internal/pia/portforward.go

package pia

import (
	"encoding/hex"
	"encoding/json"
	"fmt"

	"github.com/qdm12/private-internet-access-docker/internal/constants"
	"github.com/qdm12/private-internet-access-docker/internal/models"
)

func (c *configurator) GetPortForward() (port uint16, err error) {
	c.logger.Info("%s: Obtaining port to be forwarded", logPrefix)
	b, err := c.random.GenerateRandomBytes(32)
	if err != nil {
		return 0, err
	}
	clientID := hex.EncodeToString(b)
	url := fmt.Sprintf("%s/?client_id=%s", constants.PIAPortForwardURL, clientID)
	content, status, err := c.client.GetContent(url)
	if err != nil {
		return 0, err
	} else if status != 200 {
		return 0, fmt.Errorf("status is %d for %s; does your PIA server support port forwarding?", status, url)
	} else if len(content) == 0 {
		return 0, fmt.Errorf("port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding")
	}
	body := struct {
		Port uint16 `json:"port"`
	}{}
	if err := json.Unmarshal(content, &body); err != nil {
		return 0, fmt.Errorf("port forwarding response: %w", err)
	}
	c.logger.Info("%s: Port forwarded is %d", logPrefix, body.Port)
	return body.Port, nil
}

func (c *configurator) WritePortForward(filepath models.Filepath, port uint16) (err error) {
	c.logger.Info("%s: Writing forwarded port to %s", logPrefix, filepath)
	return c.fileManager.WriteLinesToFile(string(filepath), []string{fmt.Sprintf("%d", port)})
}

func (c *configurator) AllowPortForwardFirewall(device models.VPNDevice, port uint16) (err error) {
	c.logger.Info("%s: Allowing forwarded port %d through firewall", logPrefix, port)
	return c.firewall.AllowInputTrafficOnPort(device, port)
}
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`package pia`

			`import (`
			`"encoding/hex"`
			`"encoding/json"`
			`"fmt"`

			`"github.com/qdm12/private-internet-access-docker/internal/constants"`
			`"github.com/qdm12/private-internet-access-docker/internal/models"`
			`)`

			`func (c *configurator) GetPortForward() (port uint16, err error) {`
			`c.logger.Info("%s: Obtaining port to be forwarded", logPrefix)`
			`b, err := c.random.GenerateRandomBytes(32)`
			`if err != nil {`
			`return 0, err`
			`}`
			`clientID := hex.EncodeToString(b)`
			`url := fmt.Sprintf("%s/?client_id=%s", constants.PIAPortForwardURL, clientID)`
			`content, status, err := c.client.GetContent(url)`
			`if err != nil {`
			`return 0, err`
			`} else if status != 200 {`
			`return 0, fmt.Errorf("status is %d for %s; does your PIA server support port forwarding?", status, url)`
			`} else if len(content) == 0 {`
			`return 0, fmt.Errorf("port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding")`
			`}`
			`body := struct {`
			Port uint16 `json:"port"`
			`}{}`
			`if err := json.Unmarshal(content, &body); err != nil {`
			`return 0, fmt.Errorf("port forwarding response: %w", err)`
			`}`
Fixes #80 2020-02-10 18:14:14 +00:00			`c.logger.Info("%s: Port forwarded is %d", logPrefix, body.Port)`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`return body.Port, nil`
			`}`

			`func (c *configurator) WritePortForward(filepath models.Filepath, port uint16) (err error) {`
			`c.logger.Info("%s: Writing forwarded port to %s", logPrefix, filepath)`
			`return c.fileManager.WriteLinesToFile(string(filepath), []string{fmt.Sprintf("%d", port)})`
			`}`

			`func (c *configurator) AllowPortForwardFirewall(device models.VPNDevice, port uint16) (err error) {`
			`c.logger.Info("%s: Allowing forwarded port %d through firewall", logPrefix, port)`
			`return c.firewall.AllowInputTrafficOnPort(device, port)`
			`}`