the VPN. You define the local LAN so that the container can only communicate through the VPN or to the local LAN, but not out the local WAN connection.

PcInfamy avatar Feb 16 '21 02:02 PcInfamy

Why is this Lan option needed at all

I believe its used to setup the iptables firewall rules to keep traffic from leaking out of the VPN. You define the local LAN so that the container can only communicate through the VPN or to the local LAN, but not out the local WAN connection.

But what should i set if i want exactly that

Alfagun74 avatar Feb 16 '21 09:02 Alfagun74

Why is this Lan option needed at all

I believe its used to setup the iptables firewall rules to keep traffic from leaking out of the VPN. You define the local LAN so that the container can only communicate through the VPN or to the local LAN, but not out the local WAN connection.

But what should i set if i want exactly that

You set that using the -e LAN=10.0.211.0/24 variable when creating the container. i.e.:

docker run --cap-add=NET_ADMIN -d \
 -v /home/qb/config:/config \
 -e OPENVPN_PROVIDER=PIA \
 -e OPENVPN_CONFIG=japan \
 -e OPENVPN_USERNAME=********** \
 -e OPENVPN_PASSWORD=*********************** \
 -e PUID=1000 \
 -e PGID=1000 \
 -e LAN=10.0.211.0/24 \
 -p 8080:8080 \
 --restart unless-stopped \
 guillaumedsde/alpine-qbittorrent-openvpn:latest

PcInfamy avatar Mar 02 '21 10:03 PcInfamy

My problem was i was hosting this in a home server and could not use the Web UI it from different networks i have, because this LAN Setting blocked me. Solution was setting it to 0.0.0.0/0 to allow all my networks to use it. The VPN is still used by Qbittorrent. Thanks for the help tho!

Alfagun74 avatar Mar 02 '21 12:03 Alfagun74

@Alfagun74 I wouldn't (personally) suggest exposing qbittorrent's webui to public without putting it behind a TLS terminating proxy (unless i misunderstand you)

@PcInfamy , besides generally not being supported, unfortunately, the way you've tried to provide multiple settings for LAN wouldn't ever work, as using docker run -e VARIABLE=value helloworld just sets the environment variable given by VARIABLE, which (probably) means that whatever is set last will take precedence.

If the option were ever implemented, it'd likely need a character separated list like `-e LAN="192.168.0.1/24 10.0.211.0/24" (separate by whitespace).

C84186 avatar Mar 03 '21 08:03 C84186

@C84186 Don't worry i am hosting it behind a TLS proxy. Also i have different private networks @ home and i needed to expose it for the usual DMZ & VLAN stuff.

Alfagun74 avatar Mar 03 '21 09:03 Alfagun74