Bug: Wireguard not working after v3.35.0

[ddevilbissjr]

Is this urgent?

No

Host OS

Unraid

CPU arch

x86_64

VPN service provider

Custom

What are you using to run the container

docker run

What is the version of Gluetun

2023-08-11T11:08:54.752Z (commit e556871)

What's the problem 🤔

I have an issue where this block of text will keep on repeating:

2023-08-24T00:25:14-07:00 INFO [healthcheck] program has been unhealthy for 36s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)

2023-08-24T00:25:14-07:00 INFO [vpn] stopping

2023-08-24T00:25:14-07:00 DEBUG [wireguard] closing controller client...

2023-08-24T00:25:14-07:00 DEBUG [wireguard] removing IPv4 rule...

2023-08-24T00:25:14-07:00 DEBUG [wireguard] shutting down link...

2023-08-24T00:25:14-07:00 DEBUG [wireguard] deleting link...

2023-08-24T00:25:14-07:00 INFO [vpn] starting

2023-08-24T00:25:14-07:00 DEBUG [wireguard] Wireguard server public key: pD8KPLHTUnyGvfZxSZn5mgedaIZIr+CV8Ci264WdEWU=

2023-08-24T00:25:14-07:00 DEBUG [wireguard] Wireguard client private key: 2Ia...0s=

2023-08-24T00:25:14-07:00 DEBUG [wireguard] Wireguard pre-shared key: [not set]

2023-08-24T00:25:14-07:00 INFO [firewall] allowing VPN connection...

2023-08-24T00:25:14-07:00 INFO [wireguard] Using available kernelspace implementation

2023-08-24T00:25:14-07:00 INFO [wireguard] Connecting to 146.70.195.34:51820

2023-08-24T00:25:14-07:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.

Logs are not telling me what's preventing the vpn from connecting. My setup has been working with no issues for a long time, randomly no longer works.

Share your logs

========================================
08/24/2023 12:15:50 AM
========================================
08/24/2023 12:15:50 AM
=============== gluetun ================
08/24/2023 12:15:50 AM
========================================
08/24/2023 12:15:50 AM
=========== Made with ❤️ by ============
08/24/2023 12:15:50 AM
======= https://github.com/qdm12 =======
08/24/2023 12:15:50 AM
========================================
08/24/2023 12:15:50 AM
========================================
08/24/2023 12:15:50 AM
08/24/2023 12:15:50 AM
Running version latest built on 2023-08-11T11:08:54.752Z (commit e556871)
08/24/2023 12:15:50 AM
08/24/2023 12:15:50 AM
🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
08/24/2023 12:15:50 AM
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
08/24/2023 12:15:50 AM
✨ New feature? https://github.com/qdm12/gluetun/issues/new
08/24/2023 12:15:50 AM
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
08/24/2023 12:15:50 AM
💻 Email? [email protected]
08/24/2023 12:15:50 AM
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] local ethernet link found: eth0
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] local ipnet found: 172.19.0.0/16
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] enabling...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --policy INPUT DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --policy OUTPUT DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --policy FORWARD DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --policy INPUT DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --policy OUTPUT DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --policy FORWARD DROP
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i lo -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i lo -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o lo -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append OUTPUT -o lo -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.19.0.2 -d 172.19.0.0/16 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append OUTPUT -o eth0 -d ff02::1:ff/104 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -d 172.19.0.0/16 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] enabled successfully
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [storage] merging by most recent 17692 hardcoded servers and 17692 servers read from /gluetun/servers.json
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [netlink] IPv6 is not supported after searching 0 routes
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO Alpine version: 3.18.3
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO OpenVPN 2.5 version: 2.5.8
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO OpenVPN 2.6 version: 2.6.5
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO Unbound version: 1.17.1
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO IPtables version: v1.8.9
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO Settings summary:
08/24/2023 12:15:50 AM
├── VPN settings:
08/24/2023 12:15:50 AM
|   ├── VPN provider settings:
08/24/2023 12:15:50 AM
|   |   ├── Name: custom
08/24/2023 12:15:50 AM
|   |   └── Server selection settings:
08/24/2023 12:15:50 AM
|   |       ├── VPN type: wireguard
08/24/2023 12:15:50 AM
|   |       └── Wireguard selection settings:
08/24/2023 12:15:50 AM
|   |           ├── Endpoint IP address: 146.70.195.34
08/24/2023 12:15:50 AM
|   |           ├── Endpoint port: 51820
08/24/2023 12:15:50 AM
|   |           └── Server public key: pD8KPLHTUnyGvfZxSZn5mgedaIZIr+CV8Ci264WdEWU=
08/24/2023 12:15:50 AM
|   └── Wireguard settings:
08/24/2023 12:15:50 AM
|       ├── Private key: 2Ia...0s=
08/24/2023 12:15:50 AM
|       ├── Interface addresses:
08/24/2023 12:15:50 AM
|       |   └── 10.2.0.2/32
08/24/2023 12:15:50 AM
|       ├── Allowed IPs:
08/24/2023 12:15:50 AM
|       |   ├── 0.0.0.0/0
08/24/2023 12:15:50 AM
|       |   └── ::/0
08/24/2023 12:15:50 AM
|       └── Network interface: wg0
08/24/2023 12:15:50 AM
|           └── MTU: 1400
08/24/2023 12:15:50 AM
├── DNS settings:
08/24/2023 12:15:50 AM
|   └── Keep existing nameserver(s): yes
08/24/2023 12:15:50 AM
├── Firewall settings:
08/24/2023 12:15:50 AM
|   ├── Enabled: yes
08/24/2023 12:15:50 AM
|   ├── Debug mode: on
08/24/2023 12:15:50 AM
|   ├── Input ports:
08/24/2023 12:15:50 AM
|   |   ├── 7777
08/24/2023 12:15:50 AM
|   |   ├── 9117
08/24/2023 12:15:50 AM
|   |   ├── 7878
08/24/2023 12:15:50 AM
|   |   ├── 8989
08/24/2023 12:15:50 AM
|   |   ├── 8112
08/24/2023 12:15:50 AM
|   |   └── 6767
08/24/2023 12:15:50 AM
|   └── Outbound subnets:
08/24/2023 12:15:50 AM
|       ├── 10.253.0.0/24
08/24/2023 12:15:50 AM
|       ├── 192.168.4.0/24
08/24/2023 12:15:50 AM
|       └── 192.168.7.0/24
08/24/2023 12:15:50 AM
├── Log settings:
08/24/2023 12:15:50 AM
|   └── Log level: DEBUG
08/24/2023 12:15:50 AM
├── Health settings:
08/24/2023 12:15:50 AM
|   ├── Server listening address: 127.0.0.1:9999
08/24/2023 12:15:50 AM
|   ├── Target address: github.com:443
08/24/2023 12:15:50 AM
|   ├── Duration to wait after success: 5s
08/24/2023 12:15:50 AM
|   ├── Read header timeout: 100ms
08/24/2023 12:15:50 AM
|   ├── Read timeout: 500ms
08/24/2023 12:15:50 AM
|   └── VPN wait durations:
08/24/2023 12:15:50 AM
|       ├── Initial duration: 6s
08/24/2023 12:15:50 AM
|       └── Additional duration: 5s
08/24/2023 12:15:50 AM
├── Shadowsocks server settings:
08/24/2023 12:15:50 AM
|   └── Enabled: no
08/24/2023 12:15:50 AM
├── HTTP proxy settings:
08/24/2023 12:15:50 AM
|   └── Enabled: no
08/24/2023 12:15:50 AM
├── Control server settings:
08/24/2023 12:15:50 AM
|   ├── Listening address: :8000
08/24/2023 12:15:50 AM
|   └── Logging: yes
08/24/2023 12:15:50 AM
├── OS Alpine settings:
08/24/2023 12:15:50 AM
|   ├── Process UID: 1000
08/24/2023 12:15:50 AM
|   ├── Process GID: 1000
08/24/2023 12:15:50 AM
|   └── Timezone: america/los_angeles
08/24/2023 12:15:50 AM
├── Public IP settings:
08/24/2023 12:15:50 AM
|   ├── Fetching: every 12h0m0s
08/24/2023 12:15:50 AM
|   └── IP file path: /gluetun/ip
08/24/2023 12:15:50 AM
└── Version settings:
08/24/2023 12:15:50 AM
    └── Enabled: yes
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip rule add from 172.19.0.2/32 lookup 200 pref 100
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] adding route for 0.0.0.0/0
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip route replace 0.0.0.0/0 via 172.19.0.1 dev eth0 table 200
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed subnets...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.19.0.2 -d 10.253.0.0/24 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.19.0.2 -d 192.168.4.0/24 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.19.0.2 -d 192.168.7.0/24 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] adding route for 10.253.0.0/24
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip route replace 10.253.0.0/24 via 172.19.0.1 dev eth0 table 199
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip rule add to 10.253.0.0/24 lookup 199 pref 99
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] adding route for 192.168.4.0/24
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip route replace 192.168.4.0/24 via 172.19.0.1 dev eth0 table 199
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip rule add to 192.168.4.0/24 lookup 199 pref 99
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [routing] adding route for 192.168.7.0/24
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip route replace 192.168.7.0/24 via 172.19.0.1 dev eth0 table 199
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip rule add to 192.168.7.0/24 lookup 199 pref 99
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [routing] ip rule add to 172.19.0.0/16 lookup 254 pref 98
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 7777 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 7777 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 7777 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 7777 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 7777 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 9117 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 9117 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 9117 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 9117 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 9117 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 7878 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 7878 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 7878 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 7878 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 7878 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 8989 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 8989 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 8989 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 8989 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 8989 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 8112 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 8112 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 8112 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 8112 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 8112 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] setting allowed input port 6767 through interface eth0...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p tcp --dport 6767 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p tcp --dport 6767 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -p udp --dport 6767 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append INPUT -i eth0 -p udp --dport 6767 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 WARN [dns] ⚠️⚠️⚠️  keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [http server] http server listening on [::]:8000
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [wireguard] Wireguard server public key: pD8KPLHTUnyGvfZxSZn5mgedaIZIr+CV8Ci264WdEWU=
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [wireguard] Wireguard client private key: 2Ia...0s=
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [wireguard] Wireguard pre-shared key: [not set]
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [firewall] allowing VPN connection...
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -d 146.70.195.34 -o eth0 -p udp -m udp --dport 51820 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [healthcheck] listening on 127.0.0.1:9999
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] iptables --append OUTPUT -o wg0 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 DEBUG [firewall] ip6tables --append OUTPUT -o wg0 -j ACCEPT
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [wireguard] Using available kernelspace implementation
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [wireguard] Connecting to 146.70.195.34:51820
08/24/2023 12:15:50 AM
2023-08-24T00:15:50-07:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [vpn] stopping
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] closing controller client...
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] removing IPv4 rule...
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] shutting down link...
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] deleting link...
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [vpn] starting
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] Wireguard server public key: pD8KPLHTUnyGvfZxSZn5mgedaIZIr+CV8Ci264WdEWU=
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] Wireguard client private key: 2Ia...0s=
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 DEBUG [wireguard] Wireguard pre-shared key: [not set]
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [firewall] allowing VPN connection...
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [wireguard] Using available kernelspace implementation
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [wireguard] Connecting to 146.70.195.34:51820
08/24/2023 12:15:57 AM
2023-08-24T00:15:57-07:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.

Share your configuration

docker run
  -d
  --name='gluetunvpn'
  --net='proxynet'
  -e TZ="America/Los_Angeles"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="TERRA"
  -e HOST_CONTAINERNAME="gluetunvpn"
  -e 'TZ'='America/Los_Angeles'
  -e 'VPN_SERVICE_PROVIDER'='custom'
  -e 'VPN_TYPE'='wireguard'
  -e 'VPN_INTERFACE'='wg0'
  -e 'VPN_ENDPOINT_PORT'=''
  -e 'VPN_ENDPOINT_IP'=''
  -e 'WIREGUARD_IMPLEMENTATION'='auto'
  -e 'WIREGUARD_PRIVATE_KEY'=''
  -e 'WIREGUARD_PRESHARED_KEY'=''
  -e 'WIREGUARD_PUBLIC_KEY'=''
  -e 'WIREGUARD_ADDRESSES'=''
  -e 'FIREWALL'='on'
  -e 'FIREWALL_VPN_INPUT_PORTS'=''
  -e 'FIREWALL_INPUT_PORTS'='7777,9117,7878,8989,8112,6767'
  -e 'FIREWALL_OUTBOUND_SUBNETS'='10.253.0.0/24,192.168.4.0/24,192.168.7.0/24'
  -e 'FIREWALL_DEBUG'='on'
  -e 'LOG_LEVEL'='debug'
  -e 'DOT'='on'
  -e 'DOT_PROVIDERS'='cloudflare'
  -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112'
  -e 'DOT_VERBOSITY'='1'
  -e 'DOT_VERBOSITY_DETAILS'='0'
  -e 'DOT_VALIDATION_LOGLEVEL'='0'
  -e 'DOT_CACHING'='on'
  -e 'DOT_IPV6'='off'
  -e 'BLOCK_MALICIOUS'='on'
  -e 'BLOCK_SURVEILLANCE'='on'
  -e 'BLOCK_ADS'='on'
  -e 'UNBLOCK'=''
  -e 'DNS_UPDATE_PERIOD'='24h'
  -e 'DNS_ADDRESS'=''
  -e 'DNS_KEEP_NAMESERVER'='on'
  -e 'HTTPPROXY'='off'
  -e 'HTTPPROXY_LOG'='off'
  -e 'HTTPPROXY_USER'=''
  -e 'HTTPPROXY_PASSWORD'=''
  -e 'HTTPPROXY_STEALTH'='off'
  -e 'SHADOWSOCKS'='off'
  -e 'SHADOWSOCKS_LOG'='off'
  -e ':8388'=':8388'
  -e 'SHADOWSOCKS_PASSWORD'=''
  -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305'
  -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999'
  -e 'HEALTH_TARGET_ADDRESS'='github.com:443'
  -e 'HEALTH_VPN_DURATION_INITIAL'='6s'
  -e 'HEALTH_VPN_DURATION_ADDITION'='5s'
  -e 'UPDATER_PERIOD'='0'
  -e 'PUBLICIP_FILE'='/gluetun/ip'
  -e 'PUBLICIP_PERIOD'='12h'
  -e 'VERSION_INFORMATION'='on'
  -e 'HTTP_CONTROL_SERVER_LOG'='on'
  -e 'PUID'='1000'
  -e 'PGID'='1000'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:8000]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png'
  -p '8877:8888/tcp'
  -p '7777:7777/tcp'
  -p '9117:9117/tcp'
  -p '7878:7878/tcp'
  -p '8989:8989/tcp'
  -p '8112:8112/tcp'
  -p '6767:6767/tcp'
  -p '8000:8000/tcp'
  -v '/mnt/user/appdata/gluetun':'/gluetun':'rw'
  --cap-add=NET_ADMIN
  --restart always 'qmcgaw/gluetun'

wg0.conf:

[Interface]
# Key for TERRA
# Bouncing = 0
# NetShield = 0
# Moderate NAT = off
# NAT-PMP (Port Forwarding) = off
# VPN Accelerator = on
PrivateKey = 2Ia...0s=
Address = 10.2.0.2/32
DNS = 10.2.0.1

[Peer]
# US-CA#295
PublicKey = pD8KPLHTUnyGvfZxSZn5mgedaIZIr+CV8Ci264WdEWU=
AllowedIPs = 0.0.0.0/0
Endpoint = 146.70.195.34:51820

[legraml]

I am experiencing the same problems. I just can't get any connection working.

[Egonor]

Also having thing this issue. I rolled back to 3.34.1 and it's working again but I don't know what's changed since. Tried setting the new-ish variable WIREGUARD_MTU to what my VPN sets but didn't fix it.

[ddevilbissjr]

Also having thing this issue. I rolled back to 3.34.1 and it's working again but I don't know what's changed since. Tried setting the new-ish variable WIREGUARD_MTU to what my VPN sets but didn't fix it.

I've downgraded to 3.34.3, worked like a charm. Hopefully a patch is released soon.

[qdm12]

@legraml @Egonor @ddevilbissjr what provider are you using?

@Egonor @ddevilbissjr is v3.35.0 working? is the latest image working?

[Egonor]

@qdm12

EDIT: v3.35 does work

TorGuard on Unraid from Community Applications/latest from docker does not work.

Setup with Trash guide and port forwarding, only thing not setup that shows up in debug logs is Wireguard Pre-shared Key: [not-set]. There doesn't seem to be much in the debug logs but if you need me to do something let me know

[qdm12]

The latest image still works for me with Wireguard + Mullvad. @Egonor what provider are you using??

The changes between v3.35.0 and the latest image are listed here: v3.35.0...master
What you can try to figure out what broke your setup is to build a test image for a specific commit from one of those listed.

For example, to build the image corresponding to commit fbe252a

docker build -t qmcgaw/gluetun:test https://github.com/qdm12/gluetun#fbe252a9b60847bdf6ba7309dce7a946c19f9e33

And then you can run qmcgaw/gluetun:test (test tag). You can repeat the process for different commit hashes by re-building the image.

[qdm12]

@Egonor Little weekend ping 😉 This is a blocking issue for the next (long overdued) v3.36 release 🔮

[Egonor]

@qdm12 My provider is TorGuard

I'm running it through Unraid so I setup docker desktop but every version I try is having health check restarts due to "DNS over TLS cannot update files" or "unhealthy: dialing: dial tcp4: lookup cloudflare.com: i/o timeout" so I can't find a good config to even get a baseline to progress from. Even docker pull qmcgaw/gluetun:v3.35

I tried using minimum wireguard values from the wiki and grabbing the whole docker config from unraid but neither work.

[ddevilbissjr]

@Egonor Little weekend ping 😉 This is a blocking issue for the next (long overdued) v3.36 release 🔮

@qdm12 Sorry for the wait, I've been busy moving between moving homes and reconfigurating my server with new HDDs for ZFS. But I haven't changed any settings from previous versions, any newer version v3.35 or newer results in the same error. I'm using ProtonVPN.

[qdm12]

@Egonor

is having health check restarts due to

It's not "due to", it's the VPN connection not working causing these 😉

Even docker pull qmcgaw/gluetun:v3.35

You previously mentioned EDIT: v3.35 does work, so is v3.35.0 working or not?? Does it work with v3.34.3?

@ddevilbissjr no worry for the delay 😉 So it still works with v3.34.3, but not with v3.35.0 or the latest image (make sure you pull it) correct?

Can you try setting WIREGUARD_MTU=1420 see if it solves it?

[Egonor]

@qdm12

v3.35 works for me on UNRAID. I can only pull tagged builds from the dockerhub into Unraid.

So to debug a specific build from Git I download Docker for Desktop on a Windows 10 machine but I can't get ANY build working in this environment. I don't know why other than this bug from the wiki or some networking thing I misconfigured or don't know about in Docker/Windows. I normally only run from Unraid.

All that to say I can't pinpoint a specific merge without other troubleshooting. I tried some of the more recent than v3.35 PR tags on Unraid and they did not work but I don't know what they correspond to.

[Appel-flappen]

also having a similar problem, wireguard custom config fails silently, gives a timeout when trying to reach internic. The same config is working on my router. This is on v3.35.0, amd64

[qdm12]

@Egonor Don't you have ssh access to Unraid and then access to the docker command? 🤔 With Windows, I would guess it's likely bad character escaping for credentials, try within a WSL shell perhaps? Since Wireguard doesn't tell you if credentials are invalid, it might just be that.

Have you tried with WIREGUARD_MTU=1420?

[qdm12]

Any update?

[ddevilbissjr]

Any update?

Hello @qdm12, Ive reinstalled the docker container on UNRAID and still have the same message, but it can finally connect to the VPN with no problems. There may have been older variables used since the template changed, so that may have prevented the container from connecting properly. Thank you for the continued support.

[qdm12]

Ok thanks, I'll close this, if someone encounters this, try updating the Unraid template, or, create another issue 😉 Thanks all!