Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container doesn't start - iptables-restore v1.8.7 (nf_tables): Couldn't load match `addrtype':No such file or directory #155

Open
dustojnikhummer opened this issue Apr 28, 2023 · 3 comments
Open

Container doesn't start - iptables-restore v1.8.7 (nf_tables): Couldn't load match `addrtype':No such file or directory #155

dustojnikhummer opened this issue Apr 28, 2023 · 3 comments

Comments

@dustojnikhummer
Copy link

Compose

version: "3.6"
services:
  qbittorrent:
    command:
      - "/bin/bash"
      - "/etc/openvpn/start.sh"
    container_name: "qbittorrent"
    environment:
      - "VPN_ENABLED=yes"
      - "VPN_TYPE=wireguard"
      - "LAN_NETWORK=10.0.1.0/24, 10.0.2.0/24"
      - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
      - "NAME_SERVERS=1.1.1.1,8.8.8.8"
      - "WEBUI_PORT=8085"
      - "INCOMING_PORT=8889"
    image: "dyonr/qbittorrentvpn:latest"
    networks:
      - "traefik-default"
    ports:
      - "8085:8085/tcp"
    privileged: true
    restart: "unless-stopped"
    security_opt:
      - "label=disable"
    volumes:
      - "/share/Container/container-station-data/containers/qbittorrent/downloads:/downloads"
      - "/share/Container/container-station-data/containers/qbittorrent/config:/config"
    working_dir: "/share/Container/container-station-data/containers/qbittorrent/opt"
networks:
  traefik-default:
    external: true
    name: "traefik-default"

Container log

2023-04-28 22:34:19.239414 [INFO] VPN_ENABLED defined as 'yes'
2023-04-28 22:34:19.456236 [INFO] LEGACY_IPTABLES is set to ''
2023-04-28 22:34:19.679549 [INFO] Not making any changes to iptables version
2023-04-28 22:34:19.951911 [INFO] The container is currently running iptables v1.8.7 (nf_tables).
2023-04-28 22:34:20.163409 [INFO] VPN_TYPE defined as 'wireguard'
2023-04-28 22:34:20.404921 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf
dos2unix: converting file /config/wireguard/wg0.conf to Unix format...
2023-04-28 22:34:20.736252 [INFO] VPN remote line defined as 'cz-prg.prod.surfshark.com:51820'
2023-04-28 22:34:20.862635 [INFO] VPN_REMOTE defined as 'cz-prg.prod.surfshark.com'
2023-04-28 22:34:21.110745 [INFO] VPN_PORT defined as '51820'
2023-04-28 22:34:21.362607 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp.
2023-04-28 22:34:21.560751 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0.
2023-04-28 22:34:21.779297 [INFO] LAN_NETWORK defined as '10.0.1.0/24, 10.0.2.0/24'
2023-04-28 22:34:21.973332 [INFO] NAME_SERVERS defined as '1.1.1.1,8.8.8.8'
2023-04-28 22:34:22.144934 [INFO] Adding 1.1.1.1 to resolv.conf
2023-04-28 22:34:22.301846 [INFO] Adding 8.8.8.8 to resolv.conf
2023-04-28 22:34:22.449103 [INFO] PUID not defined. Defaulting to root user
2023-04-28 22:34:22.539123 [INFO] PGID not defined. Defaulting to root group
2023-04-28 22:34:22.698797 [INFO] Starting WireGuard...
Warning: `/config/wireguard/wg0.conf' is world accessible
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.14.0.2/16 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] iptables-restore -n
iptables-restore v1.8.7 (nf_tables): Couldn't load match `addrtype':No such file or directory
Error occurred at line: 2
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
[#] resolvconf -d wg0 -f
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0

And this just loops forever. I can't CLI into the container because it hasn't started yet.
Host is a Qnap TS251A running QTS 5.0.1 on
Docker version 20.10.17-qnap7, build 0474f29
@LinearDynamics
Copy link

Did you solve this?

@dustojnikhummer
Copy link
Author

dustojnikhummer commented Aug 27, 2023
edited
Loading

Did you solve this?

Hi, no I haven't. I moved to Gluetun + lscr qBittorrent container (and don't run Docker on my NAS anymore).

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun:v3.35.0
    container_name: qbittorrent_vpn
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=surfshark
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=
      - WIREGUARD_ADDRESSES=
      - SERVER_COUNTRIES=
      - TZ=Europe/Prague
      - PUID=1001
      - PGID=1001
    ports:
      - 10095:10095
      - 6881:6881
      - 6881:6881/udp
    restart: unless-stopped

    networks:
      - reverse_proxy


  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:4.5.4
    container_name: qbittorrent
    environment:
      - WEBUI_PORT=10095
      - TZ=Europe/Prague
      - PUID=1001
      - PGID=1001
    volumes:
      - /path/to/config:/config
      - /path/to/downloads/:/downloads
    restart: unless-stopped
    network_mode: "service:gluetun"

networks:
  reverse_proxy:
    external: true

@vladimiroltean
Copy link

For other readers, this is a kernel configuration problem, you need CONFIG_NETFILTER_XT_MATCH_ADDRTYPE either y, or m and make sure the module gets loaded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dustojnikhummer @vladimiroltean @LinearDynamics