I am new here and I have the same problem..Would somebody please help us fix this error?
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
GUIDE: Setting up Transmission with OpenVPN and PIA
- Thread starter Tango
- Start date
I am new here and I have the same problem..Would somebody please help us fix this error?
Actually never mind. I found the problem..It is because I unchecked the "vimage" option when I first created the jail. I recreated it with the "vimage" option checked and it worked like a charm! :)
there is this firewall rules
i guess the epairob is the problem
how can you find the netwrok interface.... from freenas jail.
- ipfw -f flush
- ipfw -q add 00010 allow ip from any to any via tun0
- ipfw -q add 00101 allow ip from me to 10.0.0.0/24 via epair0b uid transmission
- ipfw -q add 00102 allow ip from 10.0.0.0/24 to me via epair0b uid transmission
- ipfw -q add 00103 deny ip from any to any via epair0b uid transmission
- ipfw -q add 65535 allow all from any to any
i guess the epairob is the problem
how can you find the netwrok interface.... from freenas jail.
Rilo Ravestein
Guru
- Joined
- Mar 6, 2014
- Messages
- 686
You shouldn't ask the same question in different threads, forum guards usually don't like that. I'll respond on the other thread later, have to finish some work for the higher management (aka wife) first
i didnt know which thread i responded to but i fixed that error that was in the other thread as i had type instead of script thats why i was getting the error
the question in this thread was regarding the permission denied. and for what ip i should put...
the question in this thread was regarding the permission denied. and for what ip i should put...
Rilo Ravestein
Guru
- Joined
- Mar 6, 2014
- Messages
- 686
Sorry for the delay. As far as i know i only have So no 'root' and no 'sh'. I am at work now, so i cannot check. Will be late this evening before i can get to it. Make sure the file is executable.
Question, why you put it in sab folder?
Code:
jexec jailname /path/to/script.sh
Question, why you put it in sab folder?
ok when i start ipfw service using you script ipfw_rules i get this in the output.
Flushed all rules.
01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24
/sabnzbd/scripts/ipfw_rules: keep-state: not found
ipfw: hostname ``xxx.xxx.xxx.xxx'' unknown
/sabnzbd/scripts/ipfw_rules: keep-state: not found
04000 allow ip from 127.0.0.1 to any
65534 deny ip from any to any
Firewall rules loaded.
when i run the script the one you used i get this as output.
script.sh: changed: not found
New IP Address
Flushed all rules.
ipfw: missing dst address
script.sh: 37.235.1.174: not found
ipfw: missing dst address
script.sh: 37.235.1.177: not found
ipfw: missing dst address
script.sh: 192.168.2.0/24: not found
ipfw: missing dst address
script.sh: 37.48.80.165: not found
04000 allow ip from 127.0.0.1 to any
05000 allow ip from 10.176.1.6 to any
05002 allow ip from any to 10.176.1.6
05004 allow ip from 10.176.1.5 to any
05006 allow ip from any to 10.176.1.5
65534 deny ip from any to any
from what i can see i need to change some stuff. so i can access transmission sabnzbd and couchpotato, and sickrage. also have nginx installed also.
just to recap my ip address is as follows
Freenas Box Is on 192.168.2.250
Jail is on 192.168.2.253 which has all the above installed
and router ip is 192.168.2.254
what i am trying to figure out is what do i change so i can understand it...
Thanx
Denis
Flushed all rules.
01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24
/sabnzbd/scripts/ipfw_rules: keep-state: not found
ipfw: hostname ``xxx.xxx.xxx.xxx'' unknown
/sabnzbd/scripts/ipfw_rules: keep-state: not found
04000 allow ip from 127.0.0.1 to any
65534 deny ip from any to any
Firewall rules loaded.
when i run the script the one you used i get this as output.
script.sh: changed: not found
New IP Address
Flushed all rules.
ipfw: missing dst address
script.sh: 37.235.1.174: not found
ipfw: missing dst address
script.sh: 37.235.1.177: not found
ipfw: missing dst address
script.sh: 192.168.2.0/24: not found
ipfw: missing dst address
script.sh: 37.48.80.165: not found
04000 allow ip from 127.0.0.1 to any
05000 allow ip from 10.176.1.6 to any
05002 allow ip from any to 10.176.1.6
05004 allow ip from 10.176.1.5 to any
05006 allow ip from any to 10.176.1.5
65534 deny ip from any to any
from what i can see i need to change some stuff. so i can access transmission sabnzbd and couchpotato, and sickrage. also have nginx installed also.
just to recap my ip address is as follows
Freenas Box Is on 192.168.2.250
Jail is on 192.168.2.253 which has all the above installed
and router ip is 192.168.2.254
what i am trying to figure out is what do i change so i can understand it...
Thanx
Denis
the ipfw_rules are these
#!/bin/sh
# Set rules command prefix
fwcmd="/sbin/ipfw"
# Flush out the list before we begin.
${fwcmd} -f flush
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to xxx.xxx.xxx.xxx keep-state
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 65534 deny ip from any to any
echo "" > /sabnzbd/scripts/Firewall_IP.log
the script which i have set to run every minute is as follows.
!/bin/sh
export IP_ADDR_1=""
export IP_ADDR_2=""
# Main Routines
###########
write_file ()
{
# Write the IP Address to Firewall_IP.log
echo "${IP_ADDR_1}" > /sabnzbd/scripts/Firewall_IP.log
echo "${IP_ADDR_2}" >> /sabnzbd/scripts/Firewall_IP.log
quit
}
###########
quit ()
{
exit 0
}
###########
check_ip ()
{
# Lets see what the current values are:
IP_ADDR_1="$(/sbin/ifconfig | grep 'inet 10.' | cut -d" " -f2)"
IP_ADDR_2="$(/sbin/ifconfig | grep 'inet 10.' | cut -d" " -f4)"
# Lets see what the previous values are:
TEMP1="$(sed '1q;d' /sabnzbd/scripts/Firewall_IP.log)"
TEMP2="$(sed '2q;d' /sabnzbd/scripts/Firewall_IP.log)"
# Lets compare
if [ "${TEMP1}" = "$IP_ADDR_1" ] && [ "${TEMP2}" = "$IP_ADDR_2" ]
then
# IP has not changed
echo No change required
quit
else
# IP has changed
set_rules
fi
}
###########
set_rules ()
{
# This function is only called if one of the IP addresses has changed
if [ "$IP_ADDR_1" != "" ] && [ "$IP_ADDR_2" != "" ]
then
echo "New IP Address"
# Flush the current rules
fwcmd="/sbin/ipfw"
${fwcmd} -f flush
# Set New OpenVPN Rules
${fwcmd} add 01000 allow log udp from 192.168.2.0/24 to 37.235.1.174 dst-port 53 keep-state #DNS IP 1
${fwcmd} add 01002 allow log udp from 192.168.2.0/24 to 37.235.1.177 dst-port 53 keep-state #DNS IP 1
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to 37.48.80.165 keep-state #VPN IP
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 05000 allow ip from "${IP_ADDR_1}" to any
${fwcmd} add 05002 allow ip from any to "${IP_ADDR_1}"
${fwcmd} add 05004 allow ip from "${IP_ADDR_2}" to any
${fwcmd} add 05006 allow ip from any to "${IP_ADDR_2}"
${fwcmd} add 65534 deny ip from any to any
write_file
else
echo No IP Address found, Change to default rules
set_default_rules
write_file
fi
}
###########
set_default_rules ()
{
# Flush the current rules
fwcmd="/sbin/ipfw"
${fwcmd} -f flush
# Default setup for when there is no VPN tunnel.
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to 37.48.80.165 keep-state
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 65534 deny ip from any to any
}
# Main Program
check_ip
exit
#!/bin/sh
# Set rules command prefix
fwcmd="/sbin/ipfw"
# Flush out the list before we begin.
${fwcmd} -f flush
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to xxx.xxx.xxx.xxx keep-state
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 65534 deny ip from any to any
echo "" > /sabnzbd/scripts/Firewall_IP.log
the script which i have set to run every minute is as follows.
!/bin/sh
export IP_ADDR_1=""
export IP_ADDR_2=""
# Main Routines
###########
write_file ()
{
# Write the IP Address to Firewall_IP.log
echo "${IP_ADDR_1}" > /sabnzbd/scripts/Firewall_IP.log
echo "${IP_ADDR_2}" >> /sabnzbd/scripts/Firewall_IP.log
quit
}
###########
quit ()
{
exit 0
}
###########
check_ip ()
{
# Lets see what the current values are:
IP_ADDR_1="$(/sbin/ifconfig | grep 'inet 10.' | cut -d" " -f2)"
IP_ADDR_2="$(/sbin/ifconfig | grep 'inet 10.' | cut -d" " -f4)"
# Lets see what the previous values are:
TEMP1="$(sed '1q;d' /sabnzbd/scripts/Firewall_IP.log)"
TEMP2="$(sed '2q;d' /sabnzbd/scripts/Firewall_IP.log)"
# Lets compare
if [ "${TEMP1}" = "$IP_ADDR_1" ] && [ "${TEMP2}" = "$IP_ADDR_2" ]
then
# IP has not changed
echo No change required
quit
else
# IP has changed
set_rules
fi
}
###########
set_rules ()
{
# This function is only called if one of the IP addresses has changed
if [ "$IP_ADDR_1" != "" ] && [ "$IP_ADDR_2" != "" ]
then
echo "New IP Address"
# Flush the current rules
fwcmd="/sbin/ipfw"
${fwcmd} -f flush
# Set New OpenVPN Rules
${fwcmd} add 01000 allow log udp from 192.168.2.0/24 to 37.235.1.174 dst-port 53 keep-state #DNS IP 1
${fwcmd} add 01002 allow log udp from 192.168.2.0/24 to 37.235.1.177 dst-port 53 keep-state #DNS IP 1
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to 37.48.80.165 keep-state #VPN IP
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 05000 allow ip from "${IP_ADDR_1}" to any
${fwcmd} add 05002 allow ip from any to "${IP_ADDR_1}"
${fwcmd} add 05004 allow ip from "${IP_ADDR_2}" to any
${fwcmd} add 05006 allow ip from any to "${IP_ADDR_2}"
${fwcmd} add 65534 deny ip from any to any
write_file
else
echo No IP Address found, Change to default rules
set_default_rules
write_file
fi
}
###########
set_default_rules ()
{
# Flush the current rules
fwcmd="/sbin/ipfw"
${fwcmd} -f flush
# Default setup for when there is no VPN tunnel.
${fwcmd} add 01006 allow ip from 192.168.2.0/24 to 192.168.2.0/24 keep-state
${fwcmd} add 02000 allow ip from 192.168.2.0/24 to 37.48.80.165 keep-state
${fwcmd} add 04000 allow ip from 127.0.0.1 to any
${fwcmd} add 65534 deny ip from any to any
}
# Main Program
check_ip
exit
thenax to Rilo Ravestein
also i have the script in the sab folder as i ahve my other scripts there also.
also i have the script in the sab folder as i ahve my other scripts there also.
Rilo Ravestein
Guru
- Joined
- Mar 6, 2014
- Messages
- 686
Does this mean you got it working?
Rilo Ravestein
Guru
- Joined
- Mar 6, 2014
- Messages
- 686
You have to replace all IP addresses and xx.xxx.xxx.xxx things in the script to reflect your network & DNS settings.
Its marked with DNS IP 1, DNS IP 2 (you set your DNS servers in the /etc/rc.conf file), VPN IP (that is the VPN remote server address OpenVPN connects with. It's in your VPN provider's config file). Addresses for you local LAN seem to be correct. Provided that your local VPN address (tun) is in the 10.xx range, the script will fill in the other IP addresses for that.
Its marked with DNS IP 1, DNS IP 2 (you set your DNS servers in the /etc/rc.conf file), VPN IP (that is the VPN remote server address OpenVPN connects with. It's in your VPN provider's config file). Addresses for you local LAN seem to be correct. Provided that your local VPN address (tun) is in the 10.xx range, the script will fill in the other IP addresses for that.
When I open it it does not have a IP address it has
Client
Dev tun
Proto udp
Remote server address
Nobind
Persist-key
Persist-tun
Location for ca.crt
Tls-client
Remote-very
Auth-user-pass
Comp-lzo
Verb 1
Reneg-sec 0
Crl-verify location
Auth user location
Sent from my iPhone using Tapatalk
Client
Dev tun
Proto udp
Remote server address
Nobind
Persist-key
Persist-tun
Location for ca.crt
Tls-client
Remote-very
Auth-user-pass
Comp-lzo
Verb 1
Reneg-sec 0
Crl-verify location
Auth user location
Sent from my iPhone using Tapatalk
Related topics on forums.truenas.com for thread: "GUIDE: Setting up Transmission with OpenVPN and PIA"
Similar threads
- Locked
