Add check that natpmpc is installed for ProtonVPN port forwarding

jamesmcm · Nov 4, 2023 · 688cbe3 · 688cbe3
1 parent d1c1967
commit 688cbe3
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 3 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "vopono"
 description = "Launch applications via VPN tunnels using temporary network namespaces"
-version = "0.10.7"
+version = "0.10.8"
 authors = ["James McMurray <[email protected]>"]
 edition = "2021"
 license = "GPL-3.0-or-later"

diff --git a/README.md b/README.md
@@ -43,7 +43,7 @@ lynx all running through different VPN connections:
 
 \*\*\* For ProtonVPN you can generate and download specific Wireguard config
 files, and use them as a custom provider config. See the [User Guide](USERGUIDE.md)
-for details. [Port Forwarding](https://protonvpn.com/support/port-forwarding-manual-setup/) is supported with the `--protonvpn-port-forwarding` argument for both OpenVPN and Wireguard (with `--provider custom --custom xxx.conf --protocol wireguard` ), note for OpenVPN you must generate the OpenVPN config files appending `+pmp` to your OpenVPN username, and you must choose servers which support this feature (e.g. at the time of writing, the Romania servers do). The assigned port is then printed to the terminal where vopono was launched - this should then be set in any applications that require it.
+for details. [Port Forwarding](https://protonvpn.com/support/port-forwarding-manual-setup/) is supported with the `--protonvpn-port-forwarding` argument for both OpenVPN and Wireguard (with `--provider custom --custom xxx.conf --protocol wireguard` ). `natpmpc` must be installed. Note for OpenVPN you must generate the OpenVPN config files appending `+pmp` to your OpenVPN username, and you must choose servers which support this feature (e.g. at the time of writing, the Romania servers do). The assigned port is then printed to the terminal where vopono was launched - this should then be set in any applications that require it.
 
 
 \*\*\*\* Cloudflare Warp uses its own protocol. Set both the provider and

diff --git a/USERGUIDE.md b/USERGUIDE.md
@@ -479,6 +479,8 @@ $ vopono -v exec --provider custom --custom testwg-UK-17.conf --protocol wiregua
 
 Port forwarding can be enabled with the `--protonvpn-port-forwarding` argument, but requires using a server that supports port forwarding. 
 
+`natpmpc` must be installed e.g. via the `libnatpmp` package on Arch Linux.
+
 Note for OpenVPN you must generate the OpenVPN config files appending `+pmp` to your OpenVPN username (i.e. what will be written to `~/.config/vopono/proton/openvpn/auth.txt`)
 
 Note the usual `-o` / `--open-ports` argument has no effect here as we only know the port number assigned after connecting to ProtonVPN.

diff --git a/vopono_core/Cargo.toml b/vopono_core/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "vopono_core"
 description = "Library code for running VPN connections in network namespaces"
-version = "0.1.7"
+version = "0.1.8"
 edition = "2021"
 authors = ["James McMurray <[email protected]>"]
 license = "GPL-3.0-or-later"

diff --git a/vopono_core/src/network/natpmpc.rs b/vopono_core/src/network/natpmpc.rs
@@ -23,6 +23,16 @@ impl Natpmpc {
  pub fn new(ns: &NetworkNamespace) -> anyhow::Result<Self> {
  let gateway_str = PROTONVPN_GATEWAY.to_string();
 
+ if let Err(x) = which::which("natpmpc") {
+ log::error!(
+ "natpmpc not found. Is natpmpc installed and on PATH? (e.g. libnatpmp package)"
+ );
+ return Err(anyhow::anyhow!(
+ "natpmpc not found. Is natpmpc installed and on PATH?: {:?}",
+ x
+ ));
+ }
+
  // Check output for readnatpmpresponseorretry returned 0 (OK)
  // If receive readnatpmpresponseorretry returned -7
  // Then prompt user to choose different gateway