Skip to content
This repository has been archived by the owner on Mar 16, 2024. It is now read-only.

Can't set subnets for kill switch #88

Open
DaveShamon opened this issue Jan 7, 2023 · 0 comments
Open

Can't set subnets for kill switch #88

DaveShamon opened this issue Jan 7, 2023 · 0 comments

Comments

@DaveShamon
Copy link

Hi, I need help with setting variable SUBNETS and firewall.
I tried different combinations and it doesn't work with kill switch but it's working without kill switch.
I have this error (started with kill switch):

docker-1       | --- Running with the following variables ---
docker-1       | VPN configuration file: server.ovpn
docker-1       | Use default resolv.conf: on
docker-1       | Allowing subnets: 192.168.0.0/24,172.30.0.0/16,37.19.199.134/32,0.0.0.0/1,128.0.0.0/1,10.16.0.14/16
docker-1      | Kill switch: iptables
docker-1       | Using OpenVPN log level: 3
docker-1      | ---
docker-1       | 
docker-1       | info: original configuration file: vpn/server.ovpn
docker-1       | info: modified configuration file: vpn/openvpn.eNG5PWKX.conf
docker-1       | info: kill switch is using iptables
docker-1       | iptables v1.8.8 (legacy): host/network `192.168.64.0/20
docker-1      | 192.168.80.0' not found
docker-1      | Try `iptables -h' or 'iptables --help' for more information.
Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: can't get final child's PID from pipe: EOF: unknown

Openvpn logs (working without kill switch):

docker-1      | 2023-01-07 09:49:14 ROUTE_GATEWAY 192.168.160.1/255.255.240.0 IFACE=eth0 HWADDR=02:42:xx:a8:a0:xx
docker-1       | 2023-01-07 09:49:14 TUN/TAP device tun0 opened
docker-1       | 2023-01-07 09:49:14 /sbin/ip link set dev tun0 up mtu 1500
docker-1       | 2023-01-07 09:49:14 /sbin/ip link set dev tun0 up
docker-1       | 2023-01-07 09:49:14 /sbin/ip addr add dev tun0 10.16.0.7/16
docker-1       | 2023-01-07 09:49:14 /etc/openvpn/up.sh tun0 1500 1584 10.16.0.7 255.255.0.0 init
docker-1       | 2023-01-07 09:49:14 /sbin/ip route add 37.19.199.134/32 via 192.168.160.1
docker-1       | 2023-01-07 09:49:14 /sbin/ip route add 0.0.0.0/1 via 10.16.0.1
docker-1       | 2023-01-07 09:49:14 /sbin/ip route add 128.0.0.0/1 via 10.16.0.1

Could you advice sittings for SUBNETS in this case?
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DaveShamon