Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: curl the container gives: Unauthorized #2579

Closed
mooleshacat opened this issue Nov 11, 2024 · 4 comments
Closed

Bug: curl the container gives: Unauthorized #2579

mooleshacat opened this issue Nov 11, 2024 · 4 comments

Comments

@mooleshacat
Copy link

mooleshacat commented Nov 11, 2024

Is this urgent?

Yes

Host OS

Debian 12

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-11-10T10:21:49.567Z (commit 0374c14)

What's the problem 🤔

I have a successful connection to proton, but when I curl the container like so:

root@vps-151c25b9:~/work/gluetun-1# curl --proxy http://127.0.0.1:8000 icanhazip.com
Unauthorized

It also fails if I curl the container directly:

root@vps-151c25b9:~/work/gluetun-1# curl --proxy http://172.26.0.2:8000 icanhazip.com
Unauthorized

Share your logs (at least 10 lines)

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-11-10T10:21:49.567Z (commit 0374c14)

📣 All control server routes will become private by default after the v3.41.0 release

🔧 Need help? ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new/choose
🐛 Bug? ✨ New feature? https://github.com/qdm12/gluetun/issues/new/choose
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-11-11T05:14:08Z INFO [routing] default route found: interface eth0, gateway 172.26.0.1, assigned IP 172.26.0.2 and family v4
2024-11-11T05:14:08Z INFO [routing] local ethernet link found: eth0
2024-11-11T05:14:08Z INFO [routing] local ipnet found: 172.26.0.0/16
2024-11-11T05:14:09Z INFO [firewall] enabling...
2024-11-11T05:14:09Z INFO [firewall] enabled successfully
2024-11-11T05:14:09Z INFO [storage] creating /gluetun/servers.json with 20776 hardcoded servers
2024-11-11T05:14:09Z INFO Alpine version: 3.20.3
2024-11-11T05:14:09Z INFO OpenVPN 2.5 version: 2.5.10
2024-11-11T05:14:09Z INFO OpenVPN 2.6 version: 2.6.11
2024-11-11T05:14:09Z INFO IPtables version: v1.8.10
2024-11-11T05:14:09Z INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: protonvpn
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Countries: united states
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.6
|       ├── User: [set]
|       ├── Password: WG...Qr
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Upstream resolvers:
|       |   └── cloudflare
|       ├── Caching: yes
|       ├── IPv6: no
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: info
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   ├── Logging: yes
|   └── Authentication file path: /gluetun/auth/config.toml
├── Storage settings:
|   └── Filepath: /gluetun/servers.json
├── OS Alpine settings:
|   ├── Process UID: 1000
|   └── Process GID: 1000
├── Public IP settings:
|   ├── IP file path: /tmp/gluetun/ip
|   ├── Public IP data base API: ipinfo
|   └── Public IP data backup APIs:
|       ├── ifconfigco
|       ├── ip2location
|       └── cloudflare
└── Version settings:
    └── Enabled: yes
2024-11-11T05:14:09Z INFO [routing] default route found: interface eth0, gateway 172.26.0.1, assigned IP 172.26.0.2 and family v4
2024-11-11T05:14:09Z INFO [routing] adding route for 0.0.0.0/0
2024-11-11T05:14:09Z INFO [firewall] setting allowed subnets...
2024-11-11T05:14:09Z INFO [routing] default route found: interface eth0, gateway 172.26.0.1, assigned IP 172.26.0.2 and family v4
2024-11-11T05:14:09Z INFO [dns] using plaintext DNS at address 1.1.1.1
2024-11-11T05:14:09Z INFO [http server] http server listening on [::]:8000
2024-11-11T05:14:09Z INFO [healthcheck] listening on 127.0.0.1:9999
2024-11-11T05:14:09Z INFO [firewall] allowing VPN connection...
2024-11-11T05:14:09Z INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-11-11T05:14:09Z INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-11-11T05:14:09Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]149.22.94.1:1194
2024-11-11T05:14:09Z INFO [openvpn] UDPv4 link local: (not bound)
2024-11-11T05:14:09Z INFO [openvpn] UDPv4 link remote: [AF_INET]149.22.94.1:1194
2024-11-11T05:14:09Z INFO [openvpn] [node-us-249.protonvpn.net] Peer Connection Initiated with [AF_INET]149.22.94.1:1194
2024-11-11T05:14:10Z INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-11-11T05:14:10Z INFO [openvpn] TUN/TAP device tun0 opened
2024-11-11T05:14:10Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-11-11T05:14:10Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-11-11T05:14:10Z INFO [openvpn] /sbin/ip addr add dev tun0 10.18.0.3/16
2024-11-11T05:14:10Z INFO [openvpn] UID set to nonrootuser
2024-11-11T05:14:10Z INFO [openvpn] Initialization Sequence Completed
2024-11-11T05:14:10Z INFO [dns] downloading hostnames and IP block lists
2024-11-11T05:14:12Z INFO [http server] 401 GET http://icanhazip.com/ wrote 13B to 172.26.0.1:57326 in 9.28µs
2024-11-11T05:14:15Z INFO [healthcheck] healthy!
2024-11-11T05:14:16Z INFO [dns] DNS server listening on [::]:53
2024-11-11T05:14:17Z INFO [dns] ready
2024-11-11T05:14:17Z INFO [ip getter] Public IP address is 149.22.94.5 (United States, Georgia, Atlanta - source: ipinfo)
2024-11-11T05:14:17Z INFO [vpn] You are running on the bleeding edge of latest!
2024-11-11T05:14:23Z INFO [http server] 401 GET http://icanhazip.com/ wrote 13B to 172.26.0.1:56092 in 9.38µs
2024-11-11T05:16:56Z INFO [http server] 401 GET http://icanhazip.com/ wrote 13B to 172.26.0.1:50998 in 8.66µs

Share your configuration

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun-1
    restart: always
    cap_add:
      - NET_ADMIN
    ports:
      - 8000:8000
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - OPENVPN_USER=*REDACTED*
      - OPENVPN_PASSWORD=*REDACTED*
      - SERVER_COUNTRIES=United States
      - FIREWALL=off
Copy link
Contributor

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

@mooleshacat
Copy link
Author

mooleshacat commented Nov 11, 2024

I realized I was curling the control port so I changed the ports:

    ports:
      - 8000:8000
      - 8888:8888/tcp

I tried port 8888 and got:

curl --proxy http://127.0.0.1:8888 icanhazip.com
curl: (56) Recv failure: Connection reset by peer

@mooleshacat
Copy link
Author

It works now, I had to enable the HTTP proxy:

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun-1
    restart: always
    cap_add:
      - NET_ADMIN
    ports:
      - 8000:8000
      - 8888:8888/tcp
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - OPENVPN_USER=3snDYOT7Exhafw05
      - OPENVPN_PASSWORD=WGMLDbG7PvZKNxcn0njiRMx5rVjQAMQr
      - SERVER_COUNTRIES=United States
      - HTTPPROXY=on

Thanks :)

Copy link
Contributor

Closed issues are NOT monitored, so commenting here is likely to be not seen.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor issues closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant