Add NAT-PMP for ProtonVPN

qdm12 · Apr 23, 2023 · 7928847 · 7928847
1 parent ca8aea5
commit 7928847
Show file tree

Hide file tree

Showing 6 changed files with 122 additions and 15 deletions.
diff --git a/internal/portforward/run.go b/internal/portforward/run.go
@@ -34,8 +34,8 @@ func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
 			portCh <- port
 
 			// Infinite loop
-			err = startData.PortForwarder.KeepPortForward(ctx,
-				startData.Gateway, startData.ServerName)
+			err = startData.PortForwarder.KeepPortForward(ctx, port,
+				startData.Gateway, startData.ServerName, l.logger)
 			errorCh <- err
 		}(pfCtx, startData)
 

diff --git a/internal/provider/privateinternetaccess/portforward.go b/internal/provider/privateinternetaccess/portforward.go
@@ -90,8 +90,8 @@ var (
 	ErrPortForwardedExpired = errors.New("port forwarded data expired")
 )
 
-func (p *Provider) KeepPortForward(ctx context.Context,
-	gateway net.IP, serverName string) (err error) {
+func (p *Provider) KeepPortForward(ctx context.Context, _ uint16,
+	gateway net.IP, serverName string, _ utils.Logger) (err error) {
 	privateIPClient, err := newHTTPClient(serverName)
 	if err != nil {
 		return fmt.Errorf("creating custom HTTP client: %w", err)

diff --git a/internal/provider/protonvpn/portforward.go b/internal/provider/protonvpn/portforward.go
@@ -0,0 +1,109 @@
+package protonvpn
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"time"
+
+	"github.com/qdm12/gluetun/internal/natpmp"
+	"github.com/qdm12/gluetun/internal/provider/utils"
+	"inet.af/netaddr"
+)
+
+var (
+	ErrGatewayIPNotValid = errors.New("gateway IP address is not valid")
+	ErrGatewayIPIsNil    = errors.New("gateway IP address is nil")
+)
+
+// PortForward obtains a VPN server side port forwarded from ProtonVPN gateway.
+func (p *Provider) PortForward(ctx context.Context, _ *http.Client,
+	logger utils.Logger, gateway net.IP, _ string) (
+	port uint16, err error) {
+	gatewayAddress, ok := netaddr.FromStdIP(gateway)
+	if !ok {
+		return 0, fmt.Errorf("%w: %s", ErrGatewayIPNotValid, gateway)
+	}
+
+	if gatewayAddress.IsZero() {
+		return 0, fmt.Errorf("%w", ErrGatewayIPIsNil)
+	}
+
+	client := natpmp.New()
+	_, externalIPv4Address, err := client.ExternalAddress(ctx,
+		gatewayAddress)
+	if err != nil {
+		return 0, fmt.Errorf("getting external IPv4 address: %w", err)
+	}
+
+	logger.Info("gateway external IPv4 address is " + externalIPv4Address.String())
+	const networkProtocol = "udp"
+	const internalPort, externalPort = 0, 0
+	const lifetime = 60 * time.Second
+	_, assignedInternalPort, assignedExternalPort, assignedLiftetime, err :=
+		client.AddPortMapping(ctx, gatewayAddress, networkProtocol,
+			internalPort, externalPort, lifetime)
+	if err != nil {
+		return 0, fmt.Errorf("adding port mapping: %w", err)
+	}
+
+	if assignedLiftetime != lifetime {
+		logger.Warn(fmt.Sprintf("assigned lifetime %s differs"+
+			" from requested lifetime %s",
+			assignedLiftetime, lifetime))
+	}
+
+	if assignedInternalPort != assignedExternalPort {
+		logger.Warn(fmt.Sprintf("internal port assigned %d differs"+
+			" from external port assigned %d",
+			assignedInternalPort, assignedExternalPort))
+	}
+
+	port = assignedExternalPort
+	return port, nil
+}
+
+func (p *Provider) KeepPortForward(ctx context.Context, port uint16,
+	gateway net.IP, _ string, logger utils.Logger) (err error) {
+	gatewayAddress, ok := netaddr.FromStdIP(gateway)
+	if !ok {
+		return fmt.Errorf("%w: %s", ErrGatewayIPNotValid, gateway)
+	}
+
+	client := natpmp.New()
+	const refreshTimeout = 45 * time.Second
+	timer := time.NewTimer(refreshTimeout)
+	for {
+		select {
+		case <-ctx.Done():
+			return ctx.Err()
+		case <-timer.C:
+		}
+
+		const networkProtocol = "udp"
+		const internalPort = 0
+		const lifetime = 60 * time.Second
+		_, assignedInternalPort, assignedExternalPort, assignedLiftetime, err :=
+			client.AddPortMapping(ctx, gatewayAddress, networkProtocol,
+				internalPort, port, lifetime)
+		if err != nil {
+			return fmt.Errorf("adding port mapping: %w", err)
+		}
+
+		if assignedLiftetime != lifetime {
+			logger.Warn(fmt.Sprintf("assigned lifetime %s differs"+
+				" from requested lifetime %s",
+				assignedLiftetime, lifetime))
+		}
+
+		if assignedInternalPort != assignedExternalPort {
+			logger.Warn(fmt.Sprintf("internal port assigned %d differs"+
+				" from external port assigned %d",
+				assignedInternalPort, assignedExternalPort))
+		}
+
+		timer.Reset(refreshTimeout)
+	}
+}
diff --git a/internal/provider/protonvpn/provider.go b/internal/provider/protonvpn/provider.go
@@ -7,23 +7,20 @@ import (
 	"github.com/qdm12/gluetun/internal/constants/providers"
 	"github.com/qdm12/gluetun/internal/provider/common"
 	"github.com/qdm12/gluetun/internal/provider/protonvpn/updater"
-	"github.com/qdm12/gluetun/internal/provider/utils"
 )
 
 type Provider struct {
 	storage    common.Storage
 	randSource rand.Source
-	utils.NoPortForwarder
 	common.Fetcher
 }
 
 func New(storage common.Storage, randSource rand.Source,
 	client *http.Client, updaterWarner common.Warner) *Provider {
 	return &Provider{
-		storage:         storage,
-		randSource:      randSource,
-		NoPortForwarder: utils.NewNoPortForwarding(providers.Protonvpn),
-		Fetcher:         updater.New(client, updaterWarner),
+		storage:    storage,
+		randSource: randSource,
+		Fetcher:    updater.New(client, updaterWarner),
 	}
 }
 

diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -24,6 +24,6 @@ type PortForwarder interface {
 	PortForward(ctx context.Context, client *http.Client,
 		logger utils.Logger, gateway net.IP, serverName string) (
 		port uint16, err error)
-	KeepPortForward(ctx context.Context, gateway net.IP,
-		serverName string) (err error)
+	KeepPortForward(ctx context.Context, port uint16, gateway net.IP,
+		serverName string, _ utils.Logger) (err error)
 }
diff --git a/internal/provider/utils/noportforward.go b/internal/provider/utils/noportforward.go
@@ -12,8 +12,8 @@ type NoPortForwarder interface {
 	PortForward(ctx context.Context, client *http.Client,
 		logger Logger, gateway net.IP, serverName string) (
 		port uint16, err error)
-	KeepPortForward(ctx context.Context, gateway net.IP,
-		serverName string) (err error)
+	KeepPortForward(ctx context.Context, port uint16, gateway net.IP,
+		serverName string, logger Logger) (err error)
 }
 
 type NoPortForwarding struct {
@@ -33,6 +33,7 @@ func (n *NoPortForwarding) PortForward(context.Context, *http.Client,
 	return 0, fmt.Errorf("%w: for %s", ErrPortForwardingNotSupported, n.providerName)
 }
 
-func (n *NoPortForwarding) KeepPortForward(context.Context, net.IP, string) (err error) {
+func (n *NoPortForwarding) KeepPortForward(context.Context, uint16, net.IP,
+	string, Logger) (err error) {
 	return fmt.Errorf("%w: for %s", ErrPortForwardingNotSupported, n.providerName)
 }