Error 403 - Newbie that DID google before and still can't...

[Desperate-Paul]

..figure out how to get it working.

Hello everyone in this friendly community
My name is Paul and I am desperate - hence the name.
Since about three months I am trying to get transmission running on my QNAP 419 P II and it is almost causing my marriage to fail.
Everytime I try to access the transmission web interface (the actual download GUI) or th remote GUI I get the Error 403:

403: Forbidden

Unauthorized IP Address.

Either disable the IP address whitelist or add your address to it.

If you're editing settings.json, see the 'rpc-whitelist' and 'rpc-whitelist-enabled' entries.

If you're still using ACLs, use a whitelist instead. See the transmission-daemon manpage for details.

I googled and read about it all around the internet and this forum, but no description can solve my problem so far. I whitelisted all IP's in my network and it seems I did everything right. I widend the permissions so far that it should just work, but it doesn't. Maybe I did some stupid mistake, since I am really not a code expert - I am more a mouse-klick-and-fail-newbie that might have broken something in the process. So it doesnt work and I would appreciate any help.
Here is what I did step by step:

I bought a QNAP, set it up and downloaded Optware IPKG and transmission via QPKG.
I installed transmission and the startup script with this guide to get some security of running transmision not a root-user:
http://wiki.qnap.com/w/index.php?title= ... lang=zh-cn
and used this script to start transmission:

Code: Select all

echo '#!/bin/sh
#!/bin/sh
TORRENTFOLDER=/share/HDA_DATA/Qdownload
TRANSMISSION_BIN=/opt/bin/transmission-daemon
TRANSMISSION_HOME=/opt/etc/transmission
TRANSMISSION_USER=transmission
TRANSMISSION_PORT=6888

REMOTE_USER=your-user-name
REMOTE_PASS=your-password

echo -n "Starting Transmission Daemon..."
su $TRANSMISSION_USER -c "EVENT_NOEPOLL=0 $TRANSMISSION_BIN --blocklist --auth --username $REMOTE_USER --password $REMOTE_PASS --config-dir $TRANSMISSION_HOME --download-dir $TORRENTFOLDER"

#Wait a while till the daemon has started...
sleep 20

#Set a few settings
transmission-remote -n $REMOTE_USER:$REMOTE_PASS --portmap --port $TRANSMISSION_PORT --pex --encryption-preferred


' > transmission_start.sh

It worked after some time and transmission shows up as transmission user in the process list of the QNAP. But already I cannot access transmission on port:9091 or with the GUI. When I edit the administration page at http://192.168.5.100/transmission/ I can access the settings file and find it like this:

Code: Select all

{
    "alt-speed-down": 50, 
    "alt-speed-enabled": false, 
    "alt-speed-time-begin": 540, 
    "alt-speed-time-day": 127, 
    "alt-speed-time-enabled": false, 
    "alt-speed-time-end": 1020, 
    "alt-speed-up": 50, 
    "bind-address-ipv4": "0.0.0.0", 
    "bind-address-ipv6": "::", 
    "blocklist-enabled": true, 
    "blocklist-url": "http://www.bluetack.co.uk/config/level1.gz", 
    "cache-size-mb": 2, 
    "dht-enabled": true, 
    "download-dir": "/share/MD0_DATA/Download/transmission/completed", 
    "download-queue-enabled": true, 
    "download-queue-size": 5, 
    "encryption": 0, 
    "idle-seeding-limit": 30, 
    "idle-seeding-limit-enabled": false, 
    "incomplete-dir": "/share/MD0_DATA/Download/transmission/incomplete", 
    "incomplete-dir-enabled": true, 
    "lazy-bitfield-enabled": true, 
    "lpd-enabled": true, 
    "message-level": 2, 
    "open-file-limit": 32, 
    "peer-congestion-algorithm": "", 
    "peer-limit-global": 1000, 
    "peer-limit-per-torrent": 250, 
    "peer-port": 51413, 
    "peer-port-random-high": 65535, 
    "peer-port-random-low": 49152, 
    "peer-port-random-on-start": false, 
    "peer-socket-tos": "default", 
    "pex-enabled": true, 
    "port-forwarding-enabled": true, 
    "preallocation": 2, 
    "prefetch-enabled": 0, 
    "proxy": "", 
    "proxy-auth-enabled": false, 
    "proxy-auth-password": "", 
    "proxy-auth-username": "", 
    "proxy-enabled": false, 
    "proxy-port": 80, 
    "proxy-type": 0, 
    "queue-stalled-enabled": true, 
    "queue-stalled-minutes": 30, 
    "ratio-limit": 2, 
    "ratio-limit-enabled": false, 
    "rename-partial-files": true, 
    "rpc-authentication-required": false, 
    "rpc-bind-address": "0.0.0.0", 
    "rpc-enabled": true, 
    "rpc-password": "Edit: I deleted the actual gibberish that is written here", 
    "rpc-port": 9091, 
    "rpc-url": "/transmission/", 
    "rpc-username": "transmission", 
    "rpc-whitelist": "127.0.0.1,*.*.*.*", 
    "rpc-whitelist-enabled": true, 
    "scrape-paused-torrents-enabled": true, 
    "script-torrent-done-enabled": true, 
    "script-torrent-done-filename": "/share/MD0_DATA/.qpkg/Transmission/scripts/run_scripts.sh", 
    "seed-queue-enabled": false, 
    "seed-queue-size": 10, 
    "speed-limit-down": 0, 
    "speed-limit-down-enabled": false, 
    "speed-limit-up": 0, 
    "speed-limit-up-enabled": false, 
    "start-added-torrents": true, 
    "trash-original-torrent-files": false, 
    "umask": 0, 
    "upload-slots-per-torrent": 15, 
    "utp-enabled": true, 
    "watch-dir": "/share/MD0_DATA/Download/transmission/watch", 
    "watch-dir-enabled": true
}

I only edit this settings file after I switched off the app (already knowledge I got from googeling..)
This is my log File after editing the settings file and restarting the deamon:

Code: Select all

[18:49:13.016] Transmission 2.75 (13675) started (session.c:722)
[18:49:13.016] RPC Server Adding address to whitelist: 127.0.0.1 (rpc-server.c:803)
[18:49:13.016] RPC Server Adding address to whitelist: *.*.*.* (rpc-server.c:803)
[18:49:13.016] RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:997)
[18:49:13.016] RPC Server Whitelist enabled (rpc-server.c:1001)
[18:49:13.016] UDP Couldn't bind IPv4 socket (tr-udp.c:262)
[18:49:13.016] DHT Generating new id (tr-dht.c:309)
[18:49:13.016] Using settings from "/share/MD0_DATA/.qpkg/Transmission/conf" (daemon.c:517)
[18:49:13.016] Saved "/share/MD0_DATA/.qpkg/Transmission/conf/settings.json" (bencode.c:1733)
[18:49:13.016] Watching "/share/MD0_DATA/Download/transmission/watch" for new .torrent files (daemon.c:555)
[18:49:13.016] Using inotify to watch directory "/share/MD0_DATA/Download/transmission/watch" (watch.c:73)
[18:49:13.016] Port Forwarding (NAT-PMP) initnatpmp succeeded (0) (natpmp.c:72)
[18:49:13.016] Port Forwarding (NAT-PMP) sendpublicaddressrequest succeeded (2) (natpmp.c:72)
[18:49:15.036] Port Forwarding (UPnP) Found Internet Gateway Device "http://192.168.5.1:5000/Public_UPNP_C3" (upnp.c:202)
[18:49:15.036] Port Forwarding (UPnP) Local Address is "192.168.5.100" (upnp.c:204)
[18:49:15.036] Port Forwarding (UPnP) Port forwarding through "http://192.168.5.1:5000/Public_UPNP_C3", service "urn:schemas-upnp-org:service:WANIPConnection:1". (local address: 192.168.5.100:51413) (upnp.c:279)
[18:49:15.036] Port Forwarding (UPnP) Port forwarding successful! (upnp.c:282)
[18:49:15.036] Port Forwarding Forwarded (port-forwarding.c:93)
[19:09:12.997] Port Forwarding (UPnP) Port 51413 isn't forwarded (upnp.c:233)
[19:09:12.997] Port Forwarding (UPnP) Port forwarding through "http://192.168.5.1:5000/Public_UPNP_C3", service "urn:schemas-upnp-org:service:WANIPConnection:1". (local address: 192.168.5.100:51413) (upnp.c:279)
[19:09:12.997] Port Forwarding (UPnP) Port forwarding successful! (upnp.c:282)

Can anyone please help me setting this up, so I can finally use transmission on the QNAP? Thank you all so much in advance!
P.S.: I have so far not found any information about ACL - maybe I am using it? How could I switch it off, if I did?

[Jordan]

If you're trying to allow any IP address to connect (such as the way you added *.*.*.* to the whitelist), why not disable the whitelist altogether with

Code: Select all

"rpc-whitelist-enabled": true, 

[Desperate-Paul]

If you're trying to allow any IP address to connect (such as the way you added *.*.*.* to the whitelist), why not disable the whitelist altogether with

Code: Select all

"rpc-whitelist-enabled": true, 

Hi Jordan,
since the setting of my whitelist is already 'true' I suspect you want me to try it as 'false'.
I did that and it still didn't work - unfortunatelly.
With the setting "added *.*.*.* to the whitelist" I was just trying to rule our any permission issues preventing me access. In the final setup it should / will be more restricted.

Cheers
Paul

[Desperate-Paul]

X190: also thank you for your answer. Here is what I did after your post:

UDP Couldn't bind IPv4 socket

• Set a port in the 49152-65535 range in your start-up script. (TRANSMISSION_PORT)

Done

• Port 9091 needs to be open.

Checked on cansyouseeme.org - it's open.

• "rpc-authentication-required": false, (Not safe)

Just had it open to check if it was an permission issue. It wasn't / isn't.

Code: Select all

• In script "EVENT_NOEPOLL=0 Probably s/b 1.

I took the scrip from the QNAP wiki page as mentioned. What does it do if I change it? I did change it in the end, but I don't understand the content of the link

• Using settings from "/share/MD0_DATA/.qpkg/Transmission/conf" (daemon.c:517)
Is that the one you are editing?

I suspect so - everytime I make changes in the settings file the log file will report the changed permission status accordingly.

After I ran the startup scrip again with the changed ports (to 51413) an restarted the NAS it worked for a little while. No more error about missing permissions!
Downside: Transmission daemon is not running as transmission user anymore Any idea how that is connected?
After I ran the startup script again to change the user from 'admin' to 'transmission user' the permission issue was back. Additonally the transmission-da process keeps shutting itself down. That is not helping either..
Any help is again greatly appreciated.

[Desperate-Paul]

• Port 9091 needs to be open.

viewtopic.php?f=2&t=14433#p63816

Thanks very much. Closed the port - opening didn't help much anyway.
I remoeved transmission from my server and re-installed it and now I am getting the command that

Code: Select all

Starting Transmission Daemon..../transmission_start.sh: line 12: su: command not found

I think I will move to QNAP and ask their support - in the end I think it might be the QNAP that is inhibiting my plan.

Thank you once more for your support and advice.

Cheers
Paul