Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
- # Private Internet Access Advanced Port Forward Script for pfSense
- # v1.0 (21st January 2014)
- # v2.0 Code for pfSense 2.3.1_1 (30th May 2016) - by Grehund
- # Pre-requisites for this version of the script:
- # pfSense v2.3.1
- # curl - pkg install curl
- # xmlstarlet - pkg install xmlstarlet
- # Add your PIA username and password
- USERNAME="username"
- PASSWORD="password"
- PIACLIENTID=/cf/conf/pia_client_id
- CONFFILE=/cf/conf/config.xml
- # Check to see if we have a valid PIA Client ID file.
- # If not, create one. Linux is included for illustration only.
- if [ ! -e $PIACLIENTID ]; then
- # OSX/FreeBSD (pfSense)
- head -n 100 /dev/urandom | md5 > $PIACLIENTID
- # Linux
- #head -n 100 /dev/urandom | md5sum | tr -d " -" > $PIACLIENTID
- logger "pia-port: Created new PIA Client ID."
- fi
- # Find out the tunnelling device for your VPN and get your IP address.
- # There are several options presented here. Personally, I prefer to use
- # the interface which I know relates to my VPN tunnel for forwarding.
- #DEVICE=`ifconfig | grep -o "tun[0-9]"`
- #LOCAL_IP=`ifconfig $DEVICE | grep -Po "(?<=addr.)[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*"`
- LOCAL_IP=`ifconfig ovpnc2 | grep inet | awk 'NR>1 {print $2}'`
- # Get the port number for the forwarded port
- PORT=`curl -d "user=$USERNAME&pass=$PASSWORD&client_id=$(cat $PIACLIENTID)&local_ip=$LOCAL_IP" https://www.privateinternetaccess.com/vpninfo/port_forward_assignment`
- PORTNUM=`echo $PORT | grep -oE "[0-9]+"`
- # Some error detection. If PORTNUM is longer than 5 characters, we know that
- # an error has been returned. We log it to syslog, and exit.
- len=`expr $PORTNUM : '.*'`
- echo $len
- if [ $len -gt 5 ]; then
- logger "pia-port: $PORTNUM"
- exit 0
- fi
- logger "pia-port: Port number acquired: $PORTNUM"
- # Get current NAT port number using xmlstarlet to parse the config file.
- CURPORT=`xml sel -t -v '//rule[descr="NAT Torrent"]/destination/port' $CONFFILE`
- logger "pia-port: Current port forward: $CURPORT"
- # The port mapping doesn't always change.
- # We don't want to force pfSense to re-read it's config if we don't need to.
- if [ "$CURPORT" = "$PORTNUM" ]; then
- logger "pia-port: Port not changed. Exiting."
- exit 0
- fi
- # Port forward has changed, so we update the rules in the config file.
- xml ed -u '//rule[descr="Torrent"]/destination/port' -v $PORTNUM -u '//rule[descr="Torrent"]/local-port' -v $PORTNUM -u '//rule[descr="NAT Torrent"]/destination/port' -v $PORTNUM $CONFFILE > /tmp/config.pia
- # Put the config file in the correct location.
- cp /tmp/config.pia $CONFFILE
- # Create a file in the pfSense web server root that contains the current port.
- # This can then be read by other hosts in order to update the open port in
- # whatever torrent client is in use.
- echo $PORTNUM > /usr/local/www/pia_port.txt
- # Force pfSense to re-read it's config
- rm /tmp/config.cache
- logger "pia-port: New port number ($PORTNUM) inserted into config file."
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement