vanja/gluetun
1
0
Fork 0
mirror of https://github.com/qdm12/gluetun.git synced 2026-05-07 04:20:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

FAQ section

Quentin McGaw
2020-09-24 22:11:09 -04:00
parent 5afd35dc91
commit dc88973aee
7 changed files with 121 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
FAQ/Docker image.md
+28
@@ -0,0 +1,28 @@
# Docker image
![Visitors count](https://visitor-badge.laobi.icu/badge?page_id=gluetun.faq.dockerimage)
If you use the default `qmcgaw/private-internet-access` image, you are technically using the Docker image with the `:latest` tag.
If it happens to be **broken**, this page is for you.
## Release tag
[Multiple releases](https://github.com/qdm12/private-internet-access-docker/releases) are made through time when the image is considered stable.
️ [List of image tags](https://hub.docker.com/r/qmcgaw/private-internet-access/tags?page=1&ordering=last_updated)
Each time a Github release is made, an associated Docker image tag is made, for example a `v3.1.0` release produces the image `qmcgaw/private-internet-access:v3.1.0`.
You can thus use one of these image tags if `:latest` doesn't work for you. Also, don't forget to create an issue for it 😉
## Build the image from a Git commit
1. Install [Git](https://git-scm.com/), test it's here with `git version`
1. Find a [commit](https://github.com/qdm12/private-internet-access-docker/commits/master) you want to build for, in example `095623925a9cc0e5cf89d5b9b510714792267d9b`
1. Build the image
```sh
docker build -t qmcgaw/private-internet-access https://github.com/qdm12/private-internet-access-docker.git#095623925a9cc0e5cf89d5b9b510714792267d9b
```
1. You can now use `qmcgaw/private-internet-access` which is the image you just built.
FAQ/Mullvad.md
+24
@@ -0,0 +1,24 @@
# Mullvad
![Visitors count](https://visitor-badge.laobi.icu/badge?page_id=gluetun.faq.mullvad)
If you want to tunnel IPv6 with Mullvad, follow the following.
1. Ensure your Kernel has IPv6
```sh
lsmod | grep ipv6
```
Should show something.
1. Set the environment variable `OPENVPN_IPV6` to `on`
1. Enable IPv6 in Docker for this container:
- For a Docker run command, add the flag `--sysctl net.ipv6.conf.all.disable_ipv6=0` (or `--sysctl net.ipv6.conf.all.disable=0` on some systems)
- For docker-compose.yml files, add this to your `gluetun` config block:
```yml
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
```
1. Start the container
FAQ/Openvpn killed.md
+15
@@ -0,0 +1,15 @@
# OpenVPN killed
It may happen, quite rarely though, that Openvpn gets killed in a loop by the host system.
If you get regularly in your logs
```s
openvpn: Sun May 10 19:23:37 2020 Initialization Sequence Completed
openvpn: Sun May 10 19:23:45 2020 event_wait : Interrupted system call (code=4)
openvpn: Sun May 10 19:23:45 2020 ERROR: Linux route delete command failed: external program exited with error status: 2
openvpn: signal: killed
```
It might be another app you have interfering with the `/dev/net/tun` device and thus killing openvpn.
For QNAP users, it may be the **QCenter**. More information on [this issue](https://github.com/qdm12/private-internet-access-docker/issues/157) and many thanks for @AlexAlbright for finding the root cause through trial and error 🎈
FAQ/Openvpn warnings.md
+17
@@ -0,0 +1,17 @@
# OpenVPN warnings
You might see some warnings similar to:
```s
openvpn: Sat Feb 22 15:55:02 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1542'
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'auth' is used inconsistently, local='auth SHA256', remote='auth SHA1'
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
openvpn: Sat Feb 22 15:55:02 2020 [a121ce520d670b71bfd3aa475485539b] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:1197
```
It is mainly because the option [disable-occ](https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/) was removed for transparency with you.
Private Internet Access explains [here why](https://www.privateinternetaccess.com/helpdesk/kb/articles/why-do-i-get-cipher-auth-warnings-when-i-connect) the warnings show up.
FAQ/Ping timeout.md
+26
@@ -0,0 +1,26 @@
# Ping timeout
If your Openvpn drops the connection because of a ping timeout, then this page is for you.
It happens, especially on some Private Internet Access servers, that the server side configuration changes or the server goes offline.
You will obtain an error similar to:
```s
openvpn: Wed Mar 18 22:13:00 2020 [3a51ae90324bcb0719cb399b650c64d4] Inactivity timeout (--ping-restart), restarting,
openvpn: Wed Mar 18 22:13:00 2020 SIGUSR1[soft,ping-restart] received, process restarting,
...
openvpn: Wed Mar 18 22:13:17 2020 Preserving previous TUN/TAP instance: tun0,
openvpn: Wed Mar 18 22:13:17 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.,
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
openvpn: Wed Mar 18 22:13:17 2020 /sbin/ip addr del dev tun0 local 10.6.11.6 peer 10.6.11.5,
openvpn: Wed Mar 18 22:13:17 2020 Linux ip addr del failed: external program exited with error status: 2,
openvpn: Wed Mar 18 22:13:18 2020 ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1),
openvpn: Wed Mar 18 22:13:18 2020 Exiting due to fatal error,
exit status 1
```
To fix it, you would have to run openvpn with root, by setting the environment variable `OPENVPN_ROOT=yes`.
FAQ/Portainer.md
+10
@@ -0,0 +1,10 @@
# Portainer
If you use Portainer to run the container and get the error:
```
2020-05-03T09:04:11.283Z ERROR failed executing "-P INPUT ACCEPT": iptables v1.8.3 (legacy): can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.: exit status 3```
```
This might be because portainer does not set the `--cap_add=NET_ADMIN` successfully. You might need to run the container without Portainer in this case. More information on [this issue](https://github.com/qdm12/private-internet-access-docker/issues/139).
Home.md
+1
@@ -1,5 +1,6 @@
# Home # Home
1. [Setup](Setup) 1. [Setup](Setup)
1. [FAQ](FAQ)
1. [HTTP Control server](HTTP-Control-server) 1. [HTTP Control server](HTTP-Control-server)
1. [Contributing](Contributing) 1. [Contributing](Contributing)