Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: VPN_PORT_FORWARDING_LISTENING_PORT not working #2520

Open
Rowdy opened this issue Oct 12, 2024 · 2 comments
Open

Bug: VPN_PORT_FORWARDING_LISTENING_PORT not working #2520

Rowdy opened this issue Oct 12, 2024 · 2 comments
Labels
Category: Firewall ⛓️ Category: User error 🤦 Category: VPN port forwarding 📥

Comments

@Rowdy
Copy link

Rowdy commented Oct 12, 2024

Is this urgent?

None

Host OS

Ubuntu

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-10-12T14:29:01.263Z (commit 2388e05)

What's the problem 🤔

It's not crashing anymore but also not working... the forwarded port is just a random one, not the one defined in the docker compose yml: - VPN_PORT_FORWARDING_LISTENING_PORT=53411

As you suggested I should reference the old issue.
Thanks in advance.

Share your logs (at least 10 lines)

2024-10-12T23:09:53+02:00 INFO [routing] default route found: interface eth0, gateway 172.18.0.1, assigned IP 172.18.0.21 and family v4
2024-10-12T23:09:53+02:00 INFO [routing] adding route for 0.0.0.0/0
2024-10-12T23:09:53+02:00 INFO [firewall] setting allowed subnets...
2024-10-12T23:09:53+02:00 INFO [routing] default route found: interface eth0, gateway 172.18.0.1, assigned IP 172.18.0.21 and family v4
2024-10-12T23:09:53+02:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-10-12T23:09:53+02:00 INFO [http server] http server listening on [::]:8000
2024-10-12T23:09:53+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-10-12T23:09:53+02:00 INFO [firewall] allowing VPN connection...
2024-10-12T23:09:53+02:00 INFO [wireguard] Using userspace implementation since Kernel support does not exist
2024-10-12T23:09:53+02:00 INFO [wireguard] Connecting to 188.3.132.139:51820
2024-10-12T23:09:53+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2024-10-12T23:09:53+02:00 INFO [dns] downloading hostnames and IP block lists
2024-10-12T23:09:58+02:00 INFO [healthcheck] healthy!
2024-10-12T23:10:09+02:00 INFO [dns] DNS server listening on [::]:53
2024-10-12T23:10:09+02:00 INFO [dns] ready
2024-10-12T23:10:10+02:00 INFO [ip getter] Public IP address is 188.3.132.143 (Netherlands, Utrecht, Veenendaal)
2024-10-12T23:10:10+02:00 INFO [vpn] You are running on the bleeding edge of latest!
2024-10-12T23:10:10+02:00 INFO [port forwarding] starting
2024-10-12T23:10:10+02:00 INFO [port forwarding] gateway external IPv4 address is 188.3.132.143
2024-10-12T23:10:10+02:00 INFO [port forwarding] port forwarded is 38685
2024-10-12T23:10:10+02:00 INFO [firewall] setting allowed input port 38685 through interface tun0...
2024-10-12T23:10:10+02:00 WARN [firewall] IPv6 port redirection disabled because your kernel does not support IPv6 NAT: command failed: "ip6tables-legacy -t nat --append PREROUTING -i tun0 -p tcp --dport 38685 -j REDIRECT --to-ports 53411": ip6tables v1.8.10 (legacy): can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.: exit status 3
2024-10-12T23:10:10+02:00 INFO [port forwarding] writing port file /tmp/gluetun/forwarded_port

Share your configuration

version: "2.1"
services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    security_opt:
      - no-new-privileges:true
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - ./gluetun/:/gluetun
    environment:
      #https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/protonvpn.md
      - UPDATER_PERIOD=24h
      - VPN_SERVICE_PROVIDER=protonvpn
      - VPN_TYPE=wireguard
      - SERVER_COUNTRIES=Netherlands
      - WIREGUARD_PRIVATE_KEY=xyz
      - VPN_PORT_FORWARDING=on
      - TZ=Europe/Berlin
      - VPN_PORT_FORWARDING_LISTENING_PORT=53411
@github-actions GitHub Actions
Copy link
Contributor

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

@qdm12
Copy link
Owner

qdm12 commented Oct 19, 2024

It's not crashing anymore but also not working... the forwarded port is just a random one, not the one defined in the docker compose yml: - VPN_PORT_FORWARDING_LISTENING_PORT=53411

We have no control over the port you get assigned from protonvpn; however the port redirection (for ipv4 only here) should work fine. It's not really logged if it works though, but it's active. You can use LOG_LEVEL=debug to see the iptables redirection command ran to redirect that port.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category: Firewall ⛓️ Category: User error 🤦 Category: VPN port forwarding 📥
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rowdy @qdm12