qBittorrent + OpenVPN

typhonragewind

Dabbler
Joined
Dec 1, 2018
Messages
26
Hello everyone!

I'm not sure this is the right place to ask this, but here it goes.

Ive built my FreeNAS system recently and have been having a lot of fun setting it up and installing jails and learning about FreeBSD. I have hit a bit of a snag, which i hope someone here might be able to help me. My weakest point is networking, so please bear with my temporary lack of knowledge.
Ive been trying to get qbittorrent to work alongside openvpn, trying to adapt the tutorial for Transmission i found here. However, i must be doing something wrong, for several reasons:

1. I don't get an external IP change, meaning that openvpn is not working properly. I use wget -qO - http://wtfismyip.com/text to check it. My regular IP starts with 148 and it should start with 82 if the VPN was working.
2. I can't access the qbittorrent through the webui on a computer on my network. I misconfigured the firewall rules, but i'm not sure at which point, or if at several points. Also, i assumed that the IP of entrance node would be that IP of the VPN server i'm connecting to, so i instead used the server non-ip address (as in something.something.com:port) - i assume this is also not correct, but i could not find much on this, as my searches on the topic invariably led to stuff related to TOR. I probably don't know the right terms to search for this.
3. The third part of the tutorial, changing the whitelist permissions, i could not do, since qbittorrent does not have that file, that i know of.

I'll include below the commands i used to create the jail:
Code:
echo '{"pkgs":["bash","wget","unzip","unrar","qbittorrent","openvpn","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "qbittorrent" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.7/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on" allow_tun="1"
rm /tmp/pkg.json
iocage exec qbittorrent mkdir -p /config/
iocage exec qbittorrent mkdir -p /downloads/
iocage exec qbittorrent chown -R qbittorrent:qbittorrent /config/
iocage fstab -a qbittorrent /mnt/software/apps/qbittorrent/config /config nullfs rw 0 0
iocage exec qbittorrent chown -R qbittorrent:qbittorrent /downloads/
iocage fstab -a qbittorrent /mnt/tank/share1/Downloads/Torrents_DL /downloads nullfs rw 0 0


# Allow internal traffic
add 03000 allow IP from 192.168.1.7/24 to 192.168.0.0/24 keep-state
add 03000 allow IP from 192.168.0.0/24 to 192.168.1.7/24 keep-state

# Allow access to Entrace IP for VPN
add 04000 allow IP from 192.168.1.7/24 to something.something.com:2345 keep-state

# Allow any traffic over the VPN interface
add 05000 allow IP from any to any via tun*

# Deny any other traffic
add 65534 deny IP from any to any



iocage exec qbittorrent "chown 0:0 /config/ipfw_rules"
iocage exec qbittorrent "chmod 600 /config/ipfw_rules"
iocage exec qbittorrent sysrc "firewall_enable=YES"
iocage exec qbittorrent sysrc "firewall_type=/config/ipfw_rules"
iocage exec qbittorrent sysrc "openvpn_enable=YES"
iocage exec qbittorrent sysrc "openvpn_dir=/config"
iocage exec qbittorrent sysrc "openvpn_configfile=/config/openvpn.conf"
iocage exec qbittorrent sysrc "qbittorrent_enable=YES"
iocage exec qbittorrent service ipfw start
iocage exec qbittorrent service openvpn start
iocage exec qbittorrent service qbittorrent start


I'm at my wits end, so any help you can provide would be very very appreciated, even just the correct terms to google the information i need.
 

EtienneB

Explorer
Joined
Feb 19, 2018
Messages
78
Just a thought what I read a while back at digimoot which might help with your VPN issue.

Set OpenVPN to start automatically by using the following commands:
sysrc openvpn_enable="YES"
sysrc openvpn_if="tun"

you need to shutdown the jail and then run this:
iocage set allow_tun=1 [jailname]
and then unfortunately, restart your whole Truenas system. Then openvpn should work.
 
Last edited:

Davvo

MVP
Joined
Jul 12, 2022
Messages
3,147
Joined
Oct 22, 2019
Messages
3,582
Why not a simple iocage shutdown jailname?
I like to call my electric company and tell them to shut off power to my entire city. This ensures that my NAS server completely shuts down.

Breaking all kinds of records here. This thread is over 4 years old. :oops:
 

Davvo

MVP
Joined
Jul 12, 2022
Messages
3,147
I like to call my electric company and tell them to shut off power to my entire city. This ensures that my NAS server completely shuts down.

Breaking all kinds of records here. This thread is over 4 years old. :oops:
Yeah my bad, its actually iocage stop jailname. The late hour got me.
 

EtienneB

Explorer
Joined
Feb 19, 2018
Messages
78
You need to shutdown the jail and then you can do add the tun=1.
It was a step-by-step instruction :smile:
 

Davvo

MVP
Joined
Jul 12, 2022
Messages
3,147

ShameSpear

Dabbler
Joined
Nov 30, 2022
Messages
14
Anyone know how to get your jail to get the same tun each time?

My qBittorrent, if set to 'any interface' will often pick the wrong one and then won't pass any data through due to firewalls. But whenever my jail restarts, it will switch between tun0 and tun1 so I'll have to go back into qBit and set the interface accordingly.

1704986774319.png
 

sce91

Cadet
Joined
Mar 26, 2021
Messages
7
Anyone know how to get your jail to get the same tun each time?

My qBittorrent, if set to 'any interface' will often pick the wrong one and then won't pass any data through due to firewalls. But whenever my jail restarts, it will switch between tun0 and tun1 so I'll have to go back into qBit and set the interface accordingly.

You can tell OpenVPN to create a specific tunX interface, i.e. tun1 or tun2. But you NEED to be sure this specific tun interface is not created or used by any other service on your TrueNAS machine.
 
Top