manual-connections
manual-connections copied to clipboard
pia-foss
Port_forward with arguments?
Hi, I'm developing a watchdog script that run over my openwrt router.
The idea is simple, every x minutes I check if the wireguard connection is available and if not the script check the best server, change all connection settings and restart the interface.
I want to implement the port-forward too, to make this I've to modify the "original" port_forward script, but in this way I can potentially lose some future upgrade.
Do you think is possible to add to port_forward script arguments? Like this
while getopts ":g:t:h:i:c:" args; do
case ${args} in
g)
PF_GATEWAY=$OPTARG
;;
t)
PIA_TOKEN=$OPTARG
;;
h)
PF_HOSTNAME=$OPTARG
;;
i)
iface=$OPTARG
;;
c)
cacert=$OPTARG
;;
*)
echo "no valid options!"
;;
esac
done
What do you think about it?
I have a feeling this goes a bit out of the scope of the repo. We are trying to make the scripts here cover the most common requirements and at the same time be easy to read and to modify. Maybe you give me more details about your idea and we can think about it. At this point, I think we will only add a PF script that allows you to add PF to an existing OpenVPN connection, to cover this requirement for specific platforms that get OpenVPN through GUI configs, since that had a lot of requests. I do not see the PF scripts going much further than that.
However if you create a fork and extend the functionality of PF in a way that is interesting and useful, we can add it to the list of 3rd Party Repos, especially if you also cover some exotic platform.
Yep, I understand, maybe you right, because I also had to write PF to a file.
Btw, the idea is:
The script is developed for OpenWrt with some opkg package installed, like jq, works like a watchdog daemon, so, check every 120 seconds (configurable) that the wireguard_interface (name configurable) works, pinging through the interface name.
I've a split tunnel but I think that this can work on any configuration too.
If the connection is down, the script get the best server (based on latency) or the configured one (based on region, for example italy) and re-configure the router to make the new connection.
If the port-forward is set to true, the script call the port-forward script and pass arguments to make port-forward possible.
The port-forward script, get the port and write the port to a file (argument received from the watchdog), and when the port-forward expire, the file is removed.
The watchdog script then, when the port is bound, set firewall rules and if present, call a callback file. The callback is only a script, each user can write his own script. This script receives the port-forward number as argument, so for example my callback script set-up my qBittorrent client to use the port-forward
I can make a fork but will only cover the watchdog function with port-forward functionality
Considering how different OpenWRT is from other GNU/Linux distributions, I think the best approach would be to create a totally independent project (not a fork). :smile: However if you manage to adapt these scripts to OpenWRT, that would be an awesome achievement. Current support for OpenWRT is limited, but we hope to improve that in the future.
I feel that this ticket is more a duplicate of https://github.com/pia-foss/manual-connections/issues/5, or a request for an advanced feature that could not fit into the roadmap in the near future. If you agree, I would like to close the ticket, even if we continue the discussion on the topic.
Ok, I finished the script. Like I said is a watchdog script that can establish a port-forward to a specific ip and set basic firewall rules. I can set a project related to this, no problem for me
If you decide to open source your code please leave a message here so that I can have a look cause I am curious.
If it looks good, we can also add it to the 3rd party section.