Skip to content

Instantly share code, notes, and snippets.

@Droid-MAX
Forked from veltlion/natter-hook.sh
Created March 13, 2023 06:36
Show Gist options
  • Save Droid-MAX/0643f2ac08209c5d06943ca5d56ed467 to your computer and use it in GitHub Desktop.
Save Droid-MAX/0643f2ac08209c5d06943ca5d56ed467 to your computer and use it in GitHub Desktop.
Natter/NATMap 打洞后自动更新 qBittorrent/Transmission 监听端口和 OpenWrt 防火墙规则并推送到 Telegram
#!/bin/sh
# Natter
protocol=$1
inner_ip=$2
inner_port=$3
outter_ip=$4
outter_port=$5
# ipv4hex=$(printf '%02x' ${outter_ip//./ })
# ip4p="2001::$(printf '%2x' ${outter_port}):${ipv4hex:0:4}:${ipv4hex:4}"
# # NATMap
# protocol=$5
# inner_ip="{Internal_IP}"
# inner_port=$4
# outter_ip=$1
# outter_port=$2
# ip4p=$3
# echo "[Script] - Upload to server: ${protocol}: ${inner_ip}:${inner_port} -> ${outter_ip}:${outter_port}"
# Write your upload script below...
logger -t "Natter" "Upload to server: ${protocol}: ${inner_ip}:${inner_port} -> ${outter_ip}:${outter_port}"
case ${inner_port} in
# qBittorrent
8089)
qbv4="10.0.0.6"
qbv6="::f6a8:7191:70b2:8c47/::ffff:ffff:ffff:ffff ::1eaf/::ffff:ffff:ffff:ffff"
qbwebport="9080"
qbusername=""
qbpassword=""
# ipv6 allow
uci set firewall.allowqbv6=rule
uci set firewall.allowqbv6.name='Allow-qBittorrent'
uci set firewall.allowqbv6.src='wan'
uci set firewall.allowqbv6.dest='lan'
uci set firewall.allowqbv6.target='ACCEPT'
uci set firewall.allowqbv6.dest_ip="${qbv6}"
uci set firewall.allowqbv6.family='ipv6'
uci set firewall.allowqbv6.dest_port="${outter_port}"
# ipv4 redirect
uci set firewall.redirectqbv4=redirect
uci set firewall.redirectqbv4.name='qBittorrent'
uci set firewall.redirectqbv4.proto='tcp'
uci set firewall.redirectqbv4.src='wan'
uci set firewall.redirectqbv4.dest='lan'
uci set firewall.redirectqbv4.target='DNAT'
uci set firewall.redirectqbv4.src_dport="${inner_port}"
uci set firewall.redirectqbv4.dest_ip="${qbv4}"
uci set firewall.redirectqbv4.dest_port="${outter_port}"
# reload
uci commit firewall
/etc/init.d/firewall reload
sleep 3
# update port
while true; do
tcping -c1 -p${qbwebport} ${qbv4} >/dev/null
if [ $? -eq 0 ]; then
qbcookie=$(\
curl -Ssi -X POST \
-d "username=${qbusername}&password=${qbpassword}" \
"http://${qbv4}:${qbwebport}/api/v2/auth/login" | \
sed -n 's/.*\(SID=.\{32\}\);.*/\1/p' )
curl -X POST \
-b "${qbcookie}" \
-d 'json={"listen_port":"'${outter_port}'"}' \
"http://${qbv4}:${qbwebport}/api/v2/app/setPreferences"
text="[Natter] qBittorrent TCP Port:\n${outter_ip}:${outter_port} -> ${inner_ip}:${inner_port} -> $(uci get firewall.redirectqbv4.dest_ip):$(uci get firewall.redirectqbv4.dest_port)"
break
fi
sleep 3
done
;;
# Transmission
8091)
trv4="10.0.0.6"
trv6="::f6a8:7191:70b2:8c47/::ffff:ffff:ffff:ffff ::1eaf/::ffff:ffff:ffff:ffff"
trwebport="9091"
trusername=""
trpassword=""
# ipv6 allow
uci set firewall.allowtrv6=rule
uci set firewall.allowtrv6.name='Allow-Transmission'
uci set firewall.allowtrv6.src='wan'
uci set firewall.allowtrv6.dest='lan'
uci set firewall.allowtrv6.target='ACCEPT'
uci set firewall.allowtrv6.dest_ip="${trv6}"
uci set firewall.allowtrv6.family='ipv6'
uci set firewall.allowtrv6.dest_port="${outter_port}"
# ipv4 redirect
uci set firewall.redirecttrv4=redirect
uci set firewall.redirecttrv4.name='Redirect-Transmission'
uci set firewall.redirecttrv4.proto='tcp'
uci set firewall.redirecttrv4.src='wan'
uci set firewall.redirecttrv4.dest='lan'
uci set firewall.redirecttrv4.target='DNAT'
uci set firewall.redirecttrv4.src_dport="${inner_port}"
uci set firewall.redirecttrv4.dest_ip="${trv4}"
uci set firewall.redirecttrv4.dest_port="${outter_port}"
# reload
uci commit firewall
/etc/init.d/firewall reload
sleep 3
# update port
while true; do
tcping -c1 -p${trwebport} ${trv4} >/dev/null
if [ $? -eq 0 ]; then
if [ -n ${trusername} ]; then
trauth="-u $trusername:$trpassword"
fi
trsid=$(curl -s $trauth http://${trv4}:${trwebport}/transmission/rpc | sed 's/.*<code>//g;s/<\/code>.*//g')
curl -X POST \
-H "${trsid}" $trauth \
-d '{"method":"session-set","arguments":{"peer-port":'${outter_port}'}}' \
"http://${trv4}:${trwebport}/transmission/rpc"
text="[Natter] Transmission TCP Port:\n${outter_ip}:${outter_port} -&gt; ${inner_ip}:${inner_port} -&gt; $(uci get firewall.redirecttrv4.dest_ip):$(uci get firewall.redirecttrv4.dest_port)"
break
fi
sleep 3
done
;;
*)
text="[Natter] Upload to server: ${protocol}: ${inner_ip}:${inner_port} -&gt; ${outter_ip}:${outter_port}"
;;
esac
tgid=""
bottoken=""
if [ "${text}" ]; then
echo "${text}"
logger -t "Natter" "${text}"
curl -Ss -o /dev/null -X POST \
-H 'Content-Type: application/json' \
-d '{"chat_id": "'${tgid}'", "text": "'"${text}"'", "parse_mode": "HTML", "disable_notification": "false"}' \
"https://api.telegram.org/bot${bottoken}/sendMessage"
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment