Bug: Forwarded port closed and not reopened in firewall during vpn restart due to unhealthy healthcheck #1801

molove · 2023-08-16T16:23:00Z

Is this urgent?

No not any more

Host OS

Debian 12 Bookworm

CPU arch

x86_64

VPN service provider

Private Internet Access

What are you using to run the container

Portainer

What is the version of Gluetun

2023-08-11T11:08:54.752Z (commit e556871)

What's the problem 🤔

When the openvpn connection to private internet access is restarted due to an unhealthy heatlhcheck, the VPN_PORT_FORWARDING_STATUS_FILE is deleted and the forwarded port is closed on the firewall but when the vpn reconnects the port isn't reopened on the firewall and the VPN_PORT_FORWARDING_STATUS_FILE isn't rewritten.
This results in my torrent client just stopping working with no notification which is far from ideal.

This is essentially the same bug as #1749 but happening on openvpn as opposed to wireguard

Share your logs

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================
Running version latest built on 2023-08-11T11:08:54.752Z (commit e556871)
🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2023-08-14T22:11:41+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.2 and family v4
2023-08-14T22:11:41+01:00 INFO [routing] local ethernet link found: eth0
2023-08-14T22:11:41+01:00 INFO [routing] local ipnet found: 172.21.0.0/16
2023-08-14T22:11:41+01:00 INFO [firewall] enabling...
2023-08-14T22:11:41+01:00 INFO [firewall] enabled successfully
2023-08-14T22:11:55+01:00 INFO [storage] merging by most recent 17692 hardcoded servers and 17692 servers read from /gluetun/servers.json
2023-08-14T22:11:58+01:00 INFO Alpine version: 3.18.3
2023-08-14T22:11:58+01:00 INFO OpenVPN 2.5 version: 2.5.8
2023-08-14T22:11:58+01:00 INFO OpenVPN 2.6 version: 2.6.5
2023-08-14T22:11:58+01:00 INFO Unbound version: 1.17.1
2023-08-14T22:11:58+01:00 INFO IPtables version: v1.8.9
2023-08-14T22:11:58+01:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: private internet access
|   |   ├── Server selection settings:
|   |   |   ├── VPN type: openvpn
|   |   |   ├── Regions: uk london, uk southampton
|   |   |   └── OpenVPN server selection settings:
|   |   |       ├── Protocol: UDP
|   |   |       └── Private Internet Access encryption preset: strong
|   |   └── Automatic port forwarding settings:
|   |       ├── Use code for provider: private internet access
|   |       └── Forwarded port file path: /gluetun/forwarded_port
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Private Internet Access encryption preset: strong
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: europe/london
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   └── IP file path: /tmp/gluetun/ip
└── Version settings:
    └── Enabled: yes
2023-08-14T22:11:58+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.2 and family v4
2023-08-14T22:11:58+01:00 INFO [routing] adding route for 0.0.0.0/0
2023-08-14T22:11:58+01:00 INFO [firewall] setting allowed subnets...
2023-08-14T22:11:58+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.2 and family v4
2023-08-14T22:11:58+01:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2023-08-14T22:11:58+01:00 INFO [http server] http server listening on [::]:8000
2023-08-14T22:11:58+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2023-08-14T22:11:58+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:11:59+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:11:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:11:59+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:11:59+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:11:59+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:11:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]212.102.52.67:1197
2023-08-14T22:11:59+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:11:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]212.102.52.67:1197
2023-08-14T22:11:59+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2023-08-14T22:11:59+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-08-14T22:11:59+01:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2023-08-14T22:11:59+01:00 INFO [openvpn] [london413] Peer Connection Initiated with [AF_INET]212.102.52.67:1197
2023-08-14T22:11:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-14T22:11:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-14T22:11:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-14T22:11:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.31.110.89/24
2023-08-14T22:11:59+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-14T22:11:59+01:00 INFO [openvpn] Initialization Sequence Completed
2023-08-14T22:11:59+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:12:00+01:00 INFO [healthcheck] healthy!
2023-08-14T22:12:00+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:12:28+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:54412->127.0.0.1:53: read: connection refused
2023-08-14T22:12:31+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:12:31+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:42596->127.0.0.1:53: read: connection refused
2023-08-14T22:12:31+01:00 INFO [dns] attempting restart in 10s
2023-08-14T22:12:32+01:00 INFO [ip getter] Public IP address is 212.102.52.67 (United Kingdom, England, London)
2023-08-14T22:12:32+01:00 INFO [vpn] You are running on the bleeding edge of latest!
2023-08-14T22:12:32+01:00 INFO [vpn] VPN gateway IP address: 10.31.110.1
2023-08-14T22:12:32+01:00 INFO [port forwarding] Found saved forwarded port data for port 40122
2023-08-14T22:12:32+01:00 INFO [port forwarding] Port forwarded data expires in 60 days
2023-08-14T22:12:32+01:00 INFO [port forwarding] port forwarded is 40122
2023-08-14T22:12:32+01:00 INFO [firewall] setting allowed input port 40122 through interface tun0...
2023-08-14T22:12:32+01:00 INFO [port forwarding] writing port file /gluetun/forwarded_port
2023-08-14T22:12:33+01:00 INFO [healthcheck] healthy!
2023-08-14T22:12:41+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:12:41+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:12:52+01:00 INFO [http server] 200 GET /portforwarded wrote 15B to 192.168.1.204:59184 in 313.893µs
2023-08-14T22:13:04+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:51862->127.0.0.1:53: read: connection refused
2023-08-14T22:13:06+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:13:06+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:57390->127.0.0.1:53: read: connection refused
2023-08-14T22:13:06+01:00 INFO [dns] attempting restart in 20s
2023-08-14T22:13:09+01:00 INFO [healthcheck] healthy!
2023-08-14T22:13:26+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:13:27+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:13:51+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:44080->127.0.0.1:53: read: connection refused
2023-08-14T22:13:56+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:13:56+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:37587->127.0.0.1:53: read: connection refused
2023-08-14T22:13:56+01:00 INFO [dns] attempting restart in 40s
2023-08-14T22:13:56+01:00 INFO [healthcheck] healthy!
2023-08-14T22:14:36+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:14:36+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:14:52+01:00 INFO [http server] 200 GET /ip wrote 252B to 192.168.1.204:49266 in 396.962µs
2023-08-14T22:14:59+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:34338->127.0.0.1:53: read: connection refused
2023-08-14T22:15:01+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:15:01+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:59965->127.0.0.1:53: read: connection refused
2023-08-14T22:15:01+01:00 INFO [dns] attempting restart in 1m20s
2023-08-14T22:15:04+01:00 INFO [healthcheck] healthy!
2023-08-14T22:16:21+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:16:22+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:16:48+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:55319->127.0.0.1:53: read: connection refused
2023-08-14T22:16:49+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:16:49+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:54835->127.0.0.1:53: read: connection refused
2023-08-14T22:16:49+01:00 INFO [dns] attempting restart in 2m40s
2023-08-14T22:16:53+01:00 INFO [healthcheck] healthy!
2023-08-14T22:19:29+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:19:30+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:19:39+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:47954->127.0.0.1:53: read: connection refused
2023-08-14T22:19:45+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:19:45+01:00 INFO [vpn] stopping
2023-08-14T22:19:45+01:00 INFO [port forwarding] stopping
2023-08-14T22:19:45+01:00 INFO [port forwarding] removing port file /gluetun/forwarded_port
2023-08-14T22:19:45+01:00 INFO [firewall] removing allowed port 40122...
2023-08-14T22:19:45+01:00 INFO [vpn] starting
2023-08-14T22:19:45+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:19:45+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:19:45+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:19:45+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:19:45+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:19:45+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:19:45+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.37.90:1197
2023-08-14T22:19:45+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:19:45+01:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.37.90:1197
2023-08-14T22:19:56+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:19:56+01:00 INFO [vpn] stopping
2023-08-14T22:19:56+01:00 INFO [vpn] starting
2023-08-14T22:19:56+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:19:56+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:19:56+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:19:56+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:19:56+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:19:56+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:19:56+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.36.86:1197
2023-08-14T22:19:56+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:19:56+01:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.36.86:1197
2023-08-14T22:20:00+01:00 INFO [dns] init module 0: validator
2023-08-14T22:20:00+01:00 INFO [dns] init module 1: iterator
2023-08-14T22:20:00+01:00 INFO [dns] start of service (unbound 1.17.1).
2023-08-14T22:20:12+01:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:20:12+01:00 INFO [vpn] stopping
2023-08-14T22:20:12+01:00 INFO [vpn] starting
2023-08-14T22:20:12+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:20:13+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:20:13+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:20:13+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:20:13+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:20:13+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:20:13+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.36.86:1197
2023-08-14T22:20:13+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:20:13+01:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.36.86:1197
2023-08-14T22:20:22+01:00 INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2023-08-14T22:20:22+01:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:39250->127.0.0.1:53: i/o timeout
2023-08-14T22:20:22+01:00 INFO [dns] attempting restart in 5m20s
2023-08-14T22:20:33+01:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:20:33+01:00 INFO [vpn] stopping
2023-08-14T22:20:33+01:00 INFO [vpn] starting
2023-08-14T22:20:33+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:20:34+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:20:34+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:20:34+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:20:34+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:20:34+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:20:34+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.37.78:1197
2023-08-14T22:20:34+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:20:34+01:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.37.78:1197
2023-08-14T22:21:00+01:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:21:00+01:00 INFO [vpn] stopping
2023-08-14T22:21:00+01:00 INFO [vpn] starting
2023-08-14T22:21:00+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:21:00+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:21:00+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:21:00+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:21:00+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:21:00+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:21:00+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]181.215.176.31:1197
2023-08-14T22:21:00+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:21:00+01:00 INFO [openvpn] UDP link remote: [AF_INET]181.215.176.31:1197
2023-08-14T22:21:00+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2023-08-14T22:21:00+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-08-14T22:21:00+01:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2023-08-14T22:21:00+01:00 INFO [openvpn] [london407] Peer Connection Initiated with [AF_INET]181.215.176.31:1197
2023-08-14T22:21:00+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-14T22:21:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-14T22:21:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-14T22:21:00+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.29.110.221/24
2023-08-14T22:21:00+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-14T22:21:00+01:00 INFO [openvpn] Initialization Sequence Completed
2023-08-14T22:21:00+01:00 INFO [vpn] VPN gateway IP address: 10.29.110.1
2023-08-14T22:21:00+01:00 INFO [port forwarding] starting
2023-08-14T22:21:00+01:00 INFO [port forwarding] Found saved forwarded port data for port 40122
2023-08-14T22:21:00+01:00 INFO [port forwarding] Port forwarded data expires in 60 days
2023-08-14T22:21:00+01:00 INFO [port forwarding] port forwarded is 40122
2023-08-14T22:21:00+01:00 INFO [firewall] setting allowed input port 40122 through interface tun0...
2023-08-14T22:21:00+01:00 INFO [port forwarding] writing port file /gluetun/forwarded_port
2023-08-14T22:21:00+01:00 INFO [ip getter] Public IP address is 181.215.176.31 (United Kingdom, England, London)
2023-08-14T22:21:01+01:00 INFO [healthcheck] healthy!
2023-08-14T22:25:42+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-14T22:25:43+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-14T22:25:52+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:46172->127.0.0.1:53: read: connection refused
2023-08-14T22:26:00+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:26:00+01:00 INFO [vpn] stopping
2023-08-14T22:26:00+01:00 INFO [port forwarding] stopping
2023-08-14T22:26:00+01:00 INFO [port forwarding] removing port file /gluetun/forwarded_port
2023-08-14T22:26:00+01:00 INFO [firewall] removing allowed port 40122...
2023-08-14T22:26:00+01:00 INFO [vpn] starting
2023-08-14T22:26:00+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:26:00+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:26:00+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:26:01+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:26:01+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:26:01+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:26:01+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.36.86:1197
2023-08-14T22:26:01+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:26:01+01:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.36.86:1197
2023-08-14T22:26:11+01:00 INFO [dns] init module 0: validator
2023-08-14T22:26:11+01:00 INFO [dns] init module 1: iterator
2023-08-14T22:26:11+01:00 INFO [dns] start of service (unbound 1.17.1).
2023-08-14T22:26:12+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-14T22:26:12+01:00 INFO [vpn] stopping
2023-08-14T22:26:12+01:00 INFO [vpn] starting
2023-08-14T22:26:12+01:00 INFO [firewall] allowing VPN connection...
2023-08-14T22:26:12+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-14T22:26:12+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-14T22:26:12+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-14T22:26:12+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-14T22:26:12+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-14T22:26:12+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]181.215.176.26:1197
2023-08-14T22:26:12+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-14T22:26:12+01:00 INFO [openvpn] UDP link remote: [AF_INET]181.215.176.26:1197
2023-08-14T22:26:12+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2023-08-14T22:26:12+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-08-14T22:26:12+01:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2023-08-14T22:26:12+01:00 INFO [openvpn] [london407] Peer Connection Initiated with [AF_INET]181.215.176.26:1197
2023-08-14T22:26:12+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-14T22:26:12+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-14T22:26:12+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-14T22:26:12+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.24.110.226/24
2023-08-14T22:26:12+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-14T22:26:12+01:00 INFO [openvpn] Initialization Sequence Completed
2023-08-14T22:26:12+01:00 INFO [vpn] VPN gateway IP address: 10.24.110.1
2023-08-14T22:26:12+01:00 INFO [port forwarding] starting
2023-08-14T22:26:12+01:00 INFO [port forwarding] Found saved forwarded port data for port 40122
2023-08-14T22:26:12+01:00 INFO [port forwarding] Port forwarded data expires in 60 days
2023-08-14T22:26:12+01:00 INFO [port forwarding] port forwarded is 40122
2023-08-14T22:26:12+01:00 INFO [firewall] setting allowed input port 40122 through interface tun0...
2023-08-14T22:26:12+01:00 INFO [port forwarding] writing port file /gluetun/forwarded_port
2023-08-14T22:26:14+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-14T22:26:14+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-14T22:26:14+01:00 INFO [healthcheck] healthy!
2023-08-14T22:26:14+01:00 INFO [dns] ready
2023-08-14T22:26:14+01:00 INFO [ip getter] Public IP address is 181.215.176.26 (United Kingdom, England, London)
2023-08-15T01:17:32+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T03:47:37+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T06:26:22+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T09:25:59+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T10:11:59+01:00 INFO [ip getter] Public IP address is 181.215.176.26 (United Kingdom, England, London)
2023-08-15T11:59:39+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T14:39:17+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T17:25:54+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T20:03:06+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T22:11:58+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-15T22:11:59+01:00 INFO [ip getter] Public IP address is 181.215.176.26 (United Kingdom, England, London)
2023-08-15T22:12:00+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-15T22:12:08+01:00 INFO [dns] stopping
2023-08-15T22:12:08+01:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2023-08-15T22:12:08+01:00 INFO [dns] starting
2023-08-15T22:12:08+01:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-15T22:12:08+01:00 INFO [dns] downloading hostnames and IP block lists
2023-08-15T22:12:22+01:00 INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com: i/o timeout
2023-08-15T22:12:30+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-15T22:12:30+01:00 INFO [vpn] stopping
2023-08-15T22:12:30+01:00 INFO [port forwarding] stopping
2023-08-15T22:12:30+01:00 INFO [port forwarding] removing port file /gluetun/forwarded_port
2023-08-15T22:12:30+01:00 INFO [firewall] removing allowed port 40122...
2023-08-15T22:12:30+01:00 INFO [vpn] starting
2023-08-15T22:12:30+01:00 INFO [firewall] allowing VPN connection...
2023-08-15T22:12:30+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-15T22:12:30+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-15T22:12:30+01:00 INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2023-08-15T22:12:30+01:00 INFO [openvpn] MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
2023-08-15T22:12:30+01:00 INFO [openvpn] -----END X509 CRL-----
2023-08-15T22:12:30+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]181.215.176.15:1197
2023-08-15T22:12:30+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-15T22:12:30+01:00 INFO [openvpn] UDP link remote: [AF_INET]181.215.176.15:1197
2023-08-15T22:12:30+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2023-08-15T22:12:30+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-08-15T22:12:30+01:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2023-08-15T22:12:30+01:00 INFO [openvpn] [london407] Peer Connection Initiated with [AF_INET]181.215.176.15:1197
2023-08-15T22:12:30+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-15T22:12:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-15T22:12:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-15T22:12:30+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.13.110.234/24
2023-08-15T22:12:30+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-15T22:12:30+01:00 INFO [openvpn] Initialization Sequence Completed
2023-08-15T22:12:37+01:00 INFO [dns] init module 0: validator
2023-08-15T22:12:37+01:00 INFO [dns] init module 1: iterator
2023-08-15T22:12:37+01:00 INFO [dns] start of service (unbound 1.17.1).
2023-08-15T22:12:37+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T22:12:37+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-15T22:12:38+01:00 INFO [dns] ready
2023-08-15T22:12:38+01:00 INFO [vpn] VPN gateway IP address: 10.13.110.1
2023-08-15T22:12:38+01:00 INFO [ip getter] Public IP address is 181.215.176.15 (United Kingdom, England, London)
2023-08-15T22:12:38+01:00 INFO [healthcheck] healthy!
2023-08-16T00:42:57+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T03:22:48+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T06:02:26+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T08:41:43+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T10:11:16+01:00 INFO [ip getter] Public IP address is 181.215.176.15 (United Kingdom, England, London)
2023-08-16T11:25:51+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T14:03:00+01:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-08-16T15:24:57+01:00 INFO [http server] 200 GET /portforwarded wrote 11B to 192.168.1.204:49886 in 113.591µs
2023-08-16T15:25:13+01:00 INFO [http server] 200 GET /ip wrote 214B to 192.168.1.204:46360 in 173.942µs

Share your configuration

version: "3"
# static ip network
networks:
  gluetun_network:
    driver: bridge
    ipam:
     config:
       - subnet: *.*.*.*/16
         gateway: *.*.*.1 
# end static ip network
services:
  #
  #
  gluetun:
    image: qmcgaw/private-internet-access
    container_name: gluetun
    # line above must be uncommented to allow external containers to connect.
    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
    # static ip
    networks:
      gluetun_network:
        ipv4_address: *.*.*.*
    # end static ip    
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8000:8000/tcp # HTTP control server
      # Deluge Port mappings
      - 8112:8112
      - 6881:6881
      - 6881:6881/udp
      - 58846:58846
     
    volumes:
      - /hostlocation/gluetun:/gluetun
    environment:
      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
      - VPN_SERVICE_PROVIDER=private internet access
      - VPN_TYPE=openvpn
      # OpenVPN:
      - OPENVPN_USER=*******
      - OPENVPN_PASSWORD=********
      - SERVER_REGIONS=UK London,UK Southampton
      # Wireguard:
      # - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU=
      # - WIREGUARD_ADDRESSES=10.64.222.21/32
      # Timezone for accurate log times
      - TZ=Europe/London
      # Server list updater
      # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
      # - UPDATER_PERIOD=
      # Port forwarding
      - VPN_PORT_FORWARDING=on
      - VPN_PORT_FORWARDING_STATUS_FILE=/gluetun/forwarded_port
      - VPN_PORT_FORWARDING_PROVIDER=private internet access
      - LOG_LEVEL=info
  #
  #

The text was updated successfully, but these errors were encountered:

visualies · 2023-09-03T12:45:52Z

Same issue here using proton vpn, wireguard and port forwarding.

molove · 2023-09-08T00:41:26Z

I never managed to get a stable connection with PIA through gluetun. I was having to restart all of my containers multiple times a day trying to get a forwarded port.
When I came across this #612 (comment) I had to check it out.
I spun up the thrnz /docker-wireguard-pia and I've had a rock solid connection ever since.
It's a shame gluetun didn't work for me.

synfinatic · 2023-09-16T16:56:47Z

Same problem here with Proton and OpenVPN 2.6. VPN is stable for hours or maybe a couple of days max. Using the REST API to restart the VPN doesn't solve the problem and have to restart the gluetun container.

qdm12 · 2023-09-20T14:51:56Z

See #1749 (comment) and please report on #1749 thanks!

qdm12 · 2023-09-23T13:33:04Z

Fixed in 7120141 (latest image and future release v3.36.0)

akutruff · 2023-09-25T21:13:26Z

This may still be an issue. I put details in the new issue at the bottom, sorry.
#1882

qdm12 · 2023-09-26T13:51:23Z

@akutruff what version are you running?? It's written at the top of your logs. Are you sure you pulled the latest image 🤔

akutruff · 2023-09-26T14:03:03Z

For these issues I am running the docker image for pr-1874 and have been pulling periodically. Docker image: qmcgaw/gluetun:pr-1874

gluetun                   | Running version pr-1874 built on 2023-09-23T07:57:43.154Z (commit 11d3c20)

Please let me know if there's a different image to try. From our previous discussions I assumed I should stay on this version.

akutruff · 2023-09-27T14:14:33Z

@qdm12

FYI, I increased the health check intervals and I have had stable connection and stable port forwarding for almost 24 hours now. I am using the latest image tag. If I return to the default intervals, health checks will fail and the port forwarding will be lost.

Note: 10.2.0.1 is the Proton supplied DNS, and I turned off DOT as well.

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
      - MKNOD
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
      - VPN_ENDPOINT_IP=***
      - VPN_ENDPOINT_PORT=51820
      - VPN_PORT_FORWARDING_PROVIDER=protonvpn
      - WIREGUARD_PRIVATE_KEY=***
      - WIREGUARD_PUBLIC_KEY=***
      - WIREGUARD_ADDRESSES=10.2.0.2/32
      - VPN_PORT_FORWARDING=on
      - DNS_ADDRESS=10.2.0.1
      - DOT=off
      - HEALTH_VPN_DURATION_INITIAL=60s
      - HEALTH_SUCCESS_WAIT_DURATION=60s
    restart: always

synfinatic mentioned this issue Sep 17, 2023

REST endpoint for external monitoring synfinatic/rss4transmission#21

Open

qdm12 closed this as completed Sep 23, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bug: Forwarded port closed and not reopened in firewall during vpn restart due to unhealthy healthcheck #1801

Bug: Forwarded port closed and not reopened in firewall during vpn restart due to unhealthy healthcheck #1801

molove commented Aug 16, 2023 •

edited

Loading

visualies commented Sep 3, 2023

molove commented Sep 8, 2023

synfinatic commented Sep 16, 2023

qdm12 commented Sep 20, 2023

qdm12 commented Sep 23, 2023

akutruff commented Sep 25, 2023

qdm12 commented Sep 26, 2023

akutruff commented Sep 26, 2023

akutruff commented Sep 27, 2023

Bug: Forwarded port closed and not reopened in firewall during vpn restart due to unhealthy healthcheck #1801

Bug: Forwarded port closed and not reopened in firewall during vpn restart due to unhealthy healthcheck #1801

Comments

molove commented Aug 16, 2023 • edited Loading

Is this urgent?

Host OS

CPU arch

VPN service provider

What are you using to run the container

What is the version of Gluetun

What's the problem 🤔

Share your logs

Share your configuration

visualies commented Sep 3, 2023

molove commented Sep 8, 2023

synfinatic commented Sep 16, 2023

qdm12 commented Sep 20, 2023

qdm12 commented Sep 23, 2023

akutruff commented Sep 25, 2023

qdm12 commented Sep 26, 2023

akutruff commented Sep 26, 2023

akutruff commented Sep 27, 2023

molove commented Aug 16, 2023 •

edited

Loading