Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: Surfshark wireguard account blocked #2595

Closed
clpir3s opened this issue Nov 21, 2024 · 5 comments
Closed

Bug: Surfshark wireguard account blocked #2595

clpir3s opened this issue Nov 21, 2024 · 5 comments

Comments

@clpir3s
Copy link

clpir3s commented Nov 21, 2024

Is this urgent?

Yes

Host OS

Debian

CPU arch

aarch64

VPN service provider

Surfshark

What are you using to run the container

docker-compose

What is the version of Gluetun

v3.39.1

What's the problem 🤔

I already received an email saying that my account was blocked.

I tried to get more information in my container about what caused the account to be blocked, what I found was many wireguard handshake and keepalive attempts.

Can you help if I'm missing something in the configurations that cause this loop?

Share your logs (at least 10 lines)

2024-11-17T22:50:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:51:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:51:29Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T22:51:29Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T22:51:29Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:51:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:52:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:52:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:53:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:53:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T22:53:30Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T22:53:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:53:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:54:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:54:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:55:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:55:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T22:55:30Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T22:55:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:55:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:56:11Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:56:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:57:10Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:57:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T22:57:30Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T22:57:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:57:40Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:58:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:58:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:59:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T22:59:30Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T22:59:31Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T22:59:31Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T22:59:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:00:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:00:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:01:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:01:31Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T23:01:31Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T23:01:31Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T23:01:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:02:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:02:42Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:03:11Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:03:31Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T23:03:31Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T23:03:31Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-17T23:03:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:04:12Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:04:41Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T23:05:12Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
........
2024-11-18T00:00:08Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:00:20Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:00:50Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:01:20Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:01:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:01:40Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:01:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:01:50Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:02:24Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:02:39Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:02:52Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:03:08Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:03:22Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:03:37Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:03:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:03:40Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:03:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:03:52Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:04:23Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:04:51Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:05:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:05:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:05:40Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:05:40Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:05:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:06:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:06:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:07:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:07:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:07:41Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:07:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:07:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:08:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:08:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:09:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:09:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:09:41Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:09:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:10:00Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:10:21Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:10:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:11:22Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:11:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:11:41Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:11:41Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:11:51Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:12:22Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:12:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:13:22Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:13:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:13:42Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:13:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:13:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:14:06Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:14:22Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:14:36Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:14:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:15:06Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:15:22Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:15:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:15:42Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:15:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:15:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:16:22Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:16:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:17:04Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:17:23Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:17:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:17:42Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:17:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:17:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:18:23Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:18:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:19:23Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:19:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:19:42Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:19:42Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:19:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:20:25Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:20:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:21:24Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:21:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:21:43Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:21:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:21:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:22:23Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:22:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:23:24Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:23:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:23:43Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:23:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:23:53Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:24:23Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:24:54Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:25:24Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:25:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-18T00:25:43Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-18T00:25:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:25:54Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-18T00:26:24Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:26:37Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:26:54Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:27:09Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:27:25Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-18T00:27:43Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
....................
2024-11-19T18:31:58Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:32:28Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:32:58Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:33:18Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:33:18Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:33:18Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:33:28Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:33:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:34:28Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:34:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:35:18Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:35:18Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:35:18Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:35:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:35:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:36:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:36:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:37:18Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:37:19Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:37:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:37:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:37:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:38:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:38:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:39:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:39:19Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:39:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:39:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:40:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:40:29Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:41:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:41:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:41:19Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:41:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:41:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:41:59Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:42:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:43:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:43:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:43:19Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:43:19Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:43:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:44:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:44:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:45:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:45:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:45:20Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:45:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:45:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:46:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:46:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:47:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:47:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:47:20Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:47:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
2024-11-19T18:47:30Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:48:00Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:48:31Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:49:01Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-19T18:49:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-19T18:49:20Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-19T18:49:20Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet

Share your configuration

vpn:
    image: qmcgaw/gluetun:v3.39.1
    restart: always
    devices:
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - /lib/modules:/lib/modules:ro
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
      - VPN_SERVICE_PROVIDER=surfshark
      - VPN_TYPE=wireguard
      #wireguard
      - WIREGUARD_ADDRESSES=10.14.0.2/16
    # System
    # Other
      - PUBLICIP_PERIOD=720h
      - PUID=1030
      - PGID=101
      - TZ=Europe/Lisbon
      - LOG_LEVEL=debug
    # HTTPproxy
      - HTTPPROXY=on
      - HTTPPROXY_LOG=on
      - HTTPPROXY_LISTENING_ADDRESS=:8888
      - HTTPPROXY_STEALTH=on
    #Healthcheck
      - HEALTH_TARGET_ADDRESS=1.1.1.1:443     
      - HEALTH_SUCCESS_WAIT_DURATION=30s
      - HEALTH_VPN_DURATION_INITIAL=10s
      - HEALTH_VPN_DURATION_ADDITION=11s
    # HTTP Control server
      - HTTP_CONTROL_SERVER_ADDRESS=:8000
      - HTTP_CONTROL_SERVER_LOG=on
    # DNS
      - DOT=off        
      #- DNS_UPDATE_PERIOD=8h   
      - DOT_IPV6=off
      - DOT_VALIDATION_LOGLEVEL=2
      - DOT_VERBOSITY_DETAILS=4
      - DOT_VERBOSITY=5            
      #- DNS_KEEP_NAMESERVER=on
    #Servers updater
    #  - UPDATER_PERIOD=24h
    # FIREWALL 
      - FIREWALL=on
      - FIREWALL_DEBUG=on
      - FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24
Copy link
Contributor

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

@qdm12
Copy link
Owner

qdm12 commented Nov 22, 2024

I tried to get more information in my container about what caused the account to be blocked, what I found was many wireguard handshake and keepalive attempts.

Did Surfshark tell you it was about those handshakes??? These might be unrelated to the ban if not.

By default the keepalive / handshakes is disabled

WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL=0 \

But the VPN server can do it if it wants to, which seems to be the case here 🤔

Honestly I'm not too sure! But let me know what Surfshark told you, and, if they didn't specify, ask their support why this happened?

@qdm12 qdm12 changed the title Bug: To many retries that get account blocked Bug: Surfshark wireguard account blocked Nov 22, 2024
@qdm12
Copy link
Owner

qdm12 commented Nov 23, 2024

I suspect that the connection was killed, and after this it starts try self restart without success
It wasn't every second but it was constantly
I have a sequence of ~16300 line with

Yes that's how keepalive works. And these are debug logs logged out by the wireguard-go userspace implementation. From the logs you showed, it doesn't seem like the VPN is self restarting (aka auto healing) at all. Plus these logs seem to be about the 17 november, not the 19 or 21 november which might be more relevant according to the events.

Following our commitment to the No-logs Policy, we do not store information about what exactly triggered the blocking of any particular account. So I am not able to specify the exact reason for which your account was blocked.

That's really a BS answer really. If they can track your connection activity over multiple days and ban your account, they ARE in fact storing this information. Which is fine really, the only not fine part is to use this as an excuse to not dig out what the hell happened.

Our automated infrastructure maintenance system blocked your account again because it detected network resource usage anomalies associated with service abuse. Such anomalies may result from irregular traffic volumes (e.g. DDoS attacks), extremely large numbers of connected devices, and similar triggers. Repeated service abuse results in permanent account termination, thus this time we are unable to unblock your account nor issue a refund.

As long as you use the same wireguard configuration, this acts as a single 'peer' (aka client device), especially since there is no connection or disconnection notification with Wireguard (unlike openvpn), so even if it reconnects many times, it would still act as one connection. Now for DDoS attack, that's also quite unlikely, depending on the containers you have using gluetun.

Finally, what I would recommend is to set back the log level to info to discard all this wireguard debug information, which is just normal behavior as far as I know. For context, the kernelspace wireguard implementation doesn't log anything (since it's, well, in the kernel) and likely behaves the same as the userspace implementation (developed by the Wireguard team).

Closing this because it's a bit of a dead end at this point; if you ever find what's wrong and that something can be fixed in Gluetun for this, please open another issue referencing this one! Thanks!

@qdm12 qdm12 closed this as not planned Won't fix, can't repro, duplicate, stale Nov 23, 2024
Copy link
Contributor

Closed issues are NOT monitored, so commenting here is likely to be not seen.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor issues closed.

@clpir3s
Copy link
Author

clpir3s commented Nov 25, 2024

Hello @qdm12,

Thanks for your great support.

Did Surfshark tell you it was about those handshakes??? These might be unrelated to the ban if not.

Unfortunately, they didn't confirm if it was the reason, in several emails exchanged, the answer was they don't have logs.

Unfortunately, as Surfshark guarantees a strict no-logs policy for Surfshark services, meaning that your activities using Surfshark services are provided by an automated technical process, and are not monitored, recorded, logged, stored, or passed to any third party in any way, we will not be able to specify the reason of your account suspension.
We do not store connection time stamps, session information, used bandwidth, traffic logs, IP addresses, or any other data in any form.

+1

Following our commitment to the No-logs Policy, we do not store information about what exactly triggered the blocking of any particular account. So I am not able to specify the exact reason for which your account was blocked.

Our automated infrastructure maintenance system blocked your account again because it detected network resource usage anomalies associated with service abuse. Such anomalies may result from irregular traffic volumes (e.g. DDoS attacks), extremely large numbers of connected devices, and similar triggers.
Repeated service abuse results in permanent account termination, thus this time we are unable to unblock your account nor issue a refund.

The account has been unlocked, at first moment, 24h after it was permanent blocked.

After this I tried to investigate and I get this container logs, and this container was in trouble for a long time. According to this logs, at least it takes 3 days constantly trying to connect.

It starts here

2024-11-13T21:19:55Z INFO [healthcheck] healthy!
2024-11-17T03:43:40Z WARN Caught OS signal terminated, shutting down
2024-11-17T03:43:44Z INFO updater ticker: terminated ✔️
2024-11-17T03:43:44Z INFO http server: terminated ✔️
2024-11-17T03:43:44Z INFO dns ticker: terminated ✔️
2024-11-17T03:43:44Z INFO control: terminated ✔️
2024-11-17T03:43:44Z INFO updater: terminated ✔️
2024-11-17T03:43:44Z INFO tickers: terminated ✔️
2024-11-17T03:43:44Z INFO HTTP health server: terminated ✔️
2024-11-17T03:43:44Z DEBUG [wireguard] closing controller client...
2024-11-17T03:43:44Z DEBUG [wireguard] removing IPv4 rule...
2024-11-17T03:43:45Z WARN Shutdown timed out
========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version v3.39.1 built on 2024-09-29T18:16:23.495Z (commit 67ae5f5)

📣 All control server routes will become private by default after the v3.41.0 release

🔧 Need help? ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new/choose
🐛 Bug? ✨ New feature? https://github.com/qdm12/gluetun/issues/new/choose
💻 Email? [email protected]
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-11-17T03:46:49Z INFO [routing] default route found: interface eth0, gateway 10.0.1.1, assigned IP 10.0.1.238 and family v4
2024-11-17T03:46:49Z INFO [routing] local ethernet link found: eth0
2024-11-17T03:46:49Z INFO [routing] local ipnet found: 10.0.0.0/16
2024-11-17T03:46:50Z INFO [firewall] enabling...
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --policy INPUT DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --policy OUTPUT DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --policy FORWARD DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --policy INPUT DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --policy OUTPUT DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --policy FORWARD DROP
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --append INPUT -i lo -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --append INPUT -i lo -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --append OUTPUT -o lo -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --append OUTPUT -o lo -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/ip6tables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-11-17T03:46:50Z DEBUG [firewall] /sbin/iptables --append OUTPUT -o eth0 -s 10.0.1.238 -d 10.0.0.0/16 -j ACCEPT
2024-11-17T03:46:51Z DEBUG [firewall] /sbin/ip6tables --append OUTPUT -o eth0 -d ff02::1:ff/104 -j ACCEPT
2024-11-17T03:46:51Z DEBUG [firewall] /sbin/iptables --append INPUT -i eth0 -d 10.0.0.0/16 -j ACCEPT
2024-11-17T03:46:51Z INFO [firewall] enabled successfully
2024-11-17T03:47:22Z INFO [storage] merging by most recent 20478 hardcoded servers and 20478 servers read from /gluetun/servers.json
2024-11-17T03:47:31Z DEBUG [netlink] IPv6 is not supported after searching 1 routes
2024-11-17T03:47:31Z INFO Alpine version: 3.20.3
2024-11-17T03:47:31Z INFO OpenVPN 2.5 version: 2.5.10
2024-11-17T03:47:31Z INFO OpenVPN 2.6 version: 2.6.11
2024-11-17T03:47:31Z INFO Unbound version: 1.20.0
2024-11-17T03:47:31Z INFO IPtables version: v1.8.10
2024-11-17T03:47:31Z INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: surfshark
|   |   └── Server selection settings:
|   |       ├── VPN type: wireguard
|   |       ├── Countries: Finland
|   |       └── Wireguard selection settings:
|   └── Wireguard settings:
|       ├── Private key: QL8...Gs=
|       ├── Interface addresses:
|       |   └── 10.14.0.2/16
|       ├── Allowed IPs:
|       |   ├── 0.0.0.0/0
|       |   └── ::/0
|       └── Network interface: tun0
|           └── MTU: 1400
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       └── Enabled: no
├── Firewall settings:
|   ├── Enabled: yes
|   ├── Debug mode: on
|   └── Outbound subnets:
|       └── 192.168.1.0/24
├── Log settings:
|   └── Log level: debug
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: 1.1.1.1:443
|   ├── Duration to wait after success: 30s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 10s
|       └── Additional duration: 11s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   ├── Enabled: yes
|   ├── Listening address: :8888
|   ├── User:
|   ├── Password: [not set]
|   ├── Stealth mode: yes
|   ├── Log: yes
|   ├── Read header timeout: 1s
|   └── Read timeout: 3s
├── Control server settings:
|   ├── Listening address: :8000
|   ├── Logging: yes
|   └── Authentication file path: /gluetun/auth/config.toml
├── OS Alpine settings:
|   ├── Process UID: 1030
|   ├── Process GID: 101
|   └── Timezone: Europe/Lisbon
├── Public IP settings:
|   ├── Fetching: every 720h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-11-17T03:47:33Z INFO [routing] default route found: interface eth0, gateway 10.0.1.1, assigned IP 10.0.1.238 and family v4
2024-11-17T03:47:33Z DEBUG [routing] ip rule add from 10.0.1.238/32 lookup 200 pref 100
2024-11-17T03:47:33Z INFO [routing] adding route for 0.0.0.0/0
2024-11-17T03:47:33Z DEBUG [routing] ip route replace 0.0.0.0/0 via 10.0.1.1 dev eth0 table 200
2024-11-17T03:47:33Z INFO [firewall] setting allowed subnets...
2024-11-17T03:47:33Z DEBUG [firewall] /sbin/iptables --append OUTPUT -o eth0 -s 10.0.1.238 -d 192.168.1.0/24 -j ACCEPT
2024-11-17T03:47:33Z INFO [routing] default route found: interface eth0, gateway 10.0.1.1, assigned IP 10.0.1.238 and family v4
2024-11-17T03:47:33Z INFO [routing] adding route for 192.168.1.0/24
2024-11-17T03:47:33Z DEBUG [routing] ip route replace 192.168.1.0/24 via 10.0.1.1 dev eth0 table 199
2024-11-17T03:47:33Z DEBUG [routing] ip rule add to 192.168.1.0/24 lookup 199 pref 99
2024-11-17T03:47:33Z DEBUG [routing] ip rule add to 10.0.0.0/16 lookup 254 pref 98
2024-11-17T03:47:33Z INFO [dns] using plaintext DNS at address 1.1.1.1
2024-11-17T03:47:33Z INFO [http proxy] listening on :8888
2024-11-17T03:47:33Z INFO [http server] http server listening on [::]:8000
2024-11-17T03:47:33Z INFO [healthcheck] listening on 127.0.0.1:9999
2024-11-17T03:47:33Z DEBUG [wireguard] Wireguard server public key: +nv/Z8I2VS0eRdZwkpQW3U9RmsboTz2MUF94jVg5w10=
2024-11-17T03:47:33Z DEBUG [wireguard] Wireguard client private key: QL8...Gs=
2024-11-17T03:47:33Z DEBUG [wireguard] Wireguard pre-shared key: [not set]
2024-11-17T03:47:33Z INFO [firewall] allowing VPN connection...
2024-11-17T03:47:33Z DEBUG [firewall] /sbin/iptables --append OUTPUT -d 193.56.113.48 -o eth0 -p udp -m udp --dport 51820 -j ACCEPT
2024-11-17T03:47:33Z DEBUG [firewall] /sbin/iptables --append OUTPUT -o tun0 -j ACCEPT
2024-11-17T03:47:33Z DEBUG [firewall] /sbin/ip6tables --append OUTPUT -o tun0 -j ACCEPT
2024-11-17T03:47:33Z DEBUG [netlink] wireguard family not found, trying to load wireguard kernel module
2024-11-17T03:47:33Z DEBUG [netlink] failed loading wireguard kernel module: getting modules information: modules directory not found: /lib/modules/6.8.0-1014-raspi, /usr/lib/modules/6.8.0-1014-raspi are 
2024-11-17T03:47:33Z INFO [wireguard] Using userspace implementation since Kernel support does not exist
2024-11-17T03:47:37Z INFO [wireguard] Connecting to 193.56.113.48:51820
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: handshake worker 2 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: encryption worker 1 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: decryption worker 1 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: handshake worker 1 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: encryption worker 2 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: decryption worker 2 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: handshake worker 4 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: encryption worker 3 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: decryption worker 3 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: handshake worker 3 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: encryption worker 4 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: decryption worker 4 - started
2024-11-17T03:47:37Z DEBUG [wireguard] UAPI: Updating private key
2024-11-17T03:47:37Z DEBUG [wireguard] UAPI: Updating fwmark
2024-11-17T03:47:37Z DEBUG [wireguard] UAPI: Removing all peers
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - UAPI: Created
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - UAPI: Updating endpoint
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - UAPI: Removing all allowedips
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - UAPI: Adding allowedip
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - UAPI: Adding allowedip
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: TUN reader - started
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: event worker - started
2024-11-17T03:47:37Z DEBUG [wireguard] Interface up requested
2024-11-17T03:47:37Z DEBUG [wireguard] UDP bind has been updated
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - Starting
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: receive incoming v4 - started
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - Routine: sequential sender - started
2024-11-17T03:47:37Z DEBUG [wireguard] Interface state was Down, requested Up, now Up
2024-11-17T03:47:37Z DEBUG [wireguard] Routine: receive incoming v6 - started
2024-11-17T03:47:37Z DEBUG [wireguard] Interface up requested
2024-11-17T03:47:37Z DEBUG [wireguard] peer(+nv/…5w10) - Routine: sequential receiver - started
2024-11-17T03:47:37Z INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the
2024-11-17T03:47:39Z DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation
2024-11-17T03:47:39Z DEBUG [wireguard] peer(+nv/…5w10) - Received handshake response
2024-11-17T03:47:39Z INFO [healthcheck] healthy!
2024-11-17T03:47:40Z INFO [ip getter] Public IP address is 193.56.113.49 (Finland, Uusimaa, Helsinki)
2024-11-17T03:47:41Z INFO [vpn] You are running the latest release v3.39.1
2024-11-17T03:47:52Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-17T03:48:03Z DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet

And permanent until here:

2024-11-20T08:12:01Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-20T08:12:31Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-20T08:13:01Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
2024-11-20T08:13:31Z DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet

I suspect that the connection was killed, and after this it starts try self restart without success

2024-11-20T08:13:45Z WARN Caught OS signal terminated, shutting down
2024-11-20T08:13:45Z INFO updater ticker: terminated ✔️
2024-11-20T08:13:45Z INFO dns ticker: terminated ✔️
2024-11-20T08:13:45Z INFO http server: terminated ✔️
2024-11-20T08:13:45Z INFO control: terminated ✔️
2024-11-20T08:13:45Z INFO updater: terminated ✔️
2024-11-20T08:13:45Z INFO tickers: terminated ✔️

I have a sequence of ~16300 line with:

DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Sending keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Receiving keepalive packet
DEBUG [wireguard] peer(+nv/…5w10) - Sending handshake initiation

It wasn't every second but it was constantly, and the first account block notification was at 19/11/2024, 17:46, the permanent block was 21/11, 07:40.

I need to monitor the container in feature, and adjust the variable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants