[Support] binhex - rTorrentVPN


Recommended Posts

Thanks for a really good image. I've one tiny problem, and I've the red dot indicating that my port is closed. I'm opening port 34562 in rtorrent and have opened it up in airvpn to. Doing port check via airvpn passes, but rtorrent fail the port check. It's something with the outgoing connections that fails. 

 

I've been using qtorrent, deluge, transmission, rtorrent via vpn before (no docker) and have always been able to open port properly. 

 

Any hints what I'm missing?

 

edit: Never mind. It's green now, does it take some time before updating first time?

Edited by Ritt
Link to comment

I just upgraded to gigabit internet and it turns out the openvpn process inside this container maxes out ~250 Mbit/s with 100% of one CPU core. When PIA starts supporting AES-GCM this should improve but in the meantime I'm inclined to upgrade to a CPU that supports AES-NI.

 

OpenSSL 1.1.0e inside the container should automatically leverage AES-NI, can someone with AES-NI run a speed test and report back?

Link to comment
Under "Additional BitTorrent Features" in settings, there is an "IP/Hostname to report to tracker"
 
Is this field populated by default? If so, how does it determine the IP?

Via clever code built in

Sent from my SM-G935F using Tapatalk

Link to comment

Is there a way to check the status of the VPN connetection?

I could check the log or use AirVPN client area, but I try to incorporate this into my home-assistant page where I'm displaying if the connection is up or not.

 

Preferbly using the terminal.

 

Edit: Found the solution by reading the 'HELP FAQ' and made some tweaking to use opendns:

 

docker exec -it rtorrent dig +short myip.opendns.com @resolver1.opendns.com

 

binhex, what kind of beer do you like? You deserve some beer for your great work ;)

 

Edited by Ritt
Link to comment
Is there a way to check the status of the VPN connetection?
I could check the log or use AirVPN client area, but I try to incorporate this into my home-assistant page where I'm displaying if the connection is up or not.
 
Preferbly using the terminal.
 
Edit: Found the solution by reading the 'HELP FAQ' and made some tweaking to use opendns:
 
docker exec -it rtorrent dig +short myip.opendns.com @resolver1.opendns.com
 
binhex, what kind of beer do you like? You deserve some beer for your great work
 

Lol real ale please

Sent from my SM-G935F using Tapatalk

Link to comment

I have the issue where I can't seem to get past the "Waiting for valid IP address from tunnel..."

 

Created by...
___.   .__       .__                   
\_ |__ |__| ____ |  |__   ____ ___  ___
 | __ \|  |/    \|  |  \_/ __ \\  \/  /
 | \_\ \  |   |  \   Y  \  ___/ >    < 
 |___  /__|___|  /___|  /\___  >__/\_ \
     \/        \/     \/     \/      \/
   https://hub.docker.com/u/binhex/

2017-06-19 12:06:55.764279 [info] Host is running unRAID
2017-06-19 12:06:55.798719 [info] System information Linux b2e9102170c2 4.9.10-unRAID #1 SMP PREEMPT Wed Feb 15 09:38:14 PST 2017 x86_64 GNU/Linux
2017-06-19 12:06:55.832552 [info] PUID defined as '99'
2017-06-19 12:06:55.866642 [info] PGID defined as '100'
2017-06-19 12:06:56.133812 [info] UMASK defined as '000'
2017-06-19 12:06:56.162224 [info] Permissions already set for volume mappings
2017-06-19 12:06:56.191178 [info] VPN_ENABLED defined as 'yes'
2017-06-19 12:06:56.220485 [info] VPN_PROV defined as 'custom'
2017-06-19 12:06:56.246554 [info] VPN_REMOTE defined as '104.128.186.59'
2017-06-19 12:06:56.272794 [info] VPN_PORT defined as '443'
2017-06-19 12:06:56.298262 [info] VPN_PROTOCOL defined as 'tcp'
2017-06-19 12:06:56.325630 [info] LAN_NETWORK defined as '10.0.0.0/24'
2017-06-19 12:06:56.352359 [info] NAME_SERVERS defined as '8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177'
2017-06-19 12:06:56.382574 [info] VPN_USER defined as 'USERNAME'
2017-06-19 12:06:56.408937 [info] VPN_PASS defined as 'PASSWORD'
2017-06-19 12:06:56.435315 [info] VPN_INCOMING_PORT defined as '49160'
2017-06-19 12:06:56.462801 [info] VPN_DEVICE_TYPE defined as 'tun'
2017-06-19 12:06:56.489767 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2017-06-19 12:06:56.517290 [info] ENABLE_PRIVOXY defined as 'no'
2017-06-19 12:06:56.545046 [info] ENABLE_FLOOD defined as 'no'
chsh: Shell not changed.
Changing shell for nobody.
2017-06-19 12:06:56,977 CRIT Set uid to user 0
2017-06-19 12:06:56,977 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2017-06-19 12:06:56,980 INFO supervisord started with pid 7
2017-06-19 12:06:57,984 INFO spawned: 'flood-script' with pid 114
2017-06-19 12:06:57,986 INFO spawned: 'start-script' with pid 115
2017-06-19 12:06:57,991 INFO spawned: 'rtorrent-script' with pid 116
2017-06-19 12:06:57,992 INFO spawned: 'rutorrent-script' with pid 117
2017-06-19 12:06:57,994 INFO spawned: 'privoxy-script' with pid 118
2017-06-19 12:06:57,995 DEBG 'flood-script' stdout output:
[info] Flood not enabled, skipping starting Flood Web UI

2017-06-19 12:06:57,995 DEBG fd 10 closed, stopped monitoring <POutputDispatcher at 47866747071952 for <Subprocess at 47866747068568 with name flood-script in state STARTING> (stderr)>
2017-06-19 12:06:57,996 INFO exited: flood-script (exit status 0; expected)
2017-06-19 12:06:57,996 DEBG received SIGCLD indicating a child quit
2017-06-19 12:06:57,997 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2017-06-19 12:06:57,997 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-19 12:06:57,998 INFO success: rtorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-19 12:06:57,998 INFO success: rutorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-19 12:06:57,998 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-19 12:06:58,005 DEBG 'rtorrent-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2017-06-19 12:06:58,007 DEBG 'privoxy-script' stdout output:
[info] Privoxy set to disabled

2017-06-19 12:06:58,007 DEBG 'rtorrent-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2017-06-19 12:06:58,007 DEBG 'rtorrent-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2017-06-19 12:06:58,007 DEBG fd 31 closed, stopped monitoring <POutputDispatcher at 47866748472064 for <Subprocess at 47866747071880 with name privoxy-script in state RUNNING> (stderr)>
2017-06-19 12:06:58,008 DEBG fd 27 closed, stopped monitoring <POutputDispatcher at 47866748470336 for <Subprocess at 47866747071880 with name privoxy-script in state RUNNING> (stdout)>
2017-06-19 12:06:58,008 INFO exited: privoxy-script (exit status 0; expected)
2017-06-19 12:06:58,008 DEBG received SIGCLD indicating a child quit
2017-06-19 12:06:58,013 DEBG 'start-script' stdout output:
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")

2017-06-19 12:06:58,013 DEBG 'start-script' stdout output:
BASH_VERSINFO=([0]="4" [1]="4" [2]="12" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.4.12(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_FLOOD=no
ENABLE_PRIVOXY=no
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=b2e9102170c2
HOSTTYPE=x86_64
HOST_OS=unRAID
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=10.0.0.0/24
MACHTYPE=x86_64-unknown-linux-gnu
NAME_SERVERS=8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=100
PHP_TZ=UTC
PIPESTATUS=([0]="0")
PPID=7
PS4='+ '
PUID=99
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=1
STRONG_CERTS=no
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
TZ=America/Chicago
UID=0
UMASK=000
VPN_CONFIG=/config/openvpn/openvpn.ovpn
VPN_DEVICE_TYPE=tun
VPN_ENABLED=yes
VPN_INCOMING_PORT=49160
VPN_OPTIONS=
VPN_PASS='PASSWORD'
VPN_PORT=443
VPN_PROTOCOL=tcp
VPN_PROV=custom
VPN_REMOTE=104.128.186.59
[email protected]
_='[debug] Environment variables defined as follows'
exit_code_chmod=0
exit_code_chown=0
[debug] Directory listing of files in /config/openvpn as follows

2017-06-19 12:06:58,017 DEBG 'start-script' stdout output:
total 16
drwxrwxrwx 1 nobody users   97 Jun 19 11:56 .
drwxrwxr-x 1 nobody users   97 Jun 19 12:06 ..
-rwxrwxrwx 1 nobody users 2025 Jun 19 11:53 ca.rsa.2048.crt
-rwxrwxrwx 1 nobody users   47 Jun 19 11:56 credentials.conf
-rwxrwxrwx 1 nobody users  869 Jun 19 11:53 crl.rsa.2048.pem
-rwxrwxrwx 1 nobody users 2972 Jun 19 11:56 openvpn.ovpn

2017-06-19 12:06:58,018 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2017-06-19 12:06:58,024 DEBG 'start-script' stderr output:
dos2unix: 
2017-06-19 12:06:58,024 DEBG 'start-script' stderr output:
converting file /config/openvpn/openvpn.ovpn to Unix format...

2017-06-19 12:06:58,035 DEBG 'start-script' stdout output:
[warn] Username contains characters which could cause authentication issues, please consider changing this if possible

2017-06-19 12:06:58,039 DEBG 'start-script' stdout output:
[warn] Password contains characters which could cause authentication issues, please consider changing this if possible

2017-06-19 12:06:58,085 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/openvpn.ovpn as follows...

2017-06-19 12:06:58,086 DEBG 'start-script' stdout output:


#           _   _               ___     ______  _   _
#          | \ | | ___  _ __ __| \ \   / /  _ \| \ | |
#          |  \| |/ _ \| '__/ _` |\ \ / /| |_) |  \| |
#          | |\  | (_) | | | (_| | \ V / |  __/| |\  |
#          |_| \_|\___/|_|  \__,_|  \_/  |_|   |_| \_|
#


client
dev tun
proto tcp
remote 104.128.186.59 443
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
explicit-exit-notify 3

remote-cert-tls server

#mute 10000
auth-user-pass credentials.conf

comp-lzo
verb 3
pull
fast-io
cipher AES-256-CBC

<ca>
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIJAO5+NkCLKyP0MA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEZMBcGA1UEAxMQdXM1My5ub3JkdnBu
LmNvbTEQMA4GA1UEKRMHTm9yZFZQTjEfMB0GCSqGSIb3DQEJARYQY2VydEBub3Jk
dnBuLmNvbTAeFw0xNTEyMDkxNTI5MDRaFw0yNTEyMDYxNTI5MDRaMIGdMQswCQYD
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEZMBcGA1UEAxMQdXM1My5ub3JkdnBu
LmNvbTEQMA4GA1UEKRMHTm9yZFZQTjEfMB0GCSqGSIb3DQEJARYQY2VydEBub3Jk
dnBuLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbstsRFeBVO
V03GotwmKxvN7AjwpsLpVtWQJuI0fK/uIutYmO58pbdrT+zGh4+73Uf//BlkhWjN
EBFj4wroF/9oOA7E37jnvkM7cVQJQF8UDs5QiTGdMahrSr814aEdlXCTyYrUT8xD
tf/C0VeLZagoWp++FOQi7vBDhMuTy45QFxj1ikc51S+agISP5/AFrObPOGCGqYOm
QdlCskduHYBD1kBPZz2Z9fueeubxZ0L4GwnHkrF3OVOAC7A2rqqBT9IB0q57iw6R
uMDwbDGXX7SVNOsi3EpAT3j+xgzHS9Yx1C5V1qVLoBrO6NS+Tg8ZEIRSsK2RfrjR
gP/puZhvn0UCAwEAAaOCAQYwggECMB0GA1UdDgQWBBSGyE/Q+Mu+nkmzkjVcvo5I
GgkYQjCB0gYDVR0jBIHKMIHHgBSGyE/Q+Mu+nkmzkjVcvo5IGgkYQqGBo6SBoDCB
nTELMAkGA1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAO
BgNVBAoTB05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGTAXBgNVBAMTEHVzNTMu
bm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNl
cnRAbm9yZHZwbi5jb22CCQDufjZAiysj9DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4IBAQAMqF84dX1Tu+Q0XUrU94vn8lWzngAcjK0Yhyj1nM3czXxkIyrl
4EHAK6RcFsNvRMrjZQtJIbv1EV4c1rUHiu0itjXHBBDEyTBBojIWHtNIaxpLn1B/
ho5o7r8OXbkgmjEq69TDPNHkWnurhukCQ999N3UdgkKNRNSWkr9eT6dd7Vg/2yjQ
tOkb4HXqPIoP3Otvar6hQfq7Tqn73ybUwV2A3cDOdlKIzUjMgrFxFmt1Igj3HeWW
4NvHfiEoelUaSijR1LQa55NFcynUH9zoDeJY9nd4gTEhvuLnWMrZH7EAR6OBLqxv
y1EP/lsWdEy4dXhDPZnB5uNYd7NbBGnblFI9
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
a2bba626683f49616d9adfd588865877
5decbcce32e0b6ddf15e591d551b7cc9
7aa0659deac2e8a5b6509455b638475d
9b5560801e49c2277be0f51c56531f4e
db9e0f6bf5d6e6f4fbef24b0f9d6e9a3
c787c7960fc8237bb072e0bc73bb4555
e897c47828177f1c0ffdea2e0db493cc
d22d3b95688f402cdb12aa3c53e90709
5aedf2e193c6040561dcd59071309679
19d75ca18cd632059340be6ecfcd539d
c17881ffe11a7de01ac03b35bc153a2e
7d6e64b00bbb3538de6ae9e0d167afd1
cf3a7dfbd14a3650b220d65d95e0d076
380cd116809a418ce15f9d0d390a7867
aeabc9a775610c08c4322e77dd658c7b
5ec0e2c5d20cc53ebb0e2957dd3de2b8
-----END OpenVPN Static key V1-----
</tls-auth>

2017-06-19 12:06:58,090 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2017-06-19 12:06:58,094 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf

2017-06-19 12:06:58,097 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2017-06-19 12:06:58,100 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf

2017-06-19 12:06:58,104 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf
[debug] Show name servers defined for container

2017-06-19 12:06:58,104 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 37.235.1.174
nameserver 8.8.4.4
nameserver 37.235.1.177

2017-06-19 12:06:58,104 DEBG 'start-script' stdout output:
[debug] Show name resolution for VPN endpoint 104.128.186.59

2017-06-19 12:06:58,240 DEBG 'start-script' stdout output:
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 51492
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 104.128.186.59.	IN	A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
.	2947	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2017061900 1800 900 604800 86400

;; ADDITIONAL SECTION:

;; Query time: 134 msec
;; SERVER: 37.235.1.177
;; WHEN: Mon Jun 19 12:06:58 2017
;; MSG SIZE  rcvd: 107

2017-06-19 12:06:58,248 DEBG 'start-script' stdout output:
[info] Adding 10.0.0.0/24 as route via docker eth0

2017-06-19 12:06:58,249 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2017-06-19 12:06:58,250 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0 
10.0.0.0/24 via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2 

2017-06-19 12:06:58,250 DEBG 'start-script' stdout output:
--------------------
[debug] Modules currently loaded for kernel

2017-06-19 12:06:58,252 DEBG 'start-script' stdout output:
Module                  Size  Used by
xt_CHECKSUM             1335  1
iptable_mangle          1658  3
ipt_REJECT              1521  2
nf_reject_ipv4          2483  1 ipt_REJECT
ebtable_filter          1903  0
ebtables               14552  1 ebtable_filter
vhost_net               9091  3
tun                    19240  8 vhost_net
vhost                  19681  1 vhost_net
macvtap                11622  1 vhost_net
macvlan                12389  1 macvtap
xt_nat                  1913  11
veth                    4966  0
ipt_MASQUERADE          1277  15
nf_nat_masquerade_ipv4     1865  1 ipt_MASQUERADE
iptable_nat             1897  1
nf_conntrack_ipv4       5874  3
nf_nat_ipv4             4199  1 iptable_nat
iptable_filter          1706  3
ip_tables               9853  3 iptable_mangle,iptable_filter,iptable_nat
nf_nat                 11145  3 xt_nat,nf_nat_masquerade_ipv4,nf_nat_ipv4
md_mod                 36572  5
bonding                92464  0
mxm_wmi                 1571  0
x86_pkg_temp_thermal     4669  0
coretemp                5340  0
kvm_intel             160423  11
ahci                   26326  6
tg3                   130032  0
i2c_i801               11888  0
i2c_smbus               3041  1 i2c_i801
i2c_core               20390  2 i2c_i801,i2c_smbus
ptp                     9308  1 tg3
kvm                   289582  1 kvm_intel
pps_core                5928  1 ptp
libahci                19716  1 ahci
video                  27138  0
backlight               5833  1 video
wmi                     6548  1 mxm_wmi

2017-06-19 12:06:58,256 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2017-06-19 12:06:58,265 DEBG 'start-script' stdout output:
[debug] Docker interface defined as eth0

2017-06-19 12:06:58,268 DEBG 'start-script' stdout output:
[debug] Docker IP defined as 172.17.0.2

2017-06-19 12:06:58,272 DEBG 'start-script' stdout output:
[debug] Docker netmask defined as 255.255.0.0

2017-06-19 12:06:58,281 DEBG 'start-script' stdout output:
[info] Docker network defined as    172.17.0.0/16

2017-06-19 12:06:58,339 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2017-06-19 12:06:58,341 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A INPUT -s 10.0.0.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -d 10.0.0.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2017-06-19 12:06:58,341 DEBG 'start-script' stdout output:
--------------------

2017-06-19 12:06:58,342 DEBG 'start-script' stdout output:
[debug] OpenVPN command line '/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/openvpn.ovpn --daemon --dev tun0 --remote 104.128.186.59 443 --proto tcp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --auth-user-pass credentials.conf --log-append /config/supervisord.log'
[info] Starting OpenVPN...

Options error: --explicit-exit-notify can only be used with --proto udp
Use --help for more information.
2017-06-19 12:06:58,347 DEBG 'start-script' stdout output:
[info] OpenVPN started

2017-06-19 12:06:58,348 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

 

My user name is an email address and the password is complex (lots of symbols), could those be the issue?

Link to comment
On 6/11/2017 at 10:23 PM, deagle said:

I just upgraded to gigabit internet and it turns out the openvpn process inside this container maxes out ~250 Mbit/s with 100% of one CPU core. When PIA starts supporting AES-GCM this should improve but in the meantime I'm inclined to upgrade to a CPU that supports AES-NI.

 

OpenSSL 1.1.0e inside the container should automatically leverage AES-NI, can someone with AES-NI run a speed test and report back?

On a Ryzen 7 1700 i am getting around 500mbit on 100% cpu with PIA (which is 1 core, OpenVPN is not multithreaded)

Link to comment
23 hours ago, adanufgail said:

Options error: --explicit-exit-notify can only be used with --proto udp

 

its pretty clear what the issue is, you either need to switch to protocol UDP by specifying VPN_PROTOCOL=udp or edit your ovpn file and remove the line 'explicit-exit-notify 3', i would recommend going with the protocol switch, udp is significantly quicker than tcp.


 
Link to comment

I think this is what I did

 

My share, "mnt/user/Movies/" contained a file that was not in its own folder, "/mnt/user/Movies/movie.title.2016.mkv" as opposed to "/mnt/user/Movies/movie.title.2016/movie.title.2016.mkv"

 

When I selected delete data (all) with the impression that it would delete all data associated with that single torrent file, rutorrent instead deleted the entire directory. Any confirmation of my missteps would be greatly beneficial to my understanding of what went wrong.

Link to comment
9 hours ago, TheRefugee said:

I think this is what I did

 

My share, "mnt/user/Movies/" contained a file that was not in its own folder, "/mnt/user/Movies/movie.title.2016.mkv" as opposed to "/mnt/user/Movies/movie.title.2016/movie.title.2016.mkv"

 

When I selected delete data (all) with the impression that it would delete all data associated with that single torrent file, rutorrent instead deleted the entire directory. Any confirmation of my missteps would be greatly beneficial to my understanding of what went wrong.

 

OK firstly i feel for you loosing that quantity of movies, i really do, its one of my worst nightmares (i saw your other post), i hope you get it back.

 

Good find on that link to github issue, yes i think the reason you have fallen foul of this is two fold:-

 

1. You deleted the file using your mac and then also did a deletion of the torrent and data through the rutorrent web ui, obviously because you have already deleted the file manually it couldn't find anything that matches, and possibly then went on to do a recursive delete of everything (its a theory of mine nothing more)

 

2. you should never use the "Remove and.../Delete data (all)" option, instead you should be using the "Remove and.../Delete Data", hands up i have been using the (all) option myself, i guess i have been lucky that every torrent i download has a path and thus its limited to download only that selected folder recursively NOT the root folder, plus i dont point rutorrent at my array so the damage would be limited (see suggestion 1.) 

 

3. Possibly the torrent you downloaded did not have a folder structure to it and this the zero byte file was in the root of the downloads folder, thus when the plugin kicks in and deletes it also deletes all folders (because of the use of the (all) option).

 

4. Never enable the option '"Don't add torrent's name to path", by doing this you are saying store the downloaded file in the root of the completed folder, if you then select the "Remove and.../Delete data (all)" option then it will recursively delete all files folder from the location of the downloaded file, i.e. the root of the completed folder (dont know if you had this option enabled or not?).

 

There are also a couple of things you may want to consider in the future:-

 

Suggestion 1. Dont allow rutorrent direct access to your array, instead seed stuff on your cache drive, this means if things did go wrong (and coding mistakes can happen) then the damage is only limited to whats on the cache, it won't wipe out your entire collection, this is what i do.

 

Suggestion 2. Disable that option to prevent this happening in the future, as per the github issue you linked to.

 

Suggestion 3. Backups, this is completely up to you, and hands up i don't backup everything either (too costly), but you have to ask yourself, if you lost share X is the time/stress of getting everything back greater than the financial cost of backing it up on a separate system? if it is greater then it should be backed up. I dont want to bang on about this as this is probably the last thing you want to hear, but hey its gotta be mentioned right.

 

Suggestion 4. Make sure the CA backup plugin is enabled and working, this will at the very least then backup your configuration of each docker container, including important stuff like Plex metadata. 

 

OK last edit to this - i think in short people need to be aware that when they see the option "Remove and.../Delete data (all)" what that REALLY means is "Remove the torrent AND delete all data recursively from the current location of the download", if the location of the download happens to be the root of the completed folder then this will delete everything in the completed folder, i think i may add this as a FAQ.

 

Edited by binhex
Link to comment
15 hours ago, binhex said:

 

OK firstly i feel for you loosing that quantity of movies, i really do, its one of my worst nightmares (i saw your other post), i hope you get it back.

 

Good find on that link to github issue, yes i think the reason you have fallen foul of this is two fold:-

 

1. You deleted the file using your mac and then also did a deletion of the torrent and data through the rutorrent web ui, obviously because you have already deleted the file manually it couldn't find anything that matches, and possibly then went on to do a recursive delete of everything (its a theory of mine nothing more)

 

2. you should never use the "Remove and.../Delete data (all)" option, instead you should be using the "Remove and.../Delete Data", hands up i have been using the (all) option myself, i guess i have been lucky that every torrent i download has a path and thus its limited to download only that selected folder recursively NOT the root folder, plus i dont point rutorrent at my array so the damage would be limited (see suggestion 1.) 

 

3. Possibly the torrent you downloaded did not have a folder structure to it and this the zero byte file was in the root of the downloads folder, thus when the plugin kicks in and deletes it also deletes all folders (because of the use of the (all) option).

 

4. Never enable the option '"Don't add torrent's name to path", by doing this you are saying store the downloaded file in the root of the completed folder, if you then select the "Remove and.../Delete data (all)" option then it will recursively delete all files folder from the location of the downloaded file, i.e. the root of the completed folder (dont know if you had this option enabled or not?).

 

There are also a couple of things you may want to consider in the future:-

 

Suggestion 1. Dont allow rutorrent direct access to your array, instead seed stuff on your cache drive, this means if things did go wrong (and coding mistakes can happen) then the damage is only limited to whats on the cache, it won't wipe out your entire collection, this is what i do.

 

Suggestion 2. Disable that option to prevent this happening in the future, as per the github issue you linked to.

 

Suggestion 3. Backups, this is completely up to you, and hands up i don't backup everything either (too costly), but you have to ask yourself, if you lost share X is the time/stress of getting everything back greater than the financial cost of backing it up on a separate system? if it is greater then it should be backed up. I dont want to bang on about this as this is probably the last thing you want to hear, but hey its gotta be mentioned right.

 

Suggestion 4. Make sure the CA backup plugin is enabled and working, this will at the very least then backup your configuration of each docker container, including important stuff like Plex metadata. 

 

OK last edit to this - i think in short people need to be aware that when they see the option "Remove and.../Delete data (all)" what that REALLY means is "Remove the torrent AND delete all data recursively from the current location of the download", if the location of the download happens to be the root of the completed folder then this will delete everything in the completed folder, i think i may add this as a FAQ.

 

 

Thanks for taking the time to respond.

 

To be clear, my entire array wasn't effected, only my Movie share. The torrent didn't have a path, I didn't select "don't add torrents name to path", it just so happened to contain a single file. Fortunately my TV and Music shares are separated into their own shares so those remain intact.

 

In the future, I am absolutely going to disable the delete all option; for my own utilization, I can't imagine a practical use case where the delete all accomplishes anything that the regular Delete Data option wouldn't.

 

As per your suggestions:

 

1. I plan to keep torrents seeding long term so my cache really only pulls duty for appdata.

 

2. Disabled

 

3. Looking at my plexpy data, 1710 movies got wiped (ouch) but I have ~980 of them backed up on a remote server; I have started the 3.5 mb/s slog to recover those and the others will be recovered over time. I resorted to taking screen shots of my plexpy library data so I can have a list of files; don't want to miss any on my rebuild. I think I will end up biting the bullet and building a local back up because rebuilding from a remote server is a bit ridiculous at my download speeds lol.

 

4. I use CA backup but I'm not sure what good it would do me for recovering my plex metadata since I will slowly rebuild my library with new additions sprinkled in. So any time I refresh my plex library, they will get cleaned out; I think it will be the least hassle to rebuild bit by bit.

Link to comment
8 hours ago, TheRefugee said:

In the future, I am absolutely going to disable the delete all option; for my own utilization, I can't imagine a practical use case where the delete all accomplishes anything that the regular Delete Data option wouldn't.

 

it maybe that doing a delete without the (all) option will result in some sub folders being left, as i THINK ir most probably wont be recursive, but hats just my theory, i haven't tested it, if you do get time and find out then please post back.

Link to comment

From https://wiki.archlinux.org/index.php/RTorrent

 

How do I go about starting a screen for rtorrent inside docker?

 

/etc/systemd/system/rtorrent.service
[Unit]
Description=rTorrent
After=network.target

[Service]
Type=forking
KillMode=none
User=rtorrent
ExecStartPre=/usr/bin/bash -c "if test -e %h/.rtorrent_session/rtorrent.lock && test -z `pidof rtorrent`; then rm -f %h/.rtorrent_session/rtorrent.lock; fi"
ExecStart=/usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent
ExecStop=/usr/bin/bash -c "test `pidof rtorrent` && killall -w -s 2 /usr/bin/rtorrent"
WorkingDirectory=%h
Restart=on-failure

[Install]
WantedBy=multi-user.target

 

 

-------------------------------------------------------------------------------------------------------------------------------------------------

 

 

/etc/systemd/user/rtorrent.service
[Unit]
Description=rTorrent
After=network.target

[Service]
Type=forking
KillMode=none
ExecStart=/usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent
ExecStop=/usr/bin/killall -w -s 2 /usr/bin/rtorrent
WorkingDirectory=%h

[Install]
WantedBy=default.target

 

 

 

Edited by TheRefugee
Link to comment

*SOLVED* I had to regenerate a new vpn configuration for some reason - all is well

 

Hello,

 

I just did an update of Binhex Rtorrent (i was a few commits behind) and now I can't login to the Webui

 

I get "Connection Refused"

 

Below is my log... I did SSH into my server and attempted to run 

'/sbin/modprobe iptable_mangle' as per the log suggested, there was no output but still unable to connect. 

 

2017-06-23 14:37:24.304479 [info] Starting Supervisor...
2017-06-23 14:37:25,085 CRIT Set uid to user 0
2017-06-23 14:37:25,085 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2017-06-23 14:37:25,109 INFO supervisord started with pid 8
2017-06-23 14:37:26,116 INFO spawned: 'flood-script' with pid 115
2017-06-23 14:37:26,118 INFO spawned: 'start-script' with pid 116
2017-06-23 14:37:26,120 INFO spawned: 'rtorrent-script' with pid 117
2017-06-23 14:37:26,122 INFO spawned: 'rutorrent-script' with pid 118
2017-06-23 14:37:26,125 INFO spawned: 'privoxy-script' with pid 119
2017-06-23 14:37:26,128 DEBG 'flood-script' stdout output:
[info] Flood not enabled, skipping starting Flood Web UI

2017-06-23 14:37:26,128 INFO success: flood-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-23 14:37:26,128 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-23 14:37:26,128 INFO success: rtorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-23 14:37:26,129 INFO success: rutorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-23 14:37:26,129 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-23 14:37:26,129 DEBG fd 8 closed, stopped monitoring <POutputDispatcher at 47558617360936 for <Subprocess at 47558617362304 with name flood-script in state RUNNING> (stdout)>
2017-06-23 14:37:26,129 DEBG fd 10 closed, stopped monitoring <POutputDispatcher at 47558617359496 for <Subprocess at 47558617362304 with name flood-script in state RUNNING> (stderr)>
2017-06-23 14:37:26,129 INFO exited: flood-script (exit status 0; expected)
2017-06-23 14:37:26,129 DEBG received SIGCLD indicating a child quit
2017-06-23 14:37:26,161 DEBG 'rtorrent-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2017-06-23 14:37:26,164 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2017-06-23 14:37:26,167 DEBG 'rtorrent-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2017-06-23 14:37:26,191 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/client.ovpn

2017-06-23 14:37:26,201 DEBG 'start-script' stderr output:
dos2unix: converting file /config/openvpn/client.ovpn to Unix format...

2017-06-23 14:37:26,308 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2017-06-23 14:37:26,330 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf

2017-06-23 14:37:26,338 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2017-06-23 14:37:26,347 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf

2017-06-23 14:37:26,350 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2017-06-23 14:37:26,376 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2017-06-23 14:37:26,378 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2017-06-23 14:37:26,380 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.5
192.168.1.0/24 via 172.17.0.1 dev eth0

2017-06-23 14:37:26,380 DEBG 'start-script' stdout output:
--------------------

2017-06-23 14:37:26,396 DEBG 'start-script' stdout output:
[warn] 'iptable_mangle' kernel module not available, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN
[info] unRAID users: Please attempt to load the module by executing the following on your host:- '/sbin/modprobe iptable_mangle'
[info] Ubuntu users: Please attempt to load the module by executing the following on your host:- '/sbin/modprobe iptable_mangle'
[info] Synology users: Please attempt to load the module by executing the following on your host:- 'insmod /lib/modules/iptable_mangle.ko'

2017-06-23 14:37:26,437 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16

2017-06-23 14:37:26,569 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2017-06-23 14:37:26,571 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2017-06-23 14:37:26,573 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...

2017-06-23 14:37:26,610 DEBG 'start-script' stdout output:
[info] OpenVPN started

 

Edited by flixxx
Link to comment
On 6/19/2017 at 6:17 PM, robbiered said:

On a Ryzen 7 1700 i am getting around 500mbit on 100% cpu with PIA (which is 1 core, OpenVPN is not multithreaded)

 

It's unlikely that a 1700 is double the single core performance of a 3.2GHz Sandy Bridge so would it be safe to assume AES-NI is working?

Link to comment
6 hours ago, Kewjoe said:

I'm getting the following error in the gui when i try to use it:

 


JS error: [http://192.168.79.15:9080/js/webui.js : 1923] TypeError: s is undefined

 

This happened after I updated the docker. I tried searching, nothing came up.

 

odd, are you using a 3rd party theme by any chance?, it could be incompatibility with the latest version of rutorrent (now up to 3.8), try changing your theme to the default.

Link to comment
  • binhex locked this topic
Guest
This topic is now closed to further replies.