[Qbittorrent] Not work(non-authoritative)

[ProBreizh]

Hello,

I have a small problem, I can't download anything with a vpn connection.
Tracer error "Host not found (non-authoritative), try again later"
here are the logs:

`[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-aaa_dockerfile_backup.sh: executing...
[cont-init.d] 00-aaa_dockerfile_backup.sh: exited 0.
[cont-init.d] 00-banner.sh: executing...

Add-on: Qbittorrent
qBittorrent is a bittorrent client

Add-on version: 4.4.2-r4-ls189
You are running the latest version of this add-on.
System: Debian GNU/Linux 11 (bullseye) (armv7 / raspberrypi4)
Home Assistant Core: 2022.4.7
Home Assistant Supervisor: 2022.04.0

Please, share the above information when looking for help
or support in, e.g., GitHub, forums
https://github.com/alexbelgium/hassio-addons

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 00-folders.sh: executing...
[cont-init.d] 00-folders.sh: exited 0.
[cont-init.d] 01-envfile: executing...
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 01-migrations: executing...
[migrations] started
[migrations] no migrations found
[cont-init.d] 01-migrations: exited 0.
[cont-init.d] 02-tamper-check: executing...
[cont-init.d] 02-tamper-check: exited 0.
[cont-init.d] 10-adduser: executing...

      _         ()
     | |  ___   _    __
     | | / __| | |  /  \
     | | \__ \ | | | () |
     |_| |___/ |_|  \__/

Brought to you by linuxserver.io

To support LSIO projects visit:
https://www.linuxserver.io/donate/

GID/UID

User uid: 0
User gid: 0

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
[cont-init.d] 30-config: exited 0.
[cont-init.d] 30-nginx.sh: executing...
[cont-init.d] 30-nginx.sh: exited 0.
[cont-init.d] 90-custom-folders: executing...
[cont-init.d] 90-custom-folders: exited 0.
[cont-init.d] 90-dns_set.sh: executing...
[15:52:28] INFO: DNS SERVERS set to 8.8.8.8
[cont-init.d] 90-dns_set.sh: exited 0.
[cont-init.d] 91-qbittorrent_configuration.sh: executing...
[15:52:29] INFO: Downloads can be found in /share/qBittorrent
[15:52:29] INFO: Whitelisted subsets will not require a password : localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16,192.168.13.2/24
[15:52:31] INFO: WEBUI username set to admin
[15:52:32] INFO: Alternate UI enabled : qb-web. If webui don't work, disable this option
[15:52:35] INFO: Default username/password : admin/adminadmin
[15:52:35] INFO: Configuration can be found in /config/qBittorrent
[cont-init.d] 91-qbittorrent_configuration.sh: exited 0.
[cont-init.d] 92-local_mounts.sh: executing...
[cont-init.d] 92-local_mounts.sh: exited 0.
[cont-init.d] 92-smb_mounts.sh: executing...
[cont-init.d] 92-smb_mounts.sh: exited 0.
[cont-init.d] 93-openvpn.sh: executing...
[15:52:36] INFO: Configuring openvpn
[15:52:36] INFO: openvpn correctly set, qbittorrent will run tunnelled through openvpn
Using interface binding in the qBittorrent app
... deleting previous interface settings
... binding tun0 interface in qBittorrent configuration
... adding route-nopull to your config.ovpn
[cont-init.d] 93-openvpn.sh: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[15:52:37] WARNING: The run_duration option is set. The addon will stop after 5d
2022-04-29 15:52:37 DEPRECATED OPTION: ncp-disable. Disabling cipher negotiation is a deprecated debug feature that will be removed in OpenVPN 2.6
2022-04-29 15:52:37 us=292644 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-04-29 15:52:37 us=292814 Current Parameter Settings:
2022-04-29 15:52:37 us=292874 config = '/etc/openvpn/config.ovpn'
2022-04-29 15:52:37 us=292923 mode = 0
2022-04-29 15:52:37 us=292968 persist_config = DISABLED
2022-04-29 15:52:37 us=293013 persist_mode = 1
2022-04-29 15:52:37 us=293063 show_ciphers = DISABLED
2022-04-29 15:52:37 us=293115 show_digests = DISABLED
2022-04-29 15:52:37 us=293163 show_engines = DISABLED
2022-04-29 15:52:37 us=293209 genkey = DISABLED
2022-04-29 15:52:37 us=293254 genkey_filename = '[UNDEF]'
2022-04-29 15:52:37 us=293300 key_pass_file = '[UNDEF]'
2022-04-29 15:52:37 us=293345 show_tls_ciphers = DISABLED
2022-04-29 15:52:37 us=293390 connect_retry_max = 0
2022-04-29 15:52:37 us=293436 Connection profiles [0]:
2022-04-29 15:52:37 us=293482 proto = udp
2022-04-29 15:52:37 us=293527 local = '[UNDEF]'
2022-04-29 15:52:37 us=293572 local_port = '[UNDEF]'
2022-04-29 15:52:37 us=293616 remote = '87-1-fr.cg-dialup.net'
2022-04-29 15:52:37 us=293661 remote_port = '443'
2022-04-29 15:52:37 us=293706 remote_float = DISABLED
2022-04-29 15:52:37 us=293752 bind_defined = DISABLED
2022-04-29 15:52:37 us=293797 bind_local = DISABLED
2022-04-29 15:52:37 us=293842 bind_ipv6_only = DISABLED
2022-04-29 15:52:37 us=293889 connect_retry_seconds = 5
2022-04-29 15:52:37 us=293936 connect_timeout = 120
2022-04-29 15:52:37 us=293983 socks_proxy_server = '[UNDEF]'
2022-04-29 15:52:37 us=294029 socks_proxy_port = '[UNDEF]'
2022-04-29 15:52:37 us=294074 tun_mtu = 1500
2022-04-29 15:52:37 us=294118 tun_mtu_defined = ENABLED
2022-04-29 15:52:37 us=294162 link_mtu = 1500
2022-04-29 15:52:37 us=294207 link_mtu_defined = DISABLED
2022-04-29 15:52:37 us=294255 tun_mtu_extra = 0
2022-04-29 15:52:37 us=294299 tun_mtu_extra_defined = DISABLED
2022-04-29 15:52:37 us=294342 mtu_discover_type = -1
2022-04-29 15:52:37 us=294389 fragment = 0
2022-04-29 15:52:37 us=294434 mssfix = 1450
2022-04-29 15:52:37 us=294481 explicit_exit_notification = 2
2022-04-29 15:52:37 us=294526 tls_auth_file = '[UNDEF]'
2022-04-29 15:52:37 us=294572 key_direction = not set
2022-04-29 15:52:37 us=294617 tls_crypt_file = '[UNDEF]'
2022-04-29 15:52:37 us=294662 tls_crypt_v2_file = '[UNDEF]'
2022-04-29 15:52:37 us=294707 Connection profiles END
2022-04-29 15:52:37 us=294751 remote_random = DISABLED
2022-04-29 15:52:37 us=294795 ipchange = '[UNDEF]'
2022-04-29 15:52:37 us=294840 dev = 'tun'
2022-04-29 15:52:37 us=294884 dev_type = '[UNDEF]'
2022-04-29 15:52:37 us=294927 dev_node = '[UNDEF]'
2022-04-29 15:52:37 us=294974 lladdr = '[UNDEF]'
2022-04-29 15:52:37 us=295020 topology = 1
2022-04-29 15:52:37 us=295063 ifconfig_local = '[UNDEF]'
2022-04-29 15:52:37 us=295108 ifconfig_remote_netmask = '[UNDEF]'
2022-04-29 15:52:37 us=295154 ifconfig_noexec = DISABLED
2022-04-29 15:52:37 us=295197 ifconfig_nowarn = DISABLED
2022-04-29 15:52:37 us=295242 ifconfig_ipv6_local = '[UNDEF]'
2022-04-29 15:52:37 us=295285 ifconfig_ipv6_netbits = 0
2022-04-29 15:52:37 us=295329 ifconfig_ipv6_remote = '[UNDEF]'
2022-04-29 15:52:37 us=295373 shaper = 0
2022-04-29 15:52:37 us=295418 mtu_test = 0
2022-04-29 15:52:37 us=295462 mlock = DISABLED
2022-04-29 15:52:37 us=295506 keepalive_ping = 0
2022-04-29 15:52:37 us=295551 keepalive_timeout = 0
2022-04-29 15:52:37 us=295597 inactivity_timeout = 0
2022-04-29 15:52:37 us=295641 inactivity_minimum_bytes = 0
2022-04-29 15:52:37 us=295685 ping_send_timeout = 5
2022-04-29 15:52:37 us=295729 ping_rec_timeout = 60
2022-04-29 15:52:37 us=295773 ping_rec_timeout_action = 1
2022-04-29 15:52:37 us=295818 ping_timer_remote = ENABLED
2022-04-29 15:52:37 us=295862 remap_sigusr1 = 0
2022-04-29 15:52:37 us=295905 persist_tun = ENABLED
2022-04-29 15:52:37 us=295950 persist_local_ip = DISABLED
2022-04-29 15:52:37 us=295995 persist_remote_ip = DISABLED
2022-04-29 15:52:37 us=296039 persist_key = ENABLED
2022-04-29 15:52:37 us=296082 passtos = DISABLED
2022-04-29 15:52:37 us=296127 resolve_retry_seconds = 1000000000
2022-04-29 15:52:37 us=296207 resolve_in_advance = DISABLED
2022-04-29 15:52:37 us=296258 username = '[UNDEF]'
2022-04-29 15:52:37 us=296304 groupname = '[UNDEF]'
2022-04-29 15:52:37 us=296349 chroot_dir = '[UNDEF]'
2022-04-29 15:52:37 us=296394 cd_dir = '[UNDEF]'
2022-04-29 15:52:37 us=296440 writepid = '[UNDEF]'
2022-04-29 15:52:37 us=296496 up_script = '/etc/openvpn/up.sh'
2022-04-29 15:52:37 us=296563 down_script = '/etc/openvpn/down.sh'
2022-04-29 15:52:37 us=296630 down_pre = DISABLED
2022-04-29 15:52:37 us=296694 up_restart = DISABLED
2022-04-29 15:52:37 us=296757 up_delay = DISABLED
2022-04-29 15:52:37 us=296824 daemon = DISABLED
2022-04-29 15:52:37 us=296871 inetd = 0
2022-04-29 15:52:37 us=296917 log = DISABLED
2022-04-29 15:52:37 us=296962 suppress_timestamps = DISABLED
2022-04-29 15:52:37 us=297006 machine_readable_output = DISABLED
2022-04-29 15:52:37 us=297049 nice = 0
2022-04-29 15:52:37 us=297094 verbosity = 4
2022-04-29 15:52:37 us=297138 mute = 0
2022-04-29 15:52:37 us=297183 gremlin = 0
2022-04-29 15:52:37 us=297228 status_file = '[UNDEF]'
2022-04-29 15:52:37 us=297271 status_file_version = 1
2022-04-29 15:52:37 us=297316 status_file_update_freq = 60
2022-04-29 15:52:37 us=297362 occ = ENABLED
2022-04-29 15:52:37 us=297381 rcvbuf = 0
2022-04-29 15:52:37 us=297397 sndbuf = 0
2022-04-29 15:52:37 us=297412 mark = 0
2022-04-29 15:52:37 us=297428 sockflags = 0
2022-04-29 15:52:37 us=297443 fast_io = DISABLED
2022-04-29 15:52:37 us=297458 comp.alg = 0
2022-04-29 15:52:37 us=297472 comp.flags = 0
2022-04-29 15:52:37 us=297487 route_script = '[UNDEF]'
2022-04-29 15:52:37 us=297502 route_default_gateway = '[UNDEF]'
2022-04-29 15:52:37 us=297517 route_default_metric = 0
2022-04-29 15:52:37 us=297531 route_noexec = DISABLED
2022-04-29 15:52:37 us=297546 route_delay = 5
2022-04-29 15:52:37 us=297561 route_delay_window = 30
2022-04-29 15:52:37 us=297577 route_delay_defined = ENABLED
2022-04-29 15:52:37 us=297592 route_nopull = DISABLED
2022-04-29 15:52:37 us=297607 route_gateway_via_dhcp = DISABLED
2022-04-29 15:52:37 us=297621 allow_pull_fqdn = DISABLED
2022-04-29 15:52:37 us=297636 Pull filters:
2022-04-29 15:52:37 us=297651 ignore "dhcp-option DNS6"
2022-04-29 15:52:37 us=297667 ignore "tun-ipv6"
2022-04-29 15:52:37 us=297682 ignore "ifconfig-ipv6"
2022-04-29 15:52:37 us=297698 [redirect_default_gateway local=0]
2022-04-29 15:52:37 us=297715 route 192.168.1.0/255.255.255.0/net_gateway/default (not set)
2022-04-29 15:52:37 us=297731 management_addr = '[UNDEF]'
2022-04-29 15:52:37 us=297745 management_port = '[UNDEF]'
2022-04-29 15:52:37 us=297759 management_user_pass = '[UNDEF]'
2022-04-29 15:52:37 us=297774 management_log_history_cache = 250
2022-04-29 15:52:37 us=297789 management_echo_buffer_size = 100
2022-04-29 15:52:37 us=297805 management_write_peer_info_file = '[UNDEF]'
2022-04-29 15:52:37 us=297819 management_client_user = '[UNDEF]'
2022-04-29 15:52:37 us=297834 management_client_group = '[UNDEF]'
2022-04-29 15:52:37 us=297848 management_flags = 0
2022-04-29 15:52:37 us=297862 shared_secret_file = '[UNDEF]'
2022-04-29 15:52:37 us=297877 key_direction = not set
2022-04-29 15:52:37 us=297892 ciphername = 'AES-256-CBC'
2022-04-29 15:52:37 us=297906 ncp_enabled = DISABLED
2022-04-29 15:52:37 us=297921 ncp_ciphers = 'AES-256-GCM:AES-128-GCM:AES-256-CBC'
2022-04-29 15:52:37 us=297935 authname = 'SHA256'
2022-04-29 15:52:37 us=297950 prng_hash = 'SHA1'
2022-04-29 15:52:37 us=297964 prng_nonce_secret_len = 16
2022-04-29 15:52:37 us=297978 keysize = 0
2022-04-29 15:52:37 us=297992 engine = DISABLED
2022-04-29 15:52:37 us=298007 replay = ENABLED
2022-04-29 15:52:37 us=298022 mute_replay_warnings = DISABLED
2022-04-29 15:52:37 us=298036 replay_window = 64
2022-04-29 15:52:37 us=298050 replay_time = 15
2022-04-29 15:52:37 us=298064 packet_id_file = '[UNDEF]'
2022-04-29 15:52:37 us=298078 test_crypto = DISABLED
2022-04-29 15:52:37 us=298092 tls_server = DISABLED
2022-04-29 15:52:37 us=298106 tls_client = ENABLED
2022-04-29 15:52:37 us=298120 ca_file = '[INLINE]'
2022-04-29 15:52:37 us=298193 ca_path = '[UNDEF]'
2022-04-29 15:52:37 us=298216 dh_file = '[UNDEF]'
2022-04-29 15:52:37 us=298231 cert_file = '[INLINE]'
2022-04-29 15:52:37 us=298246 extra_certs_file = '[UNDEF]'
2022-04-29 15:52:37 us=298260 priv_key_file = '[INLINE]'
2022-04-29 15:52:37 us=298274 pkcs12_file = '[UNDEF]'
2022-04-29 15:52:37 us=298288 cipher_list = '[UNDEF]'
2022-04-29 15:52:37 us=298302 cipher_list_tls13 = '[UNDEF]'
2022-04-29 15:52:37 us=298319 tls_cert_profile = '[UNDEF]'
2022-04-29 15:52:37 us=298333 tls_verify = '[UNDEF]'
2022-04-29 15:52:37 us=298349 tls_export_cert = '[UNDEF]'
2022-04-29 15:52:37 us=298363 verify_x509_type = 0
2022-04-29 15:52:37 us=298378 verify_x509_name = '[UNDEF]'
2022-04-29 15:52:37 us=298392 crl_file = '[UNDEF]'
2022-04-29 15:52:37 us=298407 ns_cert_type = 0
2022-04-29 15:52:37 us=298422 remote_cert_ku[i] = 65535
2022-04-29 15:52:37 us=298436 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298450 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298464 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298478 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298492 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298505 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298519 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298533 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298547 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298561 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298575 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298589 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298603 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298617 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298630 remote_cert_ku[i] = 0
2022-04-29 15:52:37 us=298645 remote_cert_eku = 'TLS Web Server Authentication'
2022-04-29 15:52:37 us=298660 ssl_flags = 0
2022-04-29 15:52:37 us=298674 tls_timeout = 2
2022-04-29 15:52:37 us=298688 renegotiate_bytes = -1
2022-04-29 15:52:37 us=298702 renegotiate_packets = 0
2022-04-29 15:52:37 us=298716 renegotiate_seconds = 3600
2022-04-29 15:52:37 us=298730 handshake_window = 60
2022-04-29 15:52:37 us=298745 transition_window = 3600
2022-04-29 15:52:37 us=298759 single_session = DISABLED
2022-04-29 15:52:37 us=298773 push_peer_info = DISABLED
2022-04-29 15:52:37 us=298787 tls_exit = DISABLED
2022-04-29 15:52:37 us=298802 tls_crypt_v2_metadata = '[UNDEF]'
2022-04-29 15:52:37 us=298821 server_network = 0.0.0.0
2022-04-29 15:52:37 us=298838 server_netmask = 0.0.0.0
2022-04-29 15:52:37 us=298859 server_network_ipv6 = ::
2022-04-29 15:52:37 us=298873 server_netbits_ipv6 = 0
2022-04-29 15:52:37 us=298891 server_bridge_ip = 0.0.0.0
2022-04-29 15:52:37 us=298908 server_bridge_netmask = 0.0.0.0
2022-04-29 15:52:37 us=298925 server_bridge_pool_start = 0.0.0.0
2022-04-29 15:52:37 us=298943 server_bridge_pool_end = 0.0.0.0
2022-04-29 15:52:37 us=298957 ifconfig_pool_defined = DISABLED
2022-04-29 15:52:37 us=299038 ifconfig_pool_start = 0.0.0.0
2022-04-29 15:52:37 us=299062 ifconfig_pool_end = 0.0.0.0
2022-04-29 15:52:37 us=299079 ifconfig_pool_netmask = 0.0.0.0
2022-04-29 15:52:37 us=299094 ifconfig_pool_persist_filename = '[UNDEF]'
2022-04-29 15:52:37 us=299110 ifconfig_pool_persist_refresh_freq = 600
2022-04-29 15:52:37 us=299124 ifconfig_ipv6_pool_defined = DISABLED
2022-04-29 15:52:37 us=299144 ifconfig_ipv6_pool_base = ::
2022-04-29 15:52:37 us=299159 ifconfig_ipv6_pool_netbits = 0
2022-04-29 15:52:37 us=299173 n_bcast_buf = 256
2022-04-29 15:52:37 us=299187 tcp_queue_limit = 64
2022-04-29 15:52:37 us=299201 real_hash_size = 256
2022-04-29 15:52:37 us=299215 virtual_hash_size = 256
2022-04-29 15:52:37 us=299229 client_connect_script = '[UNDEF]'
2022-04-29 15:52:37 us=299243 learn_address_script = '[UNDEF]'
2022-04-29 15:52:37 us=299258 client_disconnect_script = '[UNDEF]'
2022-04-29 15:52:37 us=299272 client_config_dir = '[UNDEF]'
2022-04-29 15:52:37 us=299286 ccd_exclusive = DISABLED
2022-04-29 15:52:37 us=299300 tmp_dir = '/tmp'
2022-04-29 15:52:37 us=299315 push_ifconfig_defined = DISABLED
2022-04-29 15:52:37 us=299332 push_ifconfig_local = 0.0.0.0
2022-04-29 15:52:37 us=299349 push_ifconfig_remote_netmask = 0.0.0.0
2022-04-29 15:52:37 us=299364 push_ifconfig_ipv6_defined = DISABLED
2022-04-29 15:52:37 us=299384 push_ifconfig_ipv6_local = ::/0
2022-04-29 15:52:37 us=299406 push_ifconfig_ipv6_remote = ::
2022-04-29 15:52:37 us=299421 enable_c2c = DISABLED
2022-04-29 15:52:37 us=299436 duplicate_cn = DISABLED
2022-04-29 15:52:37 us=299451 cf_max = 0
2022-04-29 15:52:37 us=299466 cf_per = 0
2022-04-29 15:52:37 us=299481 max_clients = 1024
2022-04-29 15:52:37 us=299496 max_routes_per_client = 256
2022-04-29 15:52:37 us=299511 auth_user_pass_verify_script = '[UNDEF]'
2022-04-29 15:52:37 us=299526 auth_user_pass_verify_script_via_file = DISABLED
2022-04-29 15:52:37 us=299542 auth_token_generate = DISABLED
2022-04-29 15:52:37 us=299557 auth_token_lifetime = 0
2022-04-29 15:52:37 us=299572 auth_token_secret_file = '[UNDEF]'
2022-04-29 15:52:37 us=299587 port_share_host = '[UNDEF]'
2022-04-29 15:52:37 us=299602 port_share_port = '[UNDEF]'
2022-04-29 15:52:37 us=299617 vlan_tagging = DISABLED
2022-04-29 15:52:37 us=299633 vlan_accept = all
2022-04-29 15:52:37 us=299648 vlan_pvid = 1
2022-04-29 15:52:37 us=299662 client = ENABLED
2022-04-29 15:52:37 us=299676 pull = ENABLED
2022-04-29 15:52:37 us=299691 auth_user_pass_file = '/etc/openvpn/credentials'
2022-04-29 15:52:37 us=299711 OpenVPN 2.5.6 armv7-alpine-linux-musleabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 17 2022
2022-04-29 15:52:37 us=299743 library versions: OpenSSL 1.1.1n 15 Mar 2022, LZO 2.10
2022-04-29 15:52:37 us=300098 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2022-04-29 15:52:37 us=303692 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2022-04-29 15:52:37 us=354463 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
2022-04-29 15:52:37 us=354680 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
2022-04-29 15:52:37 us=354713 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
2022-04-29 15:52:37 us=354798 TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.60.122:443
2022-04-29 15:52:37 us=354876 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-04-29 15:52:37 us=354952 UDP link local: (not bound)
2022-04-29 15:52:37 us=354979 UDP link remote: [AF_INET]84.17.60.122:443
2022-04-29 15:52:37 us=368074 TLS: Initial packet from [AF_INET]84.17.60.122:443, sid=286180f5 dddfc798
2022-04-29 15:52:37 us=397868 VERIFY OK: depth=1, C=RO, L=Bucharest, O=CyberGhost S.A., CN=CyberGhost Root CA, emailAddress=info@cyberghost.ro
2022-04-29 15:52:37 us=400019 VERIFY KU OK
2022-04-29 15:52:37 us=400129 Validating certificate extended key usage
2022-04-29 15:52:37 us=400186 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-04-29 15:52:37 us=400255 VERIFY EKU OK
2022-04-29 15:52:37 us=400292 VERIFY OK: depth=0, CN=paris-rack402.nodes.gen4.ninja
2022-04-29 15:52:37 us=543409 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1553'
2022-04-29 15:52:37 us=543576 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2022-04-29 15:52:37 us=544048 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA256
2022-04-29 15:52:37 us=544280 [paris-rack402.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.60.122:443
2022-04-29 15:52:37 us=557504 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route-ipv6 2000::/3,dhcp-option DNS 10.0.0.243,route-gateway 10.13.4.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.13.4.178 255.255.255.0,peer-id 15'
2022-04-29 15:52:37 us=557621 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2022-04-29 15:52:37 us=557812 OPTIONS IMPORT: timers and/or timeouts modified
2022-04-29 15:52:37 us=557847 OPTIONS IMPORT: --ifconfig/up options modified
2022-04-29 15:52:37 us=557866 OPTIONS IMPORT: route options modified
2022-04-29 15:52:37 us=557883 OPTIONS IMPORT: route-related options modified
2022-04-29 15:52:37 us=557899 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2022-04-29 15:52:37 us=557914 OPTIONS IMPORT: peer-id set
2022-04-29 15:52:37 us=557931 OPTIONS IMPORT: adjusting link_mtu to 1624
2022-04-29 15:52:37 us=558258 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2022-04-29 15:52:37 us=558322 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
2022-04-29 15:52:37 us=558352 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2022-04-29 15:52:37 us=558385 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
2022-04-29 15:52:37 us=558922 ROUTE_GATEWAY 172.30.32.1/255.255.254.0 IFACE=eth0 HWADDR=02:42:ac:1e:21:03
2022-04-29 15:52:37 us=559085 GDG6: remote_host_ipv6=n/a
2022-04-29 15:52:37 us=559122 net_route_v6_best_gw query: dst ::
2022-04-29 15:52:37 us=559340 sitnl_send: rtnl: generic error (-101): Network unreachable
2022-04-29 15:52:37 us=559405 ROUTE6: default_gateway=UNDEF
2022-04-29 15:52:37 us=560507 TUN/TAP device tun0 opened
2022-04-29 15:52:37 us=560589 do_ifconfig, ipv4=1, ipv6=0
2022-04-29 15:52:37 us=560654 /sbin/ip link set dev tun0 up mtu 1500
2022-04-29 15:52:37 us=569328 /sbin/ip link set dev tun0 up
2022-04-29 15:52:37 us=574044 /sbin/ip addr add dev tun0 10.13.4.178/24
2022-04-29 15:52:37 us=577687 /etc/openvpn/up.sh tun0 1500 1624 10.13.4.178 255.255.255.0 init
******** Information ********
Pour contrôler qBittorrent, accédez à l’interface Web à : http://localhost:8080
[15:52:38] INFO: Starting NGinx...
2022-04-29 15:52:42 us=638829 /sbin/ip route add 84.17.60.122/32 via 172.30.32.1
2022-04-29 15:52:42 us=642741 /sbin/ip route add 0.0.0.0/1 via 10.13.4.1
2022-04-29 15:52:42 us=645932 /sbin/ip route add 128.0.0.0/1 via 10.13.4.1
2022-04-29 15:52:42 us=649130 /sbin/ip route add 192.168.1.0/24 via 172.30.32.1
2022-04-29 15:52:42 us=652251 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun0, therefore the route installation may fail or may not work as expected.
2022-04-29 15:52:42 us=652332 add_route_ipv6(2000::/3 -> :: metric -1) dev tun0
2022-04-29 15:52:42 us=652380 /sbin/ip -6 route add 2000::/3 dev tun0
Error: IPv6 is disabled on nexthop device.
2022-04-29 15:52:42 us=655560 ERROR: Linux route -6 add command failed: external program exited with error status: 2
2022-04-29 15:52:42 us=655659 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2022-04-29 15:52:42 us=655678 Initialization Sequence Completed`

[alexbelgium]

Hi,

Thanks for the log. This means you can't connect - are you sure of your openvpn config? For example it says that you have ipv6 configured which should probably be removed

[ProBreizh]

Hi,
Thanks for the answer, so I disabled ipv6 perform a reboot, just like I tried with ipv6 enabled it doesn't change my problem.

For the configuration of the .opvn file I'm not 100% sure since I'm starting with this type of file.
I must have missed something, but I don't know what.
Vpn : cyberghost

the command cat /proc/sys/net/ipv6/conf/all/disable_ipv6 gives me 0 which means that under debian (rpi) ipv6 is enabled

Here is my configuration.
`client
remote SERVEUR 443
dev tun
proto udp
auth-user-pass /credentials.txt

resolv-retry infinite
#redirect-gateway def1
persist-key
persist-tun
nobind
cipher AES-256-CBC
#ncp-disable
auth SHA256
ping 5
ping-exit 60
ping-timer-rem
explicit-exit-notify 2
script-security 2
remote-cert-tls server
route-delay 5
verb 4
route 192.168.13.2 255.255.255.0 net_gateway
--pull-filter ignore "dhcp-option DNS6"
--pull-filter ignore "tun-ipv6"
--pull-filter ignore "ifconfig-ipv6"
--pull-filter ignore "dhcp-option DNS" #if enabled it works but with a lot of real ip leakage. If disabling the vpn connection does not work
#--ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1 #activate or disable = not working
--block-ipv6 #activate or disable = not working





`

[alexbelgium]

Honestly I don't use openvpn but I'll try to search for this type of error. A first Google search seems to indicate a dns unavailability, which should be avoided by the fact of setting 8.8.8.8.except if the issue is with openvpn which is why I was thinking about that.

Just to be sure to pinpoint the issue : is qbittorrent working fine without openvpn, like to download a free file such as a Linux distribution? Also, have you tried the openvpn alternative mode? Alternative/normal vpn modes work by setting openvpn either at container or app level.

Thanks!

[ProBreizh]

Hi!
So I put 8.8.8.8 as it was the default.
For the connection without vpn it works perfectly.
For openvpn I am already on the alternative (Cyberghost).
After I can try to change the dns by something else if needed.
I'm not at all used to using docker so it's not easy for me.

[tyjtyj]

VPN is broken for me.. the weird thing is i roll back to last working version 4.4.1 it still broken.. I could not figure out what wrong.
From the tun0, i can reach the internet, traceroute also works. Only inside QBT, it does not work.

root@HassDebian:~# docker exec -it addon_db21ed7f_qbittorrent /bin/bash
root@db21ed7f-qbittorrent:/$ traceroute -i tun0 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 10.200.0.1 (10.200.0.1) 242.484 ms 243.064 ms 241.452 ms
===========removed============================
5 74.125.244.145 (74.125.244.145) 243.315 ms 108.170.250.241 (108.170.250.241) 242.610 ms 242.411 ms
6 172.253.69.115 (172.253.69.115) 241.847 ms 172.253.69.113 (172.253.69.113) 241.706 ms 142.251.68.27 (142.251.68.27) 241.586 ms
7 dns.google (8.8.8.8) 242.169 ms 242.640 ms 241.648 ms
root@db21ed7f-qbittorrent:/$ ping -I tun0 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=118 time=247.546 ms
64 bytes from 8.8.8.8: seq=1 ttl=118 time=242.582 ms
64 bytes from 8.8.8.8: seq=2 ttl=118 time=242.743 ms

All the tracker unreachable and QBT seems has no internet connection.
Last working was 23/4/2022. I dont remember any changes beside upgrade to 4.4.2 on 28/4/2022
I rollback the whole homeassistant to 18/4/2022 and it still broken

2022-05-02 12:45:58 OpenVPN 2.5.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 17 2022
2022-05-02 12:45:58 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
2022-05-02 12:45:58 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2022-05-02 12:45:58 TCP/UDP: Preserving recently used remote address: [AF_INET]162.x.x.x1194
2022-05-02 12:45:58 UDP link local: (not bound)
2022-05-02 12:45:58 UDP link remote: [AF_INET]162.x.x.x:1194
2022-05-02 12:45:59 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1586', remote='link-mtu 1602'
2022-05-02 12:45:59 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
2022-05-02 12:45:59 [openvpn2.xxxxxxx.com] Peer Connection Initiated with [AF_INET]162.x.x.x:1194
2022-05-02 12:46:00 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
2022-05-02 12:46:00 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
2022-05-02 12:46:00 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
2022-05-02 12:46:00 TUN/TAP device tun0 opened
2022-05-02 12:46:00 /sbin/ip link set dev tun0 up mtu 1500
2022-05-02 12:46:00 /sbin/ip link set dev tun0 up
2022-05-02 12:46:00 /sbin/ip addr add dev tun0 local 10.200.0.14 peer 10.200.0.13
2022-05-02 12:46:00 /etc/openvpn/up.sh tun0 1500 1553 10.200.0.14 10.200.0.13 init
2022-05-02 12:46:00 Initialization Sequence Completed
******** Information ********
To control qBittorrent, access the WebUI at: https://localhost:8080
[12:46:01] INFO: Starting NGinx...

netstat shows traffic sent out but not receive return...... my brain stop processing beyond this.

[alexbelgium]

Hi, well I don't use openvpn so I'm not the biggest expert but I'll look at what I can find.

Do you have a way to find if your openvpn config works outside of this addon? Like for example, is it working if you connect with openvpn through another app ? This would make sure it is still valid, and that the issue is within the addon (probable if you both have the issue).

Have you tried checking or not the "openvpn alt mode" option ? This was my last change to the script - it adds (or removes) the "no-pull" directive to your openvpn config file to ensure that it works...

As you say that rolling back to a previous version doesn't work, I've looked at openvpn releases logs, but didn't see anything that seemed relevant...

[tyjtyj]

Hi, well I don't use openvpn so I'm not the biggest expert but I'll look at what I can find.

Do you have a way to find if your openvpn config works outside of this addon? Like for example, is it working if you connect with openvpn through another app ? This would make sure it is still valid, and that the issue is within the addon (probable if you both have the issue).

Have you tried checking or not the "openvpn alt mode" option ? This was my last change to the script - it adds (or removes) the "no-pull" directive to your openvpn config file to ensure that it works...

As you say that rolling back to a previous version doesn't work, I've looked at openvpn releases logs, but didn't see anything that seemed relevant...

Honestly. After 1 whole google researching.... i doubt this has anything to do with your container.. It is either QBT bug or docker bug and i still trying to find out...i will post update if i found any solution.

I have rollback 4 version before you fixed the ip address leak and it still not working. From networking(i am network enginner) perspective everything seems to be correct. I gonna try to load Home Assistant backup before 2022 and see if it works.. and that gonna mess up lots of my stuff. I need a maintenance windows.

@alexbelgium if you wanna try out i can give you my openvpn access to try tinkling with it

Update: i restore home assistant from backup in 1st April and still not working.. last know working was 24/4.
The only thing dint change is the proxmox host. Is TS on proxmox too.

[alexbelgium]

Actually, I'm using the free openvpn from "https://www.freeopenvpn.org/connect.php?lang=en", with the public username and password, and it allows downloading the ubuntu https://releases.ubuntu.com/22.04/ubuntu-22.04-desktop-amd64.iso.torrent

So actually I was wrong - I can't reproduce, the latest version is working for me!

Here is my config :

DNS_server: 8.8.8.8,1.1.1.1
PGID: 0
PUID: 0
SavePath: /mnt/NAS/downloads
Username: admin3
certfile: fullchain.pem
customUI: vuetorrent
keyfile: privkey.pem
ssl: true
whitelist: localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16
localdisks: NAS
openvpn_enabled: true
silent: true
openvpn_config: config.ovpn
openvpn_username: freeopenvpn
openvpn_password: '767629894'
openvpn_alt_mode: false

and my log : https://pastebin.com/JjnnV6aP

I've also check the openvpn_alt_mode and it also works

[tyjtyj]

alt_mode works but it is not secure.. all the connect going out without vpn.

[alexbelgium]

I was trying to check that - if the nopull option is correctly set it should capture network data

[tyjtyj]

i can see the source and destination ip on the router.. so it definitely not secure...
Another sign, it going at my fiber speed with never happen over vpn.

[alexbelgium]

I'll look for the alt_mode and either remove it or check how it can securely pull the connection

However, with the main mode I can connect fine to the free vpn I was linking above. And it truly works - downloads are at a crawl ;-)

[tyjtyj]

do you mind sharing what your HA installation ? HAOS / DEBIAN over VM/VMWARE/PROXMOX.

I think i suspect proxmox because i rules out everything till whole Debian backup in 1st April.

Another thing, what else change beside route-nopull ?

Your logs is missing these line

[21:18:55] INFO: openvpn correctly set, qbittorrent will run tunnelled through openvpn
Using interface binding in the qBittorrent app
... deleting previous interface settings
... binding tun0 interface in qBittorrent configuration
... adding route-nopull to your config.ovpn

[alexbelgium]

I'm using HAos indeed on an rpi4b

[alexbelgium]

So a bit more infos :

• Normal mode :
  • Log : https://pastebin.com/ntRgGgH4 (you're right I had not pasted the full correct log above)
  • Check external ip from command line : curl ipecho.net/plain shows my internal ip (expected as the vpn only applies to qbittorrent)
  • qBittorrent downloads speed 100kbps
• Alt-mode :
  • Log : https://pastebin.com/xH3ntdq9
  • Check external ip from command line : curl ipecho.net/plain shows the vpn ip
  • qBittorrent downloads speed 2 Mbps

So from what I observe, everything is fine...

EDIT : actually it seems that it can download but not fetch metadata and I can replicate the "Host not found (non-authoritative)"... However ping works so openvpn work - it truly seems to be a qbittorrent issue... No? Still continuing my investigation :-)

[alexbelgium]

Could you please try to 1) stop qbittorrent, 2) rename /config/qbittorrent to something else, 3) restart and readd a torrent ?

I've done that and I think it allowed to download the Ubuntu torrent linked above with openvpn turned on? Thanks! Or it was just a coincidence but since deleting my qbittorrent folder I see to be able to download with both settings with openvpn

Edit : well it worked for some time and now not anymore...

Edit2 : and now works again, confirmed by downloading a test torrent that shows the download ip. Not sure why. I've noticed openvpn modifies the /etc/resolv.conf file that is responsible for dns (the main probable culprit for this issue) but it sets the dns to 8.8.8.8 which is the same behavior as my addon. So not sure why it doesn't work!

[tyjtyj]

I spin up the whole new Virtual Machine HA supervisor install and it does not work.
Yes, I have tried your steps. Deleting the whole config/qbittorrent folder and let it recreate.

I will try physical Pi4 when possible and update it.
Alt mode work for now but i still seeing the IP on the router which is not secure.
Funny is RSS works. Just tracker and traffic does not work.
Do it has anything to do with app armor?

[alexbelgium]

It's strange indeed... Ping works, downloading works if some metadata are already available (like starting a download without vpn, then continuing with vpn), but not accessing the hosts directly in most case. However, in some case, I was able to make the vpn work but I can't replicate (I tried deleting the folder, right clicking rzannounce, force check... And sometime bam it just starts working again).

I will continue investigating. I think it's due to dns, as if metadata are already downloaded it seems to download using peers, but if a new torrent is added it can't resolve the host (with the initial error message in the title).

I think openvpn messes with /etc/resolv.conf as at one moment I opened this file and there was this text :

# Generated by openvpn for interface tun0
nameserver 8.8.8.8

Edit :

• probably alt mode is dependent on the ovpn config, as I could check from command line and with a downloaded test torrent that with my config it is indeed protected by vpn
• apparmor is always a big unknown to me, but seeing the addon works without vpn I think we can rule that out. It should really be about something in the addon.
• I'll try to restore an old version of the addon on my test repo to see if it works, but I have low hope as you already tested that

Edit2 :
Ah ah, by connecting with portainer to qbittorrent running openvpn in alt mode (so with the whole container behind vpn in my case), I can ping google.com, I can ping ubuntu.com, but I CANT ping torrents.ubuntu.com. So it seems that openvpn SPECIFICALLY prevents to connect to torrents hosts! not sure why. I've tested several DNS (8.8.8.8, 1.1.1.1, ...) and it gives the same result - I can ping sites except for torrent trackers

Edit3 :
pinging doesn't work for torrent sites in names resolution, but works with ip. It is truly a DNS issue

ping yahoo.com
> PING yahoo.com (74.6.143.26): 56 data bytes
db21ed7f-qbittorrent ~ # ping torrent.ubuntu.com
> ping: bad address 'torrent.ubuntu.com'
ping 91.189.95.21 # the ip of torrent.ubuntu.com
> PING 91.189.95.21 (91.189.95.21): 56 data bytes

[tyjtyj]

It's strange indeed... Ping works, downloading works if some metadata are already available (like starting a download without vpn, then continuing with vpn), but not accessing the hosts directly in most case. However, in some case, I was able to make the vpn work but I can't replicate (I tried deleting the folder, right clicking rzannounce, force check... And sometime bam it just starts working again).

I will continue investigating. I think it's due to dns, as if metadata are already downloaded it seems to download using peers, but if a new torrent is added it can't resolve the host (with the initial error message in the title).

I think openvpn messes with /etc/resolv.conf as at one moment I opened this file and there was this text :

# Generated by openvpn for interface tun0
nameserver 8.8.8.8

Edit :

* probably alt mode is dependent on the ovpn config, as I could check from command line and with a downloaded test torrent that with my config it is indeed protected by vpn

* apparmor is always a big unknown to me, but seeing the addon works without vpn I think we can rule that out. It should really be about something in the addon.

* I'll try to restore an old version of the addon on my test repo to see if it works, but I have low hope as you already tested that

Edit2 : Ah ah, by connecting with portainer to qbittorrent running openvpn in alt mode (so with the whole container behind vpn in my case), I can ping google.com, I can ping ubuntu.com, but I CANT ping torrents.ubuntu.com. So it seems that openvpn SPECIFICALLY prevents to connect to torrents hosts! not sure why. I've tested several DNS (8.8.8.8, 1.1.1.1, ...) and it gives the same result - I can ping sites except for torrent trackers

Edit3 : pinging doesn't work for torrent sites in names resolution, but works with ip. It is truly a DNS issue

ping yahoo.com
> PING yahoo.com (74.6.143.26): 56 data bytes
db21ed7f-qbittorrent ~ # ping torrent.ubuntu.com
> ping: bad address 'torrent.ubuntu.com'
ping 91.189.95.21 # the ip of torrent.ubuntu.com
> PING 91.189.95.21 (91.189.95.21): 56 data bytes

It might your vpn host blocking the torrent site mean while my vpn provider is for torrent traffic

[alexbelgium]

It might your vpn host blocking the torrent site mean while my vpn provider is for torrent traffic

When my vpn works, I can download torrents. Furthermore, the ping works for the torrent.ubuntu.com ip, it only doesn't work for the name resolution (pinging torrent.ubuntu.com). And third, if I download the metadata without vpn, I can download with vpn enabled

So I really think that there is something wrong with openvpn messing with DNS but I can't see why... I see that the last release of openvpn is from 2 weeks ago, I'll try pinning an old one to see if it helps

[tyjtyj]

It might your vpn host blocking the torrent site mean while my vpn provider is for torrent traffic

When my vpn works, I can download torrents. Furthermore, the ping works for the torrent.ubuntu.com ip, it only doesn't work for the name resolution (pinging torrent.ubuntu.com). And third, if I download the metadata without vpn, I can download with vpn enabled

So I really think that there is something wrong with openvpn messing with DNS but I can't see why... I see that the last release of openvpn is from 2 weeks ago, I'll try pinning an old one to see if it helps

@alexbelgium, after battling for few days and few proxmox, vmware, pi4 countless hours of testing.
i got a message my torrent completed while outside having lunch... everything back to normal.. I am sorry for your time.
This is my provider issue(3 different vpn server all resume) and nothing to do with your package. All my test setup working as per normal.
Further testing ALT_Mode still seeing ip on the router but that is not my concern. Possible missing redirect_gateway in the opn file. I am not sure.
I sincerely apologies for the time you put in to test the setup.

I did not hear from the original owner hope he has fix the issue...Maybe he using same provider as me :D :D.
As part of the testing I notice my provider also changed the cert in openvpn file and probably move to new cert and leaving old cert disable without knowing old and new cert not working. I suggest the OP download the new openvpn file and redo it.

[alexbelgium]

Huge thanks for the feedback!

It still doesn't work for me but I don't use vpn usually so it doesn't matter ;)

For alt_mode I think I'll add a message in the log that shows the ip used to communicate externally so the owner can check if vpn is correctly set or not... Probably I can compare ip before / after starting openvpn and stop the addon if it is the same!

Hi @ProBreizh, how is it going for you? Is it working now or not?

Thanks

[tyjtyj]

The troubleshooting failed for me as my vpn provider allow traffic to major site but blocking torrent traffic.. That why i cant figure out why it is not working for qbt and working for other page.

[alexbelgium]

I've pushed a new version that securizes the alt mode : it notes in a file the ip address before starting the vpn, then after. If it is the same, it stops the addon and puts an error message. If you install it and start it in alt mode it should normally stop automatically :)

[alexbelgium]

Here is the message showing if vpn works in alt_mode :
[19:50:12] INFO: VPN is up and running with ip 5.255.88.7
[19:50:12] INFO: Starting NGinx...

[ProBreizh]

Hello,

@alexbelgium ,Sorry for the delay in responding.

For the moment it seems to work perfectly.

"To control qBittorrent, access the web interface at: http://localhost:8080
[18:01:33] INFO: Starting NGinx...
2022-05-06 18:01:37 us=484026 /sbin/ip route add 191.96.168.9/32 via 172.30.32.1
2022-05-06 18:01:37 us=488387 /sbin/ip route add 0.0.0.0/1 via 10.3.4.1
2022-05-06 18:01:37 us=491619 /sbin/ip route add 128.0.0.0/1 via 10.3.4.1
2022-05-06 18:01:37 us=494730 /sbin/ip route add 192.168.13.2/24 via 172.30.32.1
Error: Invalid prefix for the given prefix length.
2022-05-06 18:01:37 us=498102 ERROR: The Linux route add command failed: the external program exited with error status 2.
2022-05-06 18:01:37 us=498308 WARNING: This configuration may cache passwords in memory -- use the auth-nocache option to avoid this."

Is it normal that I have recursive routes in my logs now?

us=101030 Recursive routing detected, drop tun packet to "IP"

[alexbelgium]

Good news! For recursive routes I have no idea, I don't know openvpn much... Reading on Google it seems possibly linked to having dht enabled? But I don't know the impact or lack of

[tyjtyj]

Hello,

@alexbelgium ,Sorry for the delay in responding.

For the moment it seems to work perfectly.

"To control qBittorrent, access the web interface at: http://localhost:8080
[18:01:33] INFO: Starting NGinx...
2022-05-06 18:01:37 us=484026 /sbin/ip route add 191.96.168.9/32 via 172.30.32.1
2022-05-06 18:01:37 us=488387 /sbin/ip route add 0.0.0.0/1 via 10.3.4.1
2022-05-06 18:01:37 us=491619 /sbin/ip route add 128.0.0.0/1 via 10.3.4.1
2022-05-06 18:01:37 us=494730 /sbin/ip route add 192.168.13.2/24 via 172.30.32.1
Error: Invalid prefix for the given prefix length.
2022-05-06 18:01:37 us=498102 ERROR: The Linux route add command failed: the external program exited with error status 2.
2022-05-06 18:01:37 us=498308 WARNING: This configuration may cache passwords in memory -- use the auth-nocache option to avoid this."

Is it normal that I have recursive routes in my logs now?

us=101030 Recursive routing detected, drop tun packet to "IP"
In this localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16,192.168.13.2/24

Remove this from you qbittorrent configuration
192.168.13.2/24

[ProBreizh]

hello,

@tyjtyj ,After checking I have nothing that indicates 192.168.13.2/24 in the qbitorrent configuration. The only place where it is indicated is in the openvpn configuration with this line "route 192.168.13.2 255.255.255.0 net_gateway".

Should I delete the line?

@alexbelgium Thanks for the update that corrected the problem :D

[tyjtyj]

hello,

@tyjtyj ,After checking I have nothing that indicates 192.168.13.2/24 in the qbitorrent configuration. The only place where it is indicated is in the openvpn configuration with this line "route 192.168.13.2 255.255.255.0 net_gateway".

Should I delete the line?

@alexbelgium Thanks for the update that corrected the problem :D

If it is working.. Just leave it.
BTW. I am referring to the home assistant qbittorrent configuration section. Where you put the vpn username and password
Under whitelist there is localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16,192.168.13.2/24 based on your initial log. Remove 192.168.2/24 if it is still there

[ProBreizh]

Thanks for your answer, since the initial configuration yes I deleted the 192.168.13.2/24.

I checked on the first web interface of qbitorrent, the selected connection is well tun so I am well under bpn I think.

[alexbelgium]

Hi, if you use openvpn as normal mode, the interface is changed to tun0. If you use alt mode, interface is default. In both case, the script checks if qbittorrent is correctly covered by vpn at boot, and stops the addon if it is misconfigured.glas to now everything goes fine! I'll close the issue. Thanks for the feedback and support!