gluetun: Bug: Cannot use HTTP Proxy anymore from browsers
Host OS (approximate answer is fine too): Ubuntu 18
Is this urgent?: No
What VPN provider are you using:
What are you using to run your container?: Docker run
What is the version of the program (See the line at the top of your logs)
Running version latest built on 2020-03-13T01:30:06Z (commit d0f678c)
What’s the problem 🤔
When i try to use the HTTP Proxy from another machine on the network it says the proxy server refused connection.
I am using the following parameters:
docker run --privileged -d --restart unless-stopped --name=pia --hostname=pia -p 8888:8888 -p 8388:8388/tcp -p 8388:8388/udp -p 8000:8000/tcp -v /share/homes/mb/config/qmcgaw/auth.conf:/auth.conf:ro \
--cap-add=NET_ADMIN --device=/dev/net/tun \
-e REGION="Sweden" -e PROTOCOL=udp -e PIA_ENCRYPTION=strong \
-e USER=<REDACTED> -e PASSWORD=<REDACTED> \
-e SHADOWSOCKS=on -e SHADOWSOCKS_PORT=8388 \
-e SHADOWSOCKS_PASSWORD=<REDACTED> \
-e HTTPPROXY=on -e HTTPPROXY_PORT=8888 \
-e HTTPPROXY_USER=<REDACTED> -e HTTPPROXY_PASSWORD=<REDACTED>\
-e FIREWALL_OUTBOUND_SUBNETS=192.168.18.0/24 \
-p 8090:8090 \
qmcgaw/private-internet-access
In the logs it says
2020-11-12T13:24:01.002Z INFO http proxy: 192.168.18.21:34033 unauthorized
where the IP address is my other computers address.
I’ve tried to find similar issues, but I just can’t find any.
Oh, and it used to work fine before, but I am not sure when it stopped working (I don’t use the HTTP Proxy feature heavily).
Share your logs…
…careful to remove i.e. token information with PIA port forwarding
2020-11-12T13:27:38.153Z INFO OpenVPN version: 2.4.9
2020-11-12T13:27:38.157Z INFO Unbound version: 1.10.1
2020-11-12T13:27:38.158Z INFO IPtables version: v1.8.4
2020-11-12T13:27:38.158Z INFO Settings summary below:
OpenVPN settings:
|--User: [redacted]
|--Password: [redacted]
|--Verbosity level: 1
|--Run as root: no
|--Private Internet Access settings:
|--Network protocol: udp
|--Regions: sweden
|--Encryption preset: strong
|--Port forwarding: off
System settings:
|--User ID: 1000
|--Group ID: 1000
|--Timezone:
|--IP Status filepath: /tmp/gluetun/ip
DNS over TLS settings:
|--DNS over TLS provider:
|--cloudflare
|--Caching: enabled
|--Block malicious: enabled
|--Block surveillance: disabled
|--Block ads: disabled
|--Allowed hostnames:
|--
|--Private addresses:
|--127.0.0.1/8
|--10.0.0.0/8
|--172.16.0.0/12
|--192.168.0.0/16
|--169.254.0.0/16
|--::1/128
|--fc00::/7
|--fe80::/10
|--::ffff:0:0/96
|--Verbosity level: 1/5
|--Verbosity details level: 0/4
|--Validation log level: 0/2
|--IPv6 resolution: disabled
|--Update: every 24h0m0s
|--Keep nameserver (disabled blocking): no
Firewall settings:
|--VPN input ports:
|--Input ports:
|--Outbound subnets: 192.168.18.0/24
HTTP proxy settings:
|--Port: 8888
|--Authentication: enabled
|--Stealth: disabled
|--Log: disabled
ShadowSocks settings:
|--Password: [redacted]
|--Log: disabled
|--Port: 8388
|--Method: chacha20-ietf-poly1305
HTTP Control server:
|--Listening port: 8000
|--Logging: true
Public IP check period: 12h0m0s
Version information: enabled
Updater: disabled
2020-11-12T13:27:38.217Z INFO storage: Merging by most recent 6735 hardcoded servers and 6735 servers read from /gluetun/servers.json
2020-11-12T13:27:38.270Z INFO routing: default route found: interface eth0, gateway 10.0.3.1
2020-11-12T13:27:38.270Z INFO routing: local subnet found: 10.0.3.0/24
2020-11-12T13:27:38.271Z INFO routing: default route found: interface eth0, gateway 10.0.3.1
2020-11-12T13:27:38.271Z INFO routing: adding route for 0.0.0.0/0
2020-11-12T13:27:38.272Z INFO firewall: firewall disabled, only updating allowed subnets internal list
2020-11-12T13:27:38.272Z INFO routing: default route found: interface eth0, gateway 10.0.3.1
2020-11-12T13:27:38.272Z INFO routing: adding route for 192.168.18.0/24
2020-11-12T13:27:38.272Z INFO openvpn configurator: checking for device /dev/net/tun
2020-11-12T13:27:38.273Z INFO firewall: enabling...
2020-11-12T13:27:38.359Z INFO firewall: enabled successfully
2020-11-12T13:27:38.360Z INFO Launching standard output merger
2020-11-12T13:27:38.360Z INFO http proxy: listening on 0.0.0.0:8888
2020-11-12T13:27:38.360Z INFO dns over tls: falling back on plaintext DNS at address 1.1.1.1
2020-11-12T13:27:38.361Z INFO healthcheck: listening on 127.0.0.1:9999
2020-11-12T13:27:38.361Z INFO http server: listening on 0.0.0.0:8000
2020-11-12T13:27:38.361Z INFO dns configurator: using DNS address 1.1.1.1 internally
2020-11-12T13:27:38.362Z INFO dns configurator: using DNS address 1.1.1.1 system wide
2020-11-12T13:27:38.365Z INFO firewall: setting VPN connection through firewall...
2020-11-12T13:27:38.367Z INFO openvpn configurator: starting openvpn
2020-11-12T13:27:38.370Z INFO openvpn: OpenVPN 2.4.9 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on
Apr 20 2020
2020-11-12T13:27:38.370Z INFO openvpn: library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
2020-11-12T13:27:38.373Z INFO openvpn: CRL: loaded 1 CRLs from file [[INLINE]]
2020-11-12T13:27:38.374Z INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]<REDACTED>:1197
2020-11-12T13:27:38.374Z INFO openvpn: UDP link local: (not bound)
2020-11-12T13:27:38.374Z INFO openvpn: UDP link remote: [AF_INET]<REDACTED>:1197
2020-11-12T13:27:38.602Z INFO openvpn: [stockholm404] Peer Connection Initiated with [AF_INET]<REDACTED>:1197
2020-11-12T13:27:39.206Z INFO http proxy: 10.0.3.1:45290 unauthorized
2020-11-12T13:27:39.206Z INFO http server: HTTP GET /
2020-11-12T13:27:39.488Z INFO http server: HTTP GET /
2020-11-12T13:27:39.554Z INFO http proxy: 10.0.3.1:45316 unauthorized
2020-11-12T13:27:39.663Z INFO openvpn: OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified
by either --route-ipv6-gateway or --ifconfig-ipv6 options
2020-11-12T13:27:39.663Z INFO openvpn: OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
2020-11-12T13:27:39.663Z INFO openvpn: TUN/TAP device tun0 opened
2020-11-12T13:27:39.664Z INFO openvpn: /sbin/ip link set dev tun0 up mtu 1500
2020-11-12T13:27:39.665Z INFO openvpn: /sbin/ip addr add dev tun0 10.30.110.6/24 broadcast 10.30.110.255
2020-11-12T13:27:39.670Z WARN openvpn: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this int
erface, therefore the route installation may fail or may not work as expected.
2020-11-12T13:27:39.670Z INFO openvpn: UID set to nonrootuser
2020-11-12T13:27:39.670Z INFO openvpn: Initialization Sequence Completed
2020-11-12T13:27:39.670Z INFO dns configurator: downloading root hints from https://raw.githubusercontent.com/qdm12/files/master/named.root.upd
ated
2020-11-12T13:27:39.674Z INFO VPN routing IP address: <REDACTED>
2020-11-12T13:27:39.998Z INFO dns configurator: downloading root key from https://raw.githubusercontent.com/qdm12/files/master/root.key.updated
2020-11-12T13:27:40.128Z INFO dns configurator: generating Unbound configuration
2020-11-12T13:27:40.355Z INFO dns configurator: 62970 hostnames blocked overall
2020-11-12T13:27:40.355Z INFO dns configurator: 2695 IP addresses blocked overall
2020-11-12T13:27:40.488Z INFO dns configurator: starting unbound
2020-11-12T13:27:40.490Z INFO dns configurator: using DNS address 127.0.0.1 internally
2020-11-12T13:27:40.490Z INFO dns configurator: using DNS address 127.0.0.1 system wide
2020-11-12T13:27:40.870Z INFO unbound: init module 0: validator
2020-11-12T13:27:40.870Z INFO unbound: init module 1: iterator
2020-11-12T13:27:40.890Z INFO unbound: start of service (unbound 1.10.1).
2020-11-12T13:27:40.922Z INFO http proxy: 10.0.3.1:45338 unauthorized
2020-11-12T13:27:40.948Z INFO http server: HTTP GET /
2020-11-12T13:27:40.993Z INFO unbound: generate keytag query _ta-4a5c-4f66. NULL IN
2020-11-12T13:27:41.391Z INFO dns over tls: DNS over TLS is ready
2020-11-12T13:27:41.863Z INFO You are running on the bleeding edge of latest!
2020-11-12T13:27:42.024Z INFO ip getter: Public IP address is <REDACTED>
2020-11-12T13:31:18.299Z INFO http proxy: 192.168.18.21:34741 unauthorized
2020-11-12T13:31:18.897Z INFO http proxy: 192.168.18.21:34742 unauthorized
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 21 (11 by maintainers)
Hi. For my part you are welcome to close it. The container seems to be more stable now that I have put the proxy part in a separate container (it never crashes, which it did before, if I lost internet). So I don’t think I will go back to using the included proxy.
Also it is more in line with the “philosophy” of containers to keep separate things separate. 😃
Hello
That’s quite alright, there’s no hurry from my side, as I have been using a workaround, For anyone interested the workaround is just spinning up another container with a dedicated tinyproxy (remember to keep port 8888 open on the pia container).:
Anyway.