admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix/improve port forwarding handling

Browse Source
This commit is contained in:
Gauthier Delacroix
2019-07-15 22:02:40 +02:00
parent e4336c02d7
commit 55492015cb
4 changed files with 26 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
portforward.sh
View File

@@ -11,6 +11,7 @@ exitOnError(){
fi
}
printf "[INFO] Reading forwarded port\n"
client_id=`head -n 100 /dev/urandom | sha256sum | tr -d " -"`
exitOnError $?
json=`wget -qO- "http://209.222.18.222:2000/?client_id=$client_id" 2>/dev/null`
@@ -19,16 +20,20 @@ if [ "$json" == "" ]; then
printf "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding\n"
exit 1
fi
port=`echo $json | grep -Eo [0-9]{3,5}`
port=`echo $json | jq .port`
port_file="/forwarded_port"
echo "$port" > $port_file
printf " * Written forwarded port to $port_file\n"
ip=`wget -qO- https://diagnostic.opendns.com/myip`
exitOnError $?
printf "Forwarded port for IP $ip is: $port\n"
printf "Detecting target VPN interface..."
printf " * Forwarded port for IP $ip is: $port\n"
printf " * Detecting target VPN interface..."
TARGET_PATH="/openvpn/target"
vpn_device=$(cat $TARGET_PATH/config.ovpn | grep 'dev ' | cut -d" " -f 2)0
exitOnError $?
printf "$vpn_device\n"
printf "Accepting input traffic through $vpn_device to port $port..."
iptables -A INPUT -i $vpn_device --dport $PORT -j ACCEPT
printf " * Accepting input traffic through $vpn_device to port $port..."
iptables -A INPUT -i $vpn_device -p tcp --dport $port -j ACCEPT
iptables -A INPUT -i $vpn_device -p udp --dport $port -j ACCEPT
exitOnError $?
printf "DONE\n"