Grinas
Contributor
- Joined
- May 4, 2017
- Messages
- 174
I am migrating from truenas core and used jails in core for things like qbittorrent.
In my setup i have my firewall route traffic from specific IPs through a VPN and the IP can also receive ingress traffic through the VPN. This was working perfect in truenas core.
I noticed that since the migration to Scale the Qbittorrent public IPs are showing as my home IP on trackers and that the IP is not reachable. This means the sites are trying to send data to my home IP which does not have the ability to receive inbound connections as my ISP uses Carrier Nat and the IP is dynamic in that my public Ip could change 10+ times a day. After logging on to container and running to get public IP i can see the container has the public IP of my home address even though the traffic from its IP should be going through the VPN.
I did a network capture from firewall and contacted some random port and IP from the container and I can see that the container seems to use the truenas host IP.
An easy but not ideal fix to this was just add the IP of the truenas host to go through the VPN and I can see the sites are now reporting the correct VPN IP for the container but i now have another issue.
As these containers are using the same IPs as previous they should be connectable using the VPN IP but it seems they are not. If i change the Port used for incoming connections on qbit to something else and then set up a netcat listener on the old port it shows as open from a remote IP. If i then stop netcat and change back the port it again becomes closed.
Port is open from Lan when used as qbittorrent listener port but doesnt appear to be reachable when you try from a remote network. Port is only reachable when not used as qbittorrent listener port when tested remotely.
Is there a possible reason why the container port is only not reachable remotely when not used qbittorrent listener port. I tired creating new rules and using different ports and same result for all. It works remotely as netcat listener port but not as qbittorrent listener port. Using the same qbittorrent version 4.38 as the previous jail setup in core with the same config.
weirdly it seems to be reachable if i install from applications page. In my case i am using a custom docker image from docker hub. Its based on v4.38 of the official release here https://hub.docker.com/r/linuxserver/qbittorrent
I see there is a BT Port variable in the applications page app but that does not seem to be the case with the one the official release. Is that maybe the issue that it needs to be configured under Network Configuration in the container options?
NOTE this truenas scale is running as a VM in ESXI so is a virtualised truenas
###### update ######
This seems an issue with qbittorrent as i get the same issue when using latest official image and only happens when you port forward the BT port so i opened a thread on their forum.
In my setup i have my firewall route traffic from specific IPs through a VPN and the IP can also receive ingress traffic through the VPN. This was working perfect in truenas core.
I noticed that since the migration to Scale the Qbittorrent public IPs are showing as my home IP on trackers and that the IP is not reachable. This means the sites are trying to send data to my home IP which does not have the ability to receive inbound connections as my ISP uses Carrier Nat and the IP is dynamic in that my public Ip could change 10+ times a day. After logging on to container and running
Code:
curl ifconfig.me
I did a network capture from firewall and contacted some random port and IP from the container and I can see that the container seems to use the truenas host IP.
An easy but not ideal fix to this was just add the IP of the truenas host to go through the VPN and I can see the sites are now reporting the correct VPN IP for the container but i now have another issue.
As these containers are using the same IPs as previous they should be connectable using the VPN IP but it seems they are not. If i change the Port used for incoming connections on qbit to something else and then set up a netcat listener on the old port it shows as open from a remote IP. If i then stop netcat and change back the port it again becomes closed.
Port is open from Lan when used as qbittorrent listener port but doesnt appear to be reachable when you try from a remote network. Port is only reachable when not used as qbittorrent listener port when tested remotely.
Is there a possible reason why the container port is only not reachable remotely when not used qbittorrent listener port. I tired creating new rules and using different ports and same result for all. It works remotely as netcat listener port but not as qbittorrent listener port. Using the same qbittorrent version 4.38 as the previous jail setup in core with the same config.
weirdly it seems to be reachable if i install from applications page. In my case i am using a custom docker image from docker hub. Its based on v4.38 of the official release here https://hub.docker.com/r/linuxserver/qbittorrent
I see there is a BT Port variable in the applications page app but that does not seem to be the case with the one the official release. Is that maybe the issue that it needs to be configured under Network Configuration in the container options?
NOTE this truenas scale is running as a VM in ESXI so is a virtualised truenas
###### update ######
This seems an issue with qbittorrent as i get the same issue when using latest official image and only happens when you port forward the BT port so i opened a thread on their forum.
Last edited:
