-
-
Save Droid-MAX/0643f2ac08209c5d06943ca5d56ed467 to your computer and use it in GitHub Desktop.
Natter/NATMap 打洞后自动更新 qBittorrent/Transmission 监听端口和 OpenWrt 防火墙规则并推送到 Telegram
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Natter | |
protocol=$1 | |
inner_ip=$2 | |
inner_port=$3 | |
outter_ip=$4 | |
outter_port=$5 | |
# ipv4hex=$(printf '%02x' ${outter_ip//./ }) | |
# ip4p="2001::$(printf '%2x' ${outter_port}):${ipv4hex:0:4}:${ipv4hex:4}" | |
# # NATMap | |
# protocol=$5 | |
# inner_ip="{Internal_IP}" | |
# inner_port=$4 | |
# outter_ip=$1 | |
# outter_port=$2 | |
# ip4p=$3 | |
# echo "[Script] - Upload to server: ${protocol}: ${inner_ip}:${inner_port} -> ${outter_ip}:${outter_port}" | |
# Write your upload script below... | |
logger -t "Natter" "Upload to server: ${protocol}: ${inner_ip}:${inner_port} -> ${outter_ip}:${outter_port}" | |
case ${inner_port} in | |
# qBittorrent | |
8089) | |
qbv4="10.0.0.6" | |
qbv6="::f6a8:7191:70b2:8c47/::ffff:ffff:ffff:ffff ::1eaf/::ffff:ffff:ffff:ffff" | |
qbwebport="9080" | |
qbusername="" | |
qbpassword="" | |
# ipv6 allow | |
uci set firewall.allowqbv6=rule | |
uci set firewall.allowqbv6.name='Allow-qBittorrent' | |
uci set firewall.allowqbv6.src='wan' | |
uci set firewall.allowqbv6.dest='lan' | |
uci set firewall.allowqbv6.target='ACCEPT' | |
uci set firewall.allowqbv6.dest_ip="${qbv6}" | |
uci set firewall.allowqbv6.family='ipv6' | |
uci set firewall.allowqbv6.dest_port="${outter_port}" | |
# ipv4 redirect | |
uci set firewall.redirectqbv4=redirect | |
uci set firewall.redirectqbv4.name='qBittorrent' | |
uci set firewall.redirectqbv4.proto='tcp' | |
uci set firewall.redirectqbv4.src='wan' | |
uci set firewall.redirectqbv4.dest='lan' | |
uci set firewall.redirectqbv4.target='DNAT' | |
uci set firewall.redirectqbv4.src_dport="${inner_port}" | |
uci set firewall.redirectqbv4.dest_ip="${qbv4}" | |
uci set firewall.redirectqbv4.dest_port="${outter_port}" | |
# reload | |
uci commit firewall | |
/etc/init.d/firewall reload | |
sleep 3 | |
# update port | |
while true; do | |
tcping -c1 -p${qbwebport} ${qbv4} >/dev/null | |
if [ $? -eq 0 ]; then | |
qbcookie=$(\ | |
curl -Ssi -X POST \ | |
-d "username=${qbusername}&password=${qbpassword}" \ | |
"http://${qbv4}:${qbwebport}/api/v2/auth/login" | \ | |
sed -n 's/.*\(SID=.\{32\}\);.*/\1/p' ) | |
curl -X POST \ | |
-b "${qbcookie}" \ | |
-d 'json={"listen_port":"'${outter_port}'"}' \ | |
"http://${qbv4}:${qbwebport}/api/v2/app/setPreferences" | |
text="[Natter] qBittorrent TCP Port:\n${outter_ip}:${outter_port} -> ${inner_ip}:${inner_port} -> $(uci get firewall.redirectqbv4.dest_ip):$(uci get firewall.redirectqbv4.dest_port)" | |
break | |
fi | |
sleep 3 | |
done | |
;; | |
# Transmission | |
8091) | |
trv4="10.0.0.6" | |
trv6="::f6a8:7191:70b2:8c47/::ffff:ffff:ffff:ffff ::1eaf/::ffff:ffff:ffff:ffff" | |
trwebport="9091" | |
trusername="" | |
trpassword="" | |
# ipv6 allow | |
uci set firewall.allowtrv6=rule | |
uci set firewall.allowtrv6.name='Allow-Transmission' | |
uci set firewall.allowtrv6.src='wan' | |
uci set firewall.allowtrv6.dest='lan' | |
uci set firewall.allowtrv6.target='ACCEPT' | |
uci set firewall.allowtrv6.dest_ip="${trv6}" | |
uci set firewall.allowtrv6.family='ipv6' | |
uci set firewall.allowtrv6.dest_port="${outter_port}" | |
# ipv4 redirect | |
uci set firewall.redirecttrv4=redirect | |
uci set firewall.redirecttrv4.name='Redirect-Transmission' | |
uci set firewall.redirecttrv4.proto='tcp' | |
uci set firewall.redirecttrv4.src='wan' | |
uci set firewall.redirecttrv4.dest='lan' | |
uci set firewall.redirecttrv4.target='DNAT' | |
uci set firewall.redirecttrv4.src_dport="${inner_port}" | |
uci set firewall.redirecttrv4.dest_ip="${trv4}" | |
uci set firewall.redirecttrv4.dest_port="${outter_port}" | |
# reload | |
uci commit firewall | |
/etc/init.d/firewall reload | |
sleep 3 | |
# update port | |
while true; do | |
tcping -c1 -p${trwebport} ${trv4} >/dev/null | |
if [ $? -eq 0 ]; then | |
if [ -n ${trusername} ]; then | |
trauth="-u $trusername:$trpassword" | |
fi | |
trsid=$(curl -s $trauth http://${trv4}:${trwebport}/transmission/rpc | sed 's/.*<code>//g;s/<\/code>.*//g') | |
curl -X POST \ | |
-H "${trsid}" $trauth \ | |
-d '{"method":"session-set","arguments":{"peer-port":'${outter_port}'}}' \ | |
"http://${trv4}:${trwebport}/transmission/rpc" | |
text="[Natter] Transmission TCP Port:\n${outter_ip}:${outter_port} -> ${inner_ip}:${inner_port} -> $(uci get firewall.redirecttrv4.dest_ip):$(uci get firewall.redirecttrv4.dest_port)" | |
break | |
fi | |
sleep 3 | |
done | |
;; | |
*) | |
text="[Natter] Upload to server: ${protocol}: ${inner_ip}:${inner_port} -> ${outter_ip}:${outter_port}" | |
;; | |
esac | |
tgid="" | |
bottoken="" | |
if [ "${text}" ]; then | |
echo "${text}" | |
logger -t "Natter" "${text}" | |
curl -Ss -o /dev/null -X POST \ | |
-H 'Content-Type: application/json' \ | |
-d '{"chat_id": "'${tgid}'", "text": "'"${text}"'", "parse_mode": "HTML", "disable_notification": "false"}' \ | |
"https://api.telegram.org/bot${bottoken}/sendMessage" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment