From f4b618cb94740bffcb32686971a8367f7e3909b6 Mon Sep 17 00:00:00 2001
From: Quentin McGaw <quentin.mcgaw@gmail.com>
Date: Mon, 9 Sep 2019 12:34:05 -0400
Subject: [PATCH] Additional port forwarding parameters checks in entrypoint

---
 README.md     |  4 ++--
 entrypoint.sh | 14 ++++++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 0dd3c781..e3686f49 100644
--- a/README.md
+++ b/README.md
@@ -156,8 +156,8 @@ docker run --rm --network=container:pia alpine:3.10 wget -qO- https://ipinfo.io
 | `BLOCK_NSA` | `off` | `on` or `off`, blocks NSA hostnames |
 | `UNBLOCK` | | comma separated string (i.e. `web.com,web2.ca`) to unblock hostnames |
 | `EXTRA_SUBNETS` | | comma separated subnets allowed in the container firewall (i.e. `192.168.1.0/24,192.168.10.121,10.0.0.5/28`) |
-| `PORT_FORWARDING` | false | Set to `true` to read the forwarded port |
-| `PORT_FORWARDING_STATUS_FILE` | /forwarded_port | Set to the file where you want to write the forwarded port |
+| `PORT_FORWARDING` | `off` | Set to `on` to forward a port on PIA server |
+| `PORT_FORWARDING_STATUS_FILE` | `/forwarded_port` | File path to store the forwarded port number |
 | `PROXY` | `on` | `on` or `off`, to switch the internal HTTP proxy |
 | `PROXY_LOG_LEVEL` | `Critical` | `Info`, `Warning`, `Error` or `Critical` |
 | `PROXY_PORT` | `8888` | `1024` to `65535` internal port for HTTP proxy |
diff --git a/entrypoint.sh b/entrypoint.sh
index 0e1da1d2..d4b1488b 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -51,6 +51,12 @@ printf "Unbound version: $(unbound -h | grep "Version" | cut -d" " -f2)\n"
 printf "Iptables version: $(iptables --version | cut -d" " -f2)\n"
 printf "TinyProxy version: $(tinyproxy -v | cut -d" " -f2)\n"
 
+############################################
+# BACKWARD COMPATIBILITY PARAMETERS
+############################################
+[ "$PORT_FORWARDING" == "false" ] && PORT_FORWARDING=on
+[ "$PORT_FORWARDING" == "true" ] && PORT_FORWARDING=off
+
 ############################################
 # CHECK PARAMETERS
 ############################################
@@ -79,6 +85,11 @@ if [ "$DOT" == "off" ]; then
     exit 1
   fi
 fi
+exitIfNotIn PORT_FORWARDING "on,off"
+if [ "$PORT_FORWARDING" == "on" && -z "$PORT_FORWARDING_STATUS_FILE" ]; then
+  printf "PORT_FORWARDING is on but PORT_FORWARDING_STATUS_FILE is not set\n"
+  exit 1
+fi
 exitIfNotIn PROXY "on,off"
 exitIfNotIn PROXY_LOG_LEVEL "Info,Warning,Error,Critical"
 if [ -z $PROXY_PORT ]; then
@@ -130,6 +141,9 @@ if [ "$PROXY" = "on" ]; then
   printf " * Web proxy has authentication: $proxy_auth\n"
   unset -v proxy_auth
 fi
+printf "PIA parameters:\n"
+printf " * Remote port forwarding: $PORT_FORWARDING\n"
+[ "$PORT_FORWARDING" == "on" ] && printf " * Remote port forwarding status file: $PORT_FORWARDING_STATUS_FILE\n"
 printf "\n"
 
 #####################################################