Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Both ProtonVPN and PIA port forwarding inconsistently open #2331

Closed
sjduggan5 opened this issue Jun 20, 2024 · 3 comments
Closed

Bug: Both ProtonVPN and PIA port forwarding inconsistently open #2331

sjduggan5 opened this issue Jun 20, 2024 · 3 comments

Comments

@sjduggan5
Copy link

Is this urgent?

No

Host OS

Debian Bookworms

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-06-17T22:37:52.988Z (commit 93ed87d)

What's the problem 🤔

When trying to test if the port forwarded on the remote VPN server is open, using either the port checker or a site like this, most of the time the port is closed. Occasionally (maybe 10% of the time), I'll test it and the port will say it's open.

I've tested this with both PIA and ProtonVPN to ensure that it's not a provider specific issue. Neither provider would cause any logs to show up that would indicate the forwarded port is closed.

Share your logs (at least 10 lines)

2024-06-20T22:37:23Z INFO [openvpn] UDPv4 link local: (not bound)
2024-06-20T22:37:23Z INFO [openvpn] UDPv4 link remote: [AF_INET][EXTERNAL_VPN_IP]:1194
2024-06-20T22:37:23Z INFO [openvpn] [node-us-134.protonvpn.net] Peer Connection Initiated with [AF_INET][EXTERNAL_VPN_IP]:1194
2024-06-20T22:37:24Z INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-20T22:37:24Z INFO [openvpn] TUN/TAP device tun0 opened
2024-06-20T22:37:24Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-20T22:37:24Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-20T22:37:24Z INFO [openvpn] /sbin/ip addr add dev tun0 10.21.0.3/16
2024-06-20T22:37:24Z INFO [openvpn] UID set to nonrootuser
2024-06-20T22:37:24Z INFO [openvpn] Initialization Sequence Completed
2024-06-20T22:37:24Z INFO [dns] downloading DNS over TLS cryptographic files
2024-06-20T22:37:29Z INFO [healthcheck] healthy!
2024-06-20T22:37:29Z INFO [dns] downloading hostnames and IP block lists
2024-06-20T22:37:36Z DEBUG [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com: i/o timeout
2024-06-20T22:37:36Z INFO [dns] init module 0: validator
2024-06-20T22:37:36Z INFO [dns] init module 1: iterator
2024-06-20T22:37:36Z INFO [dns] start of service (unbound 1.20.0).
2024-06-20T22:37:36Z INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-20T22:37:36Z INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-20T22:37:37Z INFO [healthcheck] healthy!
2024-06-20T22:37:37Z INFO [dns] ready
2024-06-20T22:37:37Z INFO [ip getter] Public IP address is [EXTERNAL_VPN_IP] (United States, New York, New York City)
2024-06-20T22:37:37Z INFO [vpn] You are running on the bleeding edge of latest!
2024-06-20T22:37:37Z INFO [port forwarding] starting
2024-06-20T22:37:37Z INFO [port forwarding] gateway external IPv4 address is [EXTERNAL_VPN_IP]
2024-06-20T22:37:37Z INFO [port forwarding] port forwarded is 37718
2024-06-20T22:37:37Z INFO [firewall] setting allowed input port 37718 through interface tun0...
2024-06-20T22:37:37Z DEBUG [firewall] iptables-legacy --append INPUT -i tun0 -p tcp --dport 37718 -j ACCEPT
2024-06-20T22:37:37Z DEBUG [firewall] ip6tables --append INPUT -i tun0 -p tcp --dport 37718 -j ACCEPT
2024-06-20T22:37:37Z DEBUG [firewall] iptables-legacy --append INPUT -i tun0 -p udp --dport 37718 -j ACCEPT
2024-06-20T22:37:37Z DEBUG [firewall] ip6tables --append INPUT -i tun0 -p udp --dport 37718 -j ACCEPT
2024-06-20T22:37:37Z INFO [port forwarding] writing port file /tmp/gluetun/forwarded_port
2024-06-20T22:38:22Z DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-20T22:38:22Z DEBUG [port forwarding] port forwarded 37718 maintained
2024-06-20T22:39:07Z DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-20T22:39:07Z DEBUG [port forwarding] port forwarded 37718 maintained
2024-06-20T22:39:52Z DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-20T22:39:52Z DEBUG [port forwarding] port forwarded 37718 maintained

Share your configuration

#Gluetun - vpn container
  gluetun: #Setup for this container will be different depending on your VPN of choice
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    # line above must be uncommented to allow external containers to connect.
    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8112:8112 #Deluge Web UI
      - 6881:6881
      - 6881:6881/udp
      - 8000:8000/tcp # Control server
    volumes:
      - ${BASE_PATH}/gluetun:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - VPN_TYPE=openvpn
      - OPENVPN_USER=${PROTON_USER}+pmp
      - OPENVPN_PASSWORD=${PROTON_PASSWORD}
      - SERVER_CITIES=New York City
      - SHADOWSOCKS=on
      - SHADOWSOCKS_PASSWORD=${SHADOWSOCKS_PASSWORD}
      - VPN_PORT_FORWARDING=on
      - LOG_LEVEL=debug

  #Deluge - torrenting software
  deluge:
    image: ghcr.io/linuxserver/deluge:latest
    network_mode: "service:gluetun"
    container_name: deluge
    labels:
      - deunhealth.restart.on.unhealthy=true
    environment:
      - PUID=${USER_ID}
      - PGID=${USER_ID}
      - TZ=${TZ}
    healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220
      test: "curl -sf https://1.1.1.1/  || exit 1"
      interval: 1m
      timeout: 10s
      retries: 1
    volumes:
      - ${BASE_PATH}/deluge/config:/config
      - ${SHARE}/torrents:/torrents
    restart: unless-stopped
@github-actions GitHub Actions
Copy link
Contributor

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

@sjduggan5 sjduggan5 closed this as not planned Won't fix, can't repro, duplicate, stale Jun 22, 2024
@github-actions GitHub Actions
Copy link
Contributor

Closed issues are NOT monitored, so commenting here is likely to be not seen.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor issues closed.

@sjduggan5
Copy link
Author

User error: had incoming port set as random

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sjduggan5