admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added port forwarding, fixes #14

Browse Source
This commit is contained in:
Quentin McGaw
2019-06-26 17:24:10 +02:00
parent fc177675ad
commit 62f4cc56b4
3 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@@ -57,9 +57,9 @@ RUN apk add -q --progress --no-cache --update openvpn wget ca-certificates iptab
tar -cjf /etc/unbound/blocks-nsa.bz2 blocks-nsa.conf && \ tar -cjf /etc/unbound/blocks-nsa.bz2 blocks-nsa.conf && \
rm -f /tmp/* rm -f /tmp/*
COPY unbound.conf /etc/unbound/unbound.conf COPY unbound.conf /etc/unbound/unbound.conf
COPY entrypoint.sh healthcheck.sh / COPY entrypoint.sh healthcheck.sh portforward.sh /
RUN chown nonrootuser -R /etc/unbound && \ RUN chown nonrootuser -R /etc/unbound && \
chmod 700 /etc/unbound && \ chmod 700 /etc/unbound && \
chmod 600 /etc/unbound/unbound.conf && \ chmod 600 /etc/unbound/unbound.conf && \
chmod 500 /entrypoint.sh /healthcheck.sh && \ chmod 500 /entrypoint.sh /healthcheck.sh /portforward.sh && \
chmod 400 /etc/unbound/root.hints /etc/unbound/root.key /etc/unbound/*.bz2 chmod 400 /etc/unbound/root.hints /etc/unbound/root.key /etc/unbound/*.bz2

14
README.md
View File

@@ -54,6 +54,7 @@
- Unbound DNS runs *without root* - Unbound DNS runs *without root*
- OpenVPN can run *without root* but this disallows OpenVPN reconnecting, it can be set with `NONROOT=yes` - OpenVPN can run *without root* but this disallows OpenVPN reconnecting, it can be set with `NONROOT=yes`
- **ARM** compatible - **ARM** compatible
- Port forwarding
## Setup ## Setup
@@ -332,6 +333,18 @@ There are various ways to achieve this, depending on your use case.
</p></details> </p></details>
## Port forwarding
On a running PIA container, say `pia`, simply run:
```sh
docker exec -it pia /portforward.sh
```
And it will indicate you the port forwarded for your current public IP address.
Note that not all regions support port forwarding.
## For the paranoids ## For the paranoids
- You can review the code which essential consists in the [Dockerfile](https://github.com/qdm12/private-internet-access-docker/blob/master/Dockerfile) and [entrypoint.sh](https://github.com/qdm12/private-internet-access-docker/blob/master/entrypoint.sh) - You can review the code which essential consists in the [Dockerfile](https://github.com/qdm12/private-internet-access-docker/blob/master/Dockerfile) and [entrypoint.sh](https://github.com/qdm12/private-internet-access-docker/blob/master/entrypoint.sh)
@@ -349,7 +362,6 @@ There are various ways to achieve this, depending on your use case.
## TODOs ## TODOs
- [ ] Tiny proxy for LAN devices to use the container - [ ] Tiny proxy for LAN devices to use the container
- [ ] Port forwarding
## License ## License

11
portforward.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
client_id=`head -n 100 /dev/urandom | sha256sum | tr -d " -"`
json=`wget -qO- "http://209.222.18.222:2000/?client_id=$client_id" 2>/dev/null`
if [ "$json" == "" ]; then
printf "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding\n"
exit 1
fi
port=`echo $json | grep -Eo [0-9]{3,5}`
ip=`wget -qO- https://diagnostic.opendns.com/myip`
printf "Forwarded port for IP $ip is: $port\n"