Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transmission docker port mapping does not show any traffic #2847

Closed
7 of 8 tasks
portah opened this issue May 31, 2024 · 3 comments
Closed
7 of 8 tasks

Transmission docker port mapping does not show any traffic #2847

portah opened this issue May 31, 2024 · 3 comments

Comments

@portah
Copy link

portah commented May 31, 2024
edited
Loading

Is there a pinned issue for this?

  • I have read the pinned issues and could not find my issue

Is there an existing or similar issue/discussion for this?

  • I have searched the existing issues
  • I have searched the existing discussions

Is there any comment in the documentation for this?

  • I have read the documentation, especially the FAQ and Troubleshooting parts

Is this related to a provider?

  • I have checked the provider repo for issues
  • My issue is NOT related to a provider

Are you using the latest release?

  • I am using the latest release

Have you tried using the dev branch latest?

  • I have tried using dev branch

Docker run config used

services:
transmission:
image: haugene/transmission-openvpn:5.3.1
cap_add:
- NET_ADMIN
dns:
- 8.8.8.8
logging:
driver: "json-file"
options:
max-size: "10m"
ports:
- 9092:9092
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
environment:
- CREATE_TUN_DEVICE=true
- OPENVPN_PROVIDER=NORDVPN
- NORDVPN_COUNTRY=US
- ENABLE_UFW=false
- DEBUG=true
- PEER_DNS=false
- TRANSMISSION_RPC_PORT=9092
- HEALTH_CHECK_HOST=github.com
- OPENVPN_USERNAME=
- OPENVPN_PASSWORD=
- TRANSMISSION_HOME=/data/transmission-home
- WEBPROXY_ENABLED=false
- LOCAL_NETWORK=172.16.16.0/24
- OVERRIDE_DNS_1=8.8.8.8
- OVERRIDE_DNS_2=8.8.4.4
volumes:
- /Volumes/data-tank/media/Transmission:/data:rw
deploy:
resources:
limits:
cpus: '1.0'
memory: 100M

Current Behavior

It worked. I did not change anything. It started docker would not have access from container to outside world. That got fixed when I updated to the latest docker (MacOS). But now, I still can't access from host computer the interface. From inside container I can ping outside like partially local network and .
I installed tracepath to better understand what is going on:

# tracepath -n 172.16.16.11
 1?: [LOCALHOST]                      pmtu 1500
 1:  172.28.0.1                                            0.061ms 
 1:  172.28.0.1                                            0.027ms 
 2:  172.16.16.11                                          0.336ms reached
     Resume: pmtu 1500 hops 2 back 2 
# tracepath 172.16.16.1
 1?: [LOCALHOST]                      pmtu 1500
 1:  172.28.0.1                                            0.046ms 
 1:  172.28.0.1                                            0.073ms 
 2:  192.168.64.1                                          0.687ms 
 3:  no reply

172.16.16.11 - hosts IP

Hosts ports not occupied by anything. And netstat shows listen only when image started. So, I'm out of options what to try. I have another image on the same host ownlcoud - and that one works well so this one should but it's not...

Expected Behavior

Would be able on hosts computer to access localhost:9092

How have you tried to solve the problem?

ping, netstat, tracepath changing ports from 9091 to 9092 use webproxy, nothing inside is accessible from outside(host's), no firewall enabled inside container, no firewall on the host system

Log output

Everything started, can do curl localhost:9091/9092 inside the container

HW/SW Environment

- OS: MacOS 13.6.6
- Docker: 4.30

Anything else?

No response
@portah
Copy link
Author

portah commented Jun 1, 2024
edited
Loading

I changed config file added

    stdin_open: true # docker run -i
    tty: true
    entrypoint: /bin/bash

Installed netcat and simply ran nc -l -p 9091 I was able to do curl localhost:9091 from host computer

I use tcpdump and somehow I got this when I connect from browser to the container:

root@0a7576b0434a:/# tcpdump -n -vv port 9091
tcpdump: listening on tun0, link-type RAW (Raw IP), snapshot length 262144 bytes
21:08:46.068940 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    172.21.0.2.9091 > 192.168.65.1.33046: Flags [S.], cksum 0x3146 (correct), seq 3649629815, ack 1450909878, win 31856, options [mss 1460,nop,nop,TS val 2489936396 ecr 4260761409,nop,wscale 7], length 0
21:08:46.068971 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    172.21.0.2.9091 > 192.168.65.1.58640: Flags [S.], cksum 0x19b3 (correct), seq 2115116770, ack 3140000429, win 31856, options [mss 1460,nop,nop,TS val 2489936396 ecr 4260761409,nop,wscale 7], length 0

I do see answers from transmission to the bridge network not to the hosts network which is 172.16.16.0/24. Ok to complete the experiment I stopped start.sh script and did ran nc -l -p 9091 with tcpdump, but now no openvpn runnig and I got this:

root@0a7576b0434a:/# tcpdump -n -vv port 9091
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:14:02.777842 IP (tos 0x0, ttl 63, id 3329, offset 0, flags [none], proto TCP (6), length 60)
    192.168.65.1.16395 > 172.21.0.2.9091: Flags [S], cksum 0x5594 (incorrect -> 0xbc29), seq 4044421293, win 65408, options [mss 65495,nop,nop,TS val 4261125160 ecr 0,nop,wscale 7], length 0
21:14:02.777859 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    172.21.0.2.9091 > 192.168.65.1.16395: Flags [S.], cksum 0xadef (incorrect -> 0x2d53), seq 732761263, ack 4044421294, win 31856, options [mss 1460,nop,nop,TS val 2490253103 ecr 4261125160,nop,wscale 7], length 0
21:14:02.778018 IP (tos 0x0, ttl 63, id 37366, offset 0, flags [none], proto TCP (6), length 52)
    192.168.65.1.16395 > 172.21.0.2.9091: Flags [.], cksum 0x5594 (incorrect -> 0xd38e), seq 1, ack 1, win 511, options [nop,nop,TS val 4261125161 ecr 2490253103], length 0
21:14:02.778089 IP (tos 0x0, ttl 63, id 57463, offset 0, flags [none], proto TCP (6), length 746)
    192.168.65.1.16395 > 172.21.0.2.9091: Flags [P.], cksum 0x5594 (incorrect -> 0x042c), seq 1:695, ack 1, win 4096, options [nop,nop,TS val 4261125161 ecr 2490253103], length 694
21:14:02.778094 IP (tos 0x0, ttl 64, id 36309, offset 0, flags [DF], proto TCP (6), length 52)

So I do see requests from 192.168.65.1 bridge network and responses back from 172.21.0.2 container IP

@pkishino
Copy link
Collaborator

pkishino commented Jun 1, 2024

See here #2723

@pkishino pkishino closed this as completed Jun 1, 2024
@portah portah mentioned this issue Jun 1, 2024
Open
8 tasks
@RalleyD
Copy link

RalleyD commented Oct 3, 2024

See here #2723

I see this has worked for a couple of people but I'm not having such luck. I'm using dev containers to run my containers most of the time so i've added this to the JSON config:

"containerEnv": { "LOCAL_NETWORK" : "192.168.1.0/24,192.168.65.0/24"},

And this environment variable appears when inspecting the container's config.

Perhaps where i'm going wrong is using the wrong local IP address? I assumed it was the 'default' ip address of my host?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@portah @pkishino @RalleyD