I'm using namespaced-openvpn to ensure that my torrent traffic in deluge is always behind a VPN. A modified script from this blog post helped to connect the VPN namespace to the real network:
ip link add vpn0 type veth peer name vpn1
ip link set vpn0 up
ip link set vpn1 netns <NS-NAME> up
ip addr add 10.200.200.1/24 dev vpn0
ip netns exec <NS-NAME> ip addr add 10.200.200.2/24 dev vpn1
ip netns exec <NS-NAME> ip route add default via 10.200.200.1 dev vpn1
iptables -A INPUT \! -i vpn0 -s 10.200.200.0/24 -j DROP
iptables -t nat -A POSTROUTING -s 10.200.200.0/24 -o en+ -j MASQUERADE
sysctl -q net.ipv4.ip_forward=1
Deluge can then be started in the namespace:
sudo ip netns exec <NS-NAME> sudo -u $USER deluged
I initially used this question and answer to run both the deluge daemon and deluge-web in the same namespace and simply forward requests to the web ui port with socat:
socat tcp-listen:8112,reuseaddr,fork tcp-connect:10.200.200.2:8112
This works fine for using deluge normally, but for scripting reason I need access to the daemon itself, so I moved deluge-web out of the namespace and tried the following command for the daemon port:
socat tcp-listen:58846,reuseaddr,fork tcp-connect:10.200.200.2:58846
But when trying to reach the daemon through the web UI socat produces the following error:
2019/04/07 18:40:47 socat[13957] E connect(5, AF=2 10.200.200.2:58846, 16): Connection refused
Using this python library to connect to the daemon like so:
from deluge_client import DelugeRPCClient
client = DelugeRPCClient('127.0.0.1', 58846, 'user', 'pw')
client.connect()
throws the error:
File "/usr/lib/python3.6/ssl.py", line 1109, in connect
self._real_connect(addr, False)
File "/usr/lib/python3.6/ssl.py", line 1100, in _real_connect
self.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:847)
