Jump to content
Not connected, Your IP: 3.145.168.157

Search the Community

Showing results for tags 'lxc'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 2 results

  1. Hello I know this is not 100% related to AirVPN but I just cant figure out how to do the setup. What I want to is do a forward from one LXC container to the OpenVPN LXC container I know that I could install OpenVPN in the Prowlarr LXC and Qbittorrent LXC but that would be usage of 2 connections out of 5. My setup is 192.168.1.129 - OpenVPN with airVPN.conf file 192.168.1.131 - Prowlarr 192.168.1.132 - Sonarr 192.168.1.133 - Radarr 192.168.1.139 - Qbittorrent So What I want to do is 192.168.1.131 --> Routing --> 192.168.1.129 (using VPN) and 192.168.1.129 and 192.168.1.139 --> routing --> 192.168.1.129 (VPN) meaning that finding the files and downloading files is done through the VPN-connection (192.168.1.129). I have installed OpenVPN + AirVPN.ovnf file in 192.168.1.1239 - My 129.conf looks like this. arch: amd64 cores: 1 features: nesting=1 hostname: openvpn memory: 1024 net0: name=eth0,bridge=vmbr0,gw=192.168.1.1,hwaddr=BC:24:11:7C:1C:98,ip=192.168.1.129/24,type=veth net1: name=eth1,bridge=vmbr0,firewall=1,hwaddr=BC:24:11:0C:BC:F5,ip=dhcp,type=veth onboot: 1 ostype: debian rootfs: local-lvm:vm-129-disk-0,size=2G swap: 512 tags: community-script;os lxc.cgroup2.devices.allow: a lxc.cap.drop: lxc.cgroup2.devices.allow: c 188:* rwm lxc.cgroup2.devices.allow: c 189:* rwm lxc.mount.entry: /dev/serial/by-id dev/serial/by-id none bind,optional,create=dir lxc.mount.entry: /dev/ttyUSB0 dev/ttyUSB0 none bind,optional,create=file lxc.mount.entry: /dev/ttyUSB1 dev/ttyUSB1 none bind,optional,create=file lxc.mount.entry: /dev/ttyACM0 dev/ttyACM0 none bind,optional,create=file lxc.mount.entry: /dev/ttyACM1 dev/ttyACM1 none bind,optional,create=file lxc.cgroup2.devices.allow: c 10:200 rwm lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file lxc.cap.drop: lxc.apparmor.profile: unconfined Prowlarr (192.168.1.131) 131.conf looks like this arch: amd64 cores: 2 features: keyctl=1,nesting=1 hostname: prowlarr memory: 1024 mp0: /mnt/pve/Plex,mp=/mnt/Plex net0: name=eth0,bridge=vmbr0,gw=192.168.1.1,hwaddr=BC:24:11:6B:C3:21,ip=192.168.1.131/24,type=veth net1: name=eth1,bridge=vmbr0,firewall=1,hwaddr=BC:24:11:0C:BC:F4,ip=dhcp,type=veth onboot: 1 ostype: debian rootfs: local-lvm:vm-131-disk-0,size=4G swap: 512 tags: arr;community-script unprivileged: 0 lxc.cgroup2.devices.allow: c 10:200 rwm lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file lxc.cap.drop: lxc.apparmor.profile: unconfined but the forward to 129 just don't work. Any ideas of what I should do? Thanks When it works, then I could write a guide for a full setup - LXC container for Container if anyone needs it.
  2. Hello, can someone explain how the iptables need to be changed for me in order to get the desired network lock working? $ ifconfig eth0 Link encap:Ethernet HWaddr 00:16:3e:f0:ea:1a inet addr:10.0.3.226 Bcast:10.0.3.255 Mask:255.255.255.0 inet6 addr: fe80::216:3eff:fef0:ea1a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14427656 errors:0 dropped:0 overruns:0 frame:0 TX packets:9119526 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:20539458438 (20.5 GB) TX bytes:2946926836 (2.9 GB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:510367 errors:0 dropped:0 overruns:0 frame:0 TX packets:510367 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:109371859 (109.3 MB) TX bytes:109371859 (109.3 MB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.4.7.67 P-t-P:10.4.7.67 Mask:255.255.0.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:965 (965.0 TX bytes:2086 (2.0 KB) $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 10.0.3.1 0.0.0.0 UG 0 0 0 eth0 10.0.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.4.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0 128.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 178.162.198.103 10.0.3.1 255.255.255.255 UGH 0 0 0 eth0 From https://airvpn.org/faq/software_lock/: # Flush iptables -F iptables -t nat -F iptables -t mangle -F # Flush V6 ip6tables -F ip6tables -t nat -F ip6tables -t mangle -F # Local iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Local V6 ip6tables -A INPUT -i lo -j ACCEPT ip6tables -A OUTPUT -o lo -j ACCEPT # Make sure you can communicate with any DHCP server iptables -A OUTPUT -d 255.255.255.255 -j ACCEPT iptables -A INPUT -s 255.255.255.255 -j ACCEPT # Make sure that you can communicate within your own network if Private Network option is enabled iptables -A INPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT iptables -A OUTPUT -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT iptables -A INPUT -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT iptables -A OUTPUT -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT iptables -A INPUT -s 172.16.0.0/12 -d 172.16.0.0/12 -j ACCEPT iptables -A OUTPUT -s 172.16.0.0/12 -d 172.16.0.0/12 -j ACCEPT # Allow incoming pings if Ping option is enabled iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT # Allow established sessions to receive traffic: iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow TUN iptables -A INPUT -i tun+ -j ACCEPT iptables -A FORWARD -i tun+ -j ACCEPT iptables -A OUTPUT -o tun+ -j ACCEPT # Block All iptables -A OUTPUT -j DROP iptables -A INPUT -j DROP iptables -A FORWARD -j DROP # Block All V6 ip6tables -A OUTPUT -j DROP ip6tables -A INPUT -j DROP ip6tables -A FORWARD -j DROP
×
×
  • Create New...