Feature request: send ports forwarded to control server

[jagaimoworks]

What's the feature 🧐

I suggest adding runtime control of the forwarded ports to the control server.

This would greatly improve the users ability to create their own port forwarding solutions for VPN providers that have no native port forwarding implementation within Gluetun (i.e. Perfect Privacy #2368).

Extra information and references

No response

[github-actions]

@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:

• do not ask for updates, be patient
• 👍 the issue to show your support instead of commenting
  @qdm12 usually checks issues at least once a week, if this is a new urgent bug,
  revert to an older tagged container image

[qdm12]

I suggest adding runtime control of the forwarded ports to the control server.

I'm not sure I follow what you request here? 🤔
Do you mean for example running a script when the tunnel is up? If so there is #1785 which I should do sometime soon hopefully.

[jagaimoworks]

The basic idea was to implement a HTTP PUT route for the port forwarded API endpoint. With this people could implement external solutions for their port forwarding scenario where Gluetun doesn´t yet support the provider, like running their own scripts in another container and controlling Gluetun from there.

However, seeing how fast support for Perfect Privacy got implemented there probably is no need for this feature,
assuming other VPN providers can get similar treatment when requested.

Lastly, #1785 would definitely allow for custom solutions like this, but being able to use the Control Server API to control Gluetun externally seems generally more elegant to me, especially as with scripting within the Gluetun container people would need to install all the additional tools they would want to use within their scripts.

[qdm12]

The basic idea was to implement a HTTP PUT route for the port forwarded API endpoint

Can you give an example? Let's say for perfect privacy, how would you apply this? 🤔
It might be simpler to just do a pull request and add the functionality in the Go code directly maybe? If so, I would need to add documentation on how to do it, which would be a good addition anyway (even for my future self 😄)

[jagaimoworks]

In the case of Perfect Privacy one could create an additional container connected to Gluetun and monitor the internal tunnel address changes. When a change happens you run Perfect Privacy's script to calculate the new forwarded ports and then PUT them at /v1/openvpn/portforwarded with {"port":[12345,12346,12347]} as the request body. Gluetun should then update its firewall and settings accordingly.

Alas, my proficiency with Go as well as my understanding of the port forwarding code still needs quite a bit of work before I would attempt a pull request. 😅

[qdm12]

That's interesting. The current workarounds are implement the code in Go in Gluetun AND use FIREWALL_VPN_INPUT_PORTS to specify forwarded ports at start. But indeed, with this, you could have the logic of perfect privacy port forwarding request in another container and send it to Gluetun. Good idea! Not a priority though, but I'll eventually do it 😉