Bug: Renewing Port Restart Gluetun Container using ProtonVPN

[asen23]

Is this urgent?

Yes

Host OS

Fedora Linux 40 (Server Edition)

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-05-18T18:08:57.405Z (commit 4218dba)

What's the problem 🤔

Whenever the port change it crash the container and restart it causing my other service that depends on gluetun to lose connection. I think it is the same problem with #2274

here is the triggering crash

ERROR port forwarding loop crashed: stopping previous service: blocking previous port in firewall: removing allowed port 33982 on interface tun0: command failed: "iptables --delete INPUT -i tun0 -p tcp --dport 33982 -j ACCEPT": iptables: Bad rule (does a matching rule exist in that chain?).: exit status 1

i also saw other error/warn log but im not sure how related

2024-06-01T13:34:52+07:00 ERROR [vpn] port forwarding for the first time: getting external IPv4 address: executing remote procedure call: writing to connection: write udp 10.23.0.4:52873->10.23.0.1:5351: write: operation not permitted
2024-06-01T14:19:29+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNR]: Host is unreachable (fd=4,code=113)
2024-06-01T14:55:10+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:56:12+07:00 ERROR [vpn] getting public IP address information: fetching information: Get "https://ipinfo.io/": context canceled
2024-06-01T15:00:07+07:00 WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: server misbehaving
2024-06-01T15:00:32+07:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

also some unrelated issue, it sometimes take a long time to connect so i added start_period to prevent timeout when starting docker compose

Share your logs (at least 10 lines)

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-05-18T18:08:57.405Z (commit 4218dba)

🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? [email protected]
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-06-01T14:55:05+07:00 INFO [routing] default route found: interface eth0, gateway 172.28.0.1, assigned IP 172.28.0.2 and family v4
2024-06-01T14:55:05+07:00 INFO [routing] local ethernet link found: eth0
2024-06-01T14:55:05+07:00 INFO [routing] local ipnet found: 172.28.0.0/16
2024-06-01T14:55:05+07:00 INFO [firewall] enabling...
2024-06-01T14:55:05+07:00 INFO [firewall] enabled successfully
2024-06-01T14:55:05+07:00 INFO [storage] merging by most recent 19425 hardcoded servers and 19425 servers read from /gluetun/servers.json
2024-06-01T14:55:05+07:00 INFO Alpine version: 3.19.1
2024-06-01T14:55:05+07:00 INFO OpenVPN 2.5 version: 2.5.8
2024-06-01T14:55:05+07:00 INFO OpenVPN 2.6 version: 2.6.8
2024-06-01T14:55:05+07:00 INFO Unbound version: 1.20.0
2024-06-01T14:55:05+07:00 INFO IPtables version: v1.8.10
2024-06-01T14:55:05+07:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: protonvpn
|   |   ├── Server selection settings:
|   |   |   ├── VPN type: openvpn
|   |   |   ├── Countries: Singapore
|   |   |   └── OpenVPN server selection settings:
|   |   |       └── Protocol: UDP
|   |   └── Automatic port forwarding settings:
|   |       ├── Redirection listening port: disabled
|   |       ├── Use port forwarding code for current provider
|   |       └── Forwarded port file path: /tmp/gluetun/forwarded_port
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.6
|       ├── User: [set]
|       ├── Password: M...JP
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: info
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: Asia/Jakarta
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-06-01T14:55:05+07:00 INFO [routing] default route found: interface eth0, gateway 172.28.0.1, assigned IP 172.28.0.2 and family v4
2024-06-01T14:55:05+07:00 INFO [routing] adding route for 0.0.0.0/0
2024-06-01T14:55:05+07:00 INFO [firewall] setting allowed subnets...
2024-06-01T14:55:05+07:00 INFO [routing] default route found: interface eth0, gateway 172.28.0.1, assigned IP 172.28.0.2 and family v4
2024-06-01T14:55:05+07:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-06-01T14:55:05+07:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-06-01T14:55:05+07:00 INFO [http server] http server listening on [::]:8000
2024-06-01T14:55:05+07:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-06-01T14:55:05+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:55:05+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:55:05+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:55:05+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]103.107.199.194:1194
2024-06-01T14:55:05+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:55:05+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]103.107.199.194:1194
2024-06-01T14:55:10+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:55:11+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-01T14:55:11+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:55:11+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:55:11+07:00 INFO [vpn] stopping
2024-06-01T14:55:11+07:00 INFO [vpn] starting
2024-06-01T14:55:11+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:55:11+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:55:11+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:55:11+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]103.107.198.210:1194
2024-06-01T14:55:11+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:55:11+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]103.107.198.210:1194
2024-06-01T14:55:22+07:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-06-01T14:55:22+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:55:22+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:55:22+07:00 INFO [vpn] stopping
2024-06-01T14:55:22+07:00 INFO [vpn] starting
2024-06-01T14:55:22+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:55:22+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:55:22+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:55:22+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.56:1194
2024-06-01T14:55:22+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:55:22+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]185.159.157.56:1194
2024-06-01T14:55:26+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:55:33+07:00 INFO [openvpn] [node-in-06.protonvpn.net] Peer Connection Initiated with [AF_INET]185.159.157.56:1194
2024-06-01T14:55:35+07:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-01T14:55:35+07:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-06-01T14:55:35+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-01T14:55:35+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-01T14:55:35+07:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.21.0.3/16
2024-06-01T14:55:35+07:00 INFO [openvpn] UID set to nonrootuser
2024-06-01T14:55:35+07:00 INFO [openvpn] Initialization Sequence Completed
2024-06-01T14:55:35+07:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-06-01T14:55:36+07:00 INFO [healthcheck] healthy!
2024-06-01T14:55:49+07:00 INFO [dns] downloading hostnames and IP block lists
2024-06-01T14:55:54+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:55:57+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-01T14:55:57+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:55:57+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:55:57+07:00 INFO [vpn] stopping
2024-06-01T14:55:57+07:00 ERROR [vpn] getting public IP address information: context canceled
2024-06-01T14:55:57+07:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2024-06-01T14:55:57+07:00 INFO [port forwarding] starting
2024-06-01T14:55:57+07:00 ERROR [vpn] port forwarding for the first time: getting external IPv4 address: executing remote procedure call: writing to connection: write udp 10.21.0.3:46140->10.21.0.1:5351: write: operation not permitted
2024-06-01T14:55:57+07:00 INFO [vpn] starting
2024-06-01T14:55:57+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:55:57+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:55:57+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:55:57+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.187:1194
2024-06-01T14:55:57+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:55:57+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]185.159.157.187:1194
2024-06-01T14:55:59+07:00 WARN [dns] Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-hostnames.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.21.0.3:48639->1.1.1.1:53: i/o timeout
2024-06-01T14:55:59+07:00 WARN [dns] Get "https://raw.githubusercontent.com/qdm12/files/master/malicious-ips.updated": dial tcp: lookup raw.githubusercontent.com on 1.1.1.1:53: read udp 10.21.0.3:48639->1.1.1.1:53: i/o timeout
2024-06-01T14:55:59+07:00 INFO [dns] init module 0: validator
2024-06-01T14:55:59+07:00 INFO [dns] init module 1: iterator
2024-06-01T14:55:59+07:00 INFO [dns] start of service (unbound 1.20.0).
2024-06-01T14:56:02+07:00 INFO [openvpn] [node-sg-14.protonvpn.net] Peer Connection Initiated with [AF_INET]185.159.157.187:1194
2024-06-01T14:56:02+07:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-01T14:56:02+07:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-06-01T14:56:02+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-01T14:56:02+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-01T14:56:02+07:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.20.0.5/16
2024-06-01T14:56:02+07:00 INFO [openvpn] UID set to nonrootuser
2024-06-01T14:56:02+07:00 INFO [openvpn] Initialization Sequence Completed
2024-06-01T14:56:05+07:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-01T14:56:07+07:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-01T14:56:12+07:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-06-01T14:56:12+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:56:12+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:56:12+07:00 INFO [vpn] stopping
2024-06-01T14:56:12+07:00 ERROR [vpn] getting public IP address information: fetching information: Get "https://ipinfo.io/": context canceled
2024-06-01T14:56:12+07:00 INFO [port forwarding] starting
2024-06-01T14:56:12+07:00 INFO [vpn] starting
2024-06-01T14:56:12+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:56:12+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:56:12+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:56:12+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]103.107.199.162:1194
2024-06-01T14:56:12+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:56:12+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]103.107.199.162:1194
2024-06-01T14:56:12+07:00 INFO [openvpn] read UDPv4 [ECONNREFUSED]: Connection refused (fd=4,code=111)
2024-06-01T14:56:12+07:00 ERROR [vpn] port forwarding for the first time: getting external IPv4 address: executing remote procedure call: writing to connection: write udp 10.20.0.5:41699->10.20.0.1:5351: write: network is unreachable
2024-06-01T14:56:14+07:00 INFO [openvpn] read UDPv4 [ECONNREFUSED]: Connection refused (fd=4,code=111)
2024-06-01T14:56:14+07:00 INFO [dns] ready
2024-06-01T14:56:18+07:00 INFO [openvpn] read UDPv4 [ECONNREFUSED]: Connection refused (fd=4,code=111)
2024-06-01T14:56:26+07:00 INFO [openvpn] read UDPv4 [ECONNREFUSED]: Connection refused (fd=4,code=111)
2024-06-01T14:56:32+07:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-06-01T14:56:32+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:56:32+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:56:32+07:00 INFO [vpn] stopping
2024-06-01T14:56:32+07:00 INFO [vpn] starting
2024-06-01T14:56:32+07:00 INFO [firewall] allowing VPN connection...
2024-06-01T14:56:32+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-01T14:56:32+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-01T14:56:32+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.57:1194
2024-06-01T14:56:32+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-01T14:56:32+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]185.159.157.57:1194
2024-06-01T14:56:35+07:00 INFO [openvpn] [node-de-18.protonvpn.net] Peer Connection Initiated with [AF_INET]185.159.157.57:1194
2024-06-01T14:56:37+07:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-01T14:56:37+07:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-06-01T14:56:37+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-01T14:56:37+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-01T14:56:37+07:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.25.0.3/16
2024-06-01T14:56:37+07:00 INFO [openvpn] UID set to nonrootuser
2024-06-01T14:56:37+07:00 INFO [openvpn] Initialization Sequence Completed
2024-06-01T14:56:38+07:00 INFO [ip getter] Public IP address is 149.88.19.227 (Germany, Hesse, Frankfurt am Main)
2024-06-01T14:56:38+07:00 INFO [port forwarding] starting
2024-06-01T14:56:39+07:00 INFO [port forwarding] gateway external IPv4 address is 149.88.19.227
2024-06-01T14:56:40+07:00 INFO [healthcheck] healthy!
2024-06-01T14:56:40+07:00 INFO [port forwarding] port forwarded is 49115
2024-06-01T14:56:40+07:00 INFO [firewall] setting allowed input port 49115 through interface tun0...
2024-06-01T14:56:40+07:00 INFO [port forwarding] writing port file /tmp/gluetun/forwarded_port
2024-06-01T14:56:49+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:56:52+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-01T14:56:53+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-01T14:56:53+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-01T14:56:53+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-01T14:56:53+07:00 INFO [vpn] stopping
2024-06-01T14:56:53+07:00 INFO [port forwarding] stopping
2024-06-01T14:56:53+07:00 INFO [firewall] removing allowed port 49115...
2024-06-01T14:56:53+07:00 ERROR port forwarding loop crashed: stopping previous service: blocking previous port in firewall: removing allowed port 49115 on interface tun0: command failed: "iptables --delete INPUT -i tun0 -p tcp --dport 49115 -j ACCEPT": iptables: Bad rule (does a matching rule exist in that chain?).: exit status 1
2024-06-01T14:56:53+07:00 INFO dns ticker: terminated ✔️
2024-06-01T14:56:53+07:00 INFO http server: terminated ✔️
2024-06-01T14:56:53+07:00 INFO updater ticker: terminated ✔️
2024-06-01T14:56:53+07:00 INFO control: terminated ✔️
2024-06-01T14:56:53+07:00 INFO updater: terminated ✔️
2024-06-01T14:56:53+07:00 INFO tickers: terminated ✔️
2024-06-01T14:56:53+07:00 WARN HTTP health server: goroutine shutdown timed out: after 400ms ⚠️
2024-06-01T14:56:54+07:00 WARN vpn: goroutine shutdown timed out: after 1s ⚠️
2024-06-01T14:56:54+07:00 INFO shadowsocks proxy: terminated ✔️
2024-06-01T14:56:54+07:00 INFO http proxy: terminated ✔️
2024-06-01T14:56:55+07:00 INFO unbound: terminated ✔️
2024-06-01T14:56:55+07:00 INFO other: terminated ✔️
2024-06-01T14:56:55+07:00 INFO [routing] routing cleanup...
2024-06-01T14:56:55+07:00 INFO [routing] default route found: interface eth0, gateway 172.28.0.1, assigned IP 172.28.0.2 and family v4
2024-06-01T14:56:55+07:00 INFO [routing] deleting route for 0.0.0.0/0
2024-06-01T14:56:55+07:00 ERROR ordered shutdown timed out: HTTP health server: goroutine shutdown timed out: after 400ms; vpn: goroutine shutdown timed out: after 1s
2024-06-01T14:56:55+07:00 INFO Shutdown successful

Share your configuration

gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    ports:
      - 8080:8080/tcp
      - 8000:8000/tcp
    restart: unless-stopped
    healthcheck:
      start_period: 5m
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - VPN_TYPE=openvpn
      - OPENVPN_USER=[REDACTED]+pmp
      - OPENVPN_PASSWORD=[REDACTED]
      - SERVER_COUNTRIES=Singapore
      - VPN_PORT_FORWARDING=on
      - TZ=Asia/Jakarta

[github-actions]

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

• do not ask for updates, be patient
• 👍 the issue to show your support instead of commenting
  @qdm12 usually checks issues at least once a week, if this is a new urgent bug,
  revert to an older tagged container image

[qdm12]

Can you run with LOG_LEVEL=debug and report back what logs you get? I'm failing to see how this can happen in the code so debug logs showing the iptables commands ran by Gluetun would help me!

[asen23]

Funny enough when i tried to repro the problem, i just wont trigger by itself anymore? then i noticed that to repro the issue, the vpn must be allowed to port forward once then the connection must be unhealthy. So i ran it until it successfully port forwarded and then i disconnected the machine from internet and the bug triggers, anyway here is the log

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-05-18T18:08:57.405Z (commit 4218dba)

🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? [email protected]
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-06-18T13:05:41+07:00 INFO [routing] default route found: interface eth0, gateway 172.29.0.1, assigned IP 172.29.0.2 and family v4
2024-06-18T13:05:41+07:00 INFO [routing] local ethernet link found: eth0
2024-06-18T13:05:41+07:00 INFO [routing] local ipnet found: 172.29.0.0/16
2024-06-18T13:05:42+07:00 INFO [firewall] enabling...
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --policy INPUT DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --policy OUTPUT DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --policy FORWARD DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --policy INPUT DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --policy OUTPUT DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --policy FORWARD DROP
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append INPUT -i lo -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append INPUT -i lo -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append OUTPUT -o lo -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o lo -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.29.0.2 -d 172.29.0.0/16 -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o eth0 -d ff02::1:ff/104 -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append INPUT -i eth0 -d 172.29.0.0/16 -j ACCEPT
2024-06-18T13:05:42+07:00 INFO [firewall] enabled successfully
2024-06-18T13:05:42+07:00 INFO [storage] creating /gluetun/servers.json with 19425 hardcoded servers
2024-06-18T13:05:42+07:00 DEBUG [netlink] IPv6 is not supported after searching 1 routes
2024-06-18T13:05:42+07:00 INFO Alpine version: 3.19.1
2024-06-18T13:05:42+07:00 INFO OpenVPN 2.5 version: 2.5.8
2024-06-18T13:05:42+07:00 INFO OpenVPN 2.6 version: 2.6.8
2024-06-18T13:05:42+07:00 INFO Unbound version: 1.20.0
2024-06-18T13:05:42+07:00 INFO IPtables version: v1.8.10
2024-06-18T13:05:42+07:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: protonvpn
|   |   ├── Server selection settings:
|   |   |   ├── VPN type: openvpn
|   |   |   ├── Countries: Singapore
|   |   |   └── OpenVPN server selection settings:
|   |   |       └── Protocol: UDP
|   |   └── Automatic port forwarding settings:
|   |       ├── Redirection listening port: disabled
|   |       ├── Use port forwarding code for current provider
|   |       └── Forwarded port file path: /tmp/gluetun/forwarded_port
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.6
|       ├── User: [set]
|       ├── Password: M...JP
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: debug
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: Asia/Jakarta
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-06-18T13:05:42+07:00 INFO [routing] default route found: interface eth0, gateway 172.29.0.1, assigned IP 172.29.0.2 and family v4
2024-06-18T13:05:42+07:00 DEBUG [routing] ip rule add from 172.29.0.2/32 lookup 200 pref 100
2024-06-18T13:05:42+07:00 INFO [routing] adding route for 0.0.0.0/0
2024-06-18T13:05:42+07:00 DEBUG [routing] ip route replace 0.0.0.0/0 via 172.29.0.1 dev eth0 table 200
2024-06-18T13:05:42+07:00 INFO [firewall] setting allowed subnets...
2024-06-18T13:05:42+07:00 INFO [routing] default route found: interface eth0, gateway 172.29.0.1, assigned IP 172.29.0.2 and family v4
2024-06-18T13:05:42+07:00 DEBUG [routing] ip rule add to 172.29.0.0/16 lookup 254 pref 98
2024-06-18T13:05:42+07:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-06-18T13:05:42+07:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-06-18T13:05:42+07:00 INFO [http server] http server listening on [::]:8000
2024-06-18T13:05:42+07:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-06-18T13:05:42+07:00 INFO [firewall] allowing VPN connection...
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append OUTPUT -d 185.159.157.139 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:42+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:42+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-18T13:05:42+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-18T13:05:42+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.139:1194
2024-06-18T13:05:42+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-18T13:05:42+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]185.159.157.139:1194
2024-06-18T13:05:48+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-18T13:05:48+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-18T13:05:48+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-18T13:05:48+07:00 INFO [vpn] stopping
2024-06-18T13:05:48+07:00 INFO [vpn] starting
2024-06-18T13:05:48+07:00 INFO [firewall] allowing VPN connection...
2024-06-18T13:05:48+07:00 DEBUG [firewall] iptables --delete OUTPUT -d 185.159.157.139 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:05:48+07:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:48+07:00 DEBUG [firewall] ip6tables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:48+07:00 DEBUG [firewall] iptables --append OUTPUT -d 103.107.198.242 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:05:48+07:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:48+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:48+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-18T13:05:48+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-18T13:05:48+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]103.107.198.242:1194
2024-06-18T13:05:48+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-18T13:05:48+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]103.107.198.242:1194
2024-06-18T13:05:59+07:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-06-18T13:05:59+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-18T13:05:59+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-18T13:05:59+07:00 INFO [vpn] stopping
2024-06-18T13:05:59+07:00 INFO [vpn] starting
2024-06-18T13:05:59+07:00 INFO [firewall] allowing VPN connection...
2024-06-18T13:05:59+07:00 DEBUG [firewall] iptables --delete OUTPUT -d 103.107.198.242 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:05:59+07:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:59+07:00 DEBUG [firewall] ip6tables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:59+07:00 DEBUG [firewall] iptables --append OUTPUT -d 103.107.199.162 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:05:59+07:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:59+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:05:59+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-18T13:05:59+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-18T13:05:59+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]103.107.199.162:1194
2024-06-18T13:05:59+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-18T13:05:59+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]103.107.199.162:1194
2024-06-18T13:06:02+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-18T13:06:14+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH]: Host is unreachable (fd=4,code=113)
2024-06-18T13:06:15+07:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-06-18T13:06:15+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-18T13:06:15+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-18T13:06:15+07:00 INFO [vpn] stopping
2024-06-18T13:06:15+07:00 INFO [vpn] starting
2024-06-18T13:06:15+07:00 INFO [firewall] allowing VPN connection...
2024-06-18T13:06:15+07:00 DEBUG [firewall] iptables --delete OUTPUT -d 103.107.199.162 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:06:15+07:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:15+07:00 DEBUG [firewall] ip6tables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:15+07:00 DEBUG [firewall] iptables --append OUTPUT -d 185.159.157.187 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:06:15+07:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:15+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:15+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-18T13:06:15+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-18T13:06:15+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]185.159.157.187:1194
2024-06-18T13:06:15+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-18T13:06:15+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]185.159.157.187:1194
2024-06-18T13:06:18+07:00 INFO [openvpn] [node-sg-14.protonvpn.net] Peer Connection Initiated with [AF_INET]185.159.157.187:1194
2024-06-18T13:06:25+07:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-18T13:06:25+07:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-06-18T13:06:25+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-18T13:06:25+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-18T13:06:25+07:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.19.0.3/16
2024-06-18T13:06:25+07:00 INFO [openvpn] UID set to nonrootuser
2024-06-18T13:06:25+07:00 INFO [openvpn] Initialization Sequence Completed
2024-06-18T13:06:25+07:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-06-18T13:06:27+07:00 INFO [healthcheck] healthy!
2024-06-18T13:06:35+07:00 INFO [dns] downloading hostnames and IP block lists
2024-06-18T13:06:47+07:00 INFO [dns] init module 0: validator
2024-06-18T13:06:47+07:00 INFO [dns] init module 1: iterator
2024-06-18T13:06:47+07:00 INFO [dns] start of service (unbound 1.20.0).
2024-06-18T13:06:48+07:00 DEBUG [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com: i/o timeout
2024-06-18T13:06:50+07:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-18T13:06:50+07:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-18T13:06:54+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-18T13:06:54+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-18T13:06:54+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-18T13:06:54+07:00 INFO [vpn] stopping
2024-06-18T13:06:54+07:00 ERROR [vpn] getting public IP address information: fetching information: Get "https://ipinfo.io/": context canceled
2024-06-18T13:06:54+07:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2024-06-18T13:06:54+07:00 INFO [port forwarding] starting
2024-06-18T13:06:54+07:00 ERROR [vpn] port forwarding for the first time: getting external IPv4 address: executing remote procedure call: writing to connection: write udp 172.29.0.2:37105->10.19.0.1:5351: write: operation not permitted
2024-06-18T13:06:54+07:00 INFO [vpn] starting
2024-06-18T13:06:54+07:00 INFO [firewall] allowing VPN connection...
2024-06-18T13:06:54+07:00 DEBUG [firewall] iptables --delete OUTPUT -d 185.159.157.187 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:06:54+07:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:54+07:00 DEBUG [firewall] ip6tables --delete OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:54+07:00 DEBUG [firewall] iptables --append OUTPUT -d 37.19.201.130 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
2024-06-18T13:06:54+07:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:54+07:00 DEBUG [firewall] ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-06-18T13:06:54+07:00 INFO [openvpn] OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-06-18T13:06:54+07:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-06-18T13:06:54+07:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.201.130:1194
2024-06-18T13:06:54+07:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-06-18T13:06:54+07:00 INFO [openvpn] UDPv4 link remote: [AF_INET]37.19.201.130:1194
2024-06-18T13:06:54+07:00 INFO [openvpn] [node-sg-14.protonvpn.net] Peer Connection Initiated with [AF_INET]37.19.201.130:1194
2024-06-18T13:06:55+07:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2024-06-18T13:06:55+07:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-06-18T13:06:55+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-06-18T13:06:55+07:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-06-18T13:06:55+07:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.23.0.8/16
2024-06-18T13:06:55+07:00 INFO [openvpn] UID set to nonrootuser
2024-06-18T13:06:55+07:00 INFO [openvpn] Initialization Sequence Completed
2024-06-18T13:06:56+07:00 INFO [healthcheck] healthy!
2024-06-18T13:07:00+07:00 INFO [dns] ready
2024-06-18T13:07:01+07:00 INFO [ip getter] Public IP address is 37.19.201.135 (Singapore, Singapore, Singapore)
2024-06-18T13:07:01+07:00 INFO [port forwarding] starting
2024-06-18T13:07:01+07:00 INFO [port forwarding] gateway external IPv4 address is 37.19.201.135
2024-06-18T13:07:01+07:00 INFO [port forwarding] port forwarded is 35931
2024-06-18T13:07:01+07:00 INFO [firewall] setting allowed input port 35931 through interface tun0...
2024-06-18T13:07:01+07:00 DEBUG [firewall] iptables --append INPUT -i tun0 -p tcp --dport 35931 -j ACCEPT
2024-06-18T13:07:01+07:00 DEBUG [firewall] ip6tables --append INPUT -i tun0 -p tcp --dport 35931 -j ACCEPT
2024-06-18T13:07:01+07:00 DEBUG [firewall] iptables --append INPUT -i tun0 -p udp --dport 35931 -j ACCEPT
2024-06-18T13:07:01+07:00 DEBUG [firewall] ip6tables --append INPUT -i tun0 -p udp --dport 35931 -j ACCEPT
2024-06-18T13:07:01+07:00 INFO [port forwarding] writing port file /tmp/gluetun/forwarded_port
2024-06-18T13:07:46+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:07:46+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:08:31+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:08:31+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:09:16+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:09:16+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:10:01+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:10:01+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:10:46+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:10:46+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:11:31+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:11:31+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:12:16+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:12:16+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:13:01+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:13:01+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:13:46+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:13:46+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:14:31+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:14:31+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:15:16+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:15:16+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:16:01+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:16:01+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:16:46+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:16:46+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:17:31+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:17:31+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:18:16+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:18:17+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:19:02+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:19:02+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:19:47+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:19:47+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:20:32+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:20:32+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:21:17+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:21:17+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:22:02+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:22:02+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:22:47+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:22:47+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:23:32+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:23:32+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:24:17+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:24:17+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:25:02+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:25:02+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:25:47+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:25:47+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:26:32+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:26:32+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:27:17+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:27:17+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:28:02+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:28:02+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:28:47+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:28:47+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:29:32+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:29:32+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:30:17+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:30:17+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:31:02+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:31:02+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:31:47+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:31:48+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:32:33+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:32:33+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:33:18+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:33:18+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:34:03+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:34:03+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:34:48+07:00 DEBUG [port forwarding] refreshing port forward since 45 seconds have elapsed
2024-06-18T13:34:48+07:00 DEBUG [port forwarding] port forwarded 35931 maintained
2024-06-18T13:34:59+07:00 DEBUG [healthcheck] unhealthy: dialing: dial tcp4 104.16.133.229:443: i/o timeout
2024-06-18T13:34:59+07:00 INFO [openvpn] read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNR]: Host is unreachable (fd=4,code=113)
2024-06-18T13:35:02+07:00 INFO [openvpn] read UDPv4 [ENETUNREACH]: Network unreachable (fd=4,code=101)
2024-06-18T13:35:02+07:00 INFO [openvpn] read UDPv4 [ENETUNREACH]: Network unreachable (fd=4,code=101)
2024-06-18T13:35:05+07:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-06-18T13:35:05+07:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-06-18T13:35:05+07:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-06-18T13:35:05+07:00 INFO [vpn] stopping
2024-06-18T13:35:05+07:00 INFO [port forwarding] stopping
2024-06-18T13:35:05+07:00 INFO [firewall] removing allowed port 35931...
2024-06-18T13:35:05+07:00 DEBUG [firewall] iptables --delete INPUT -i tun0 -p tcp --dport 35931 -j ACCEPT
2024-06-18T13:35:05+07:00 ERROR port forwarding loop crashed: stopping previous service: blocking previous port in firewall: removing allowed port 35931 on interface tun0: command failed: "iptables --delete INPUT -i tun0 -p tcp --dport 35931 -j ACCEPT": iptables: Bad rule (does a matching rule exist in that chain?).: exit status 1
2024-06-18T13:35:05+07:00 INFO dns ticker: terminated ✔️
2024-06-18T13:35:05+07:00 INFO updater ticker: terminated ✔️
2024-06-18T13:35:05+07:00 INFO http server: terminated ✔️
2024-06-18T13:35:05+07:00 INFO control: terminated ✔️
2024-06-18T13:35:05+07:00 INFO updater: terminated ✔️
2024-06-18T13:35:05+07:00 INFO tickers: terminated ✔️
2024-06-18T13:35:05+07:00 WARN HTTP health server: goroutine shutdown timed out: after 400ms ⚠️
2024-06-18T13:35:06+07:00 WARN vpn: goroutine shutdown timed out: after 1s ⚠️
2024-06-18T13:35:06+07:00 INFO shadowsocks proxy: terminated ✔️
2024-06-18T13:35:06+07:00 INFO http proxy: terminated ✔️
2024-06-18T13:35:06+07:00 INFO unbound: terminated ✔️
2024-06-18T13:35:06+07:00 INFO other: terminated ✔️
2024-06-18T13:35:06+07:00 INFO [routing] routing cleanup...
2024-06-18T13:35:06+07:00 INFO [routing] default route found: interface eth0, gateway 172.29.0.1, assigned IP 172.29.0.2 and family v4
2024-06-18T13:35:06+07:00 INFO [routing] deleting route for 0.0.0.0/0
2024-06-18T13:35:06+07:00 DEBUG [routing] ip route delete 0.0.0.0/0 via 172.29.0.1 dev eth0 table 200
2024-06-18T13:35:06+07:00 DEBUG [routing] ip rule del from 172.29.0.2/32 lookup 200 pref 100
2024-06-18T13:35:06+07:00 ERROR ordered shutdown timed out: HTTP health server: goroutine shutdown timed out: after 400ms; vpn: goroutine shutdown timed out: after 1s
2024-06-18T13:35:06+07:00 INFO Shutdown successful

Notes

• Also i can reproduce this issue in v3.38.0
• As you can see i only put singapore server but it sometimes connected to german server? is this known issue?