Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - travisjayclark

Pages: [1]
1
Linux / Split Nox-WebUI Traffic from Torrent Traffic
« on: May 25, 2016, 05:13:54 PM »
Goal: To have torrent traffic running through only network interface tun0 and access the webUI through eth0.

System- trying on both RPi3- Raspbian and Ubuntu 14 lts the qbittorrent-nox install seemed the same on both simply using apt-get install.
VPNService from FrootVPN. - Although this seems irrelevant to the results.
WebUI running on port 8080 per default config.

Setup based on - https://github.com/qbittorrent/qBittorrent/wiki/Setting-up-qBittorrent-on-Ubuntu-server-as-daemon-with-Web-interface-%2815.04-and-newer%29

Things I have tried:

I added the following lines for my config file and restarted the server.

Connection\Interface=tun0
Connection\InterfaceListenIPv6=false
Connection\InterfaceName=tun0

Oddly enough I expected this to bind the connection to tun0 as it works in the non-nox version.  I tested by starting an Ubuntu.iso torrent while connected to vpn (tun0) and the torrent started.  I killed the vpn session and tun0 was gone from my interfaces.  The download continued.  I restarted the server and brought up qbittorrent and the DL still continued.  So it appears that adding that to my config file did not actually prevent it from using other interfaces.

When connected to the vpn it also forwarded the webUI along the vpn connection.  So I could actually pull up my webUI from my external facing swedish IP address at the end of the tunnel!  Cool but not what I want at all, seems like a security risk for me.

I spent a few hours digging through this forum, and other help sites and google searches.  None of the results are really qbittorrent specific it seem like alot of people use rtorrent and transmission in this situation.

There was half a solution to run qbittorent through a VM(and have the VM traffic routed differently), but that would not split the webUI traffic from the torrent traffic.  It also seems like a waste of system resources to run an entire VM just to route traffic differently.

There was a solution using namespace to route all traffic from a specific user a certain way.  I believe this probably a good solution however it is above my head quite honestly I don't understand it.  And I guess I would need different rules for the same qbittorrent user to spit the traffic.

The solution I am leaning towards it in my vpn client config to end the automated route pushes and specify 1 port to route instead.  If I make sure that same port is used for torrent traffic.  Then I should be good right?  Is there anything else I need to consider?  Maybe I can use iptables  to only open that port when the vpn is running and then close it when vpn is off?  Does that make sense and cover everything?

Would it help to set up the web UI to run through an apache webserver?  Are there any built in was to make this work?  Like bind the webUI to eth0 and the torrents to tun0 in the config?  Any advice would be appreciated.

Pages: [1]