this adds the possibility to configure port forwarding according to the specs of perfect-privacy

(see: https://www.perfect-privacy.com/faq/ section How are the default forwarding ports being calculated?)

Dockerfile

@@ -12,7 +12,7 @@ RUN apt-get update \
     && wget -O - https://swupdate.openvpn.net/repos/repo-public.gpg | apt-key add - \
     && echo "deb http://build.openvpn.net/debian/openvpn/stable xenial main" > /etc/apt/sources.list.d/openvpn-aptrepo.list \
     && apt-get update \
-    && apt-get install -y sudo transmission-cli transmission-common transmission-daemon curl rar unrar zip unzip ufw iputils-ping openvpn \
+    && apt-get install -y sudo transmission-cli transmission-common transmission-daemon curl rar unrar zip unzip ufw iputils-ping openvpn bc\
     python2.7 python2.7-pysqlite2 && ln -sf /usr/bin/python2.7 /usr/bin/python2 \
     && wget https://github.com/Secretmapper/combustion/archive/release.zip \
     && unzip release.zip -d /opt/transmission-ui/ \

transmission/start.sh

@@ -67,6 +67,10 @@ if [ "$OPENVPN_PROVIDER" = "PIA" ]
 then
     echo "CONFIGURING PORT FORWARDING"
     exec /etc/transmission/updatePort.sh &
+elif [ "$OPENVPN_PROVIDER" = "PERFECTPRIVACY" ]
+then
+    echo "CONFIGURING PORT FORWARDING"
+    exec /etc/transmission/updatePPPort.sh ${TRANSMISSION_BIND_ADDRESS_IPV4} &
 else
     echo "NO PORT UPDATER FOR THIS PROVIDER"
 fi

transmission/updatePPPort.sh

@@ -0,0 +1,69 @@
+#! /bin/bash
+
+# Source our persisted env variables from container startup
+. /etc/transmission/environment-variables.sh
+
+# Settings
+TRANSMISSION_PASSWD_FILE=/config/transmission-credentials.txt
+
+transmission_username=$(head -1 $TRANSMISSION_PASSWD_FILE)
+transmission_passwd=$(tail -1 $TRANSMISSION_PASSWD_FILE)
+transmission_settings_file=${TRANSMISSION_HOME}/settings.json
+
+# Calculate the port
+
+IPADDRESS=$1
+echo "ipAddress to calculate port from $IPADDRESS"
+oct3=$(echo ${IPADDRESS} | tr "." " " | awk '{ print $3 }')
+oct4=$(echo ${IPADDRESS} | tr "." " " | awk '{ print $4 }')
+oct3binary=$(bc <<<"obase=2;$oct3" | awk '{ len = (8 - length % 8) % 8; printf "%.*s%s\n", len, "00000000", $0}')
+oct4binary=$(bc <<<"obase=2;$oct4" | awk '{ len = (8 - length % 8) % 8; printf "%.*s%s\n", len, "00000000", $0}')
+
+sum=${oct3binary}${oct4binary}
+portPartBinary=${sum:4}
+portPartDecimal=$((2#$portPartBinary))
+if [ ${#portPartDecimal} -ge 4 ]
+	then
+	new_port="1"${portPartDecimal}
+else
+	new_port="10"${portPartDecimal}
+fi
+echo "calculated port $new_port"
+
+#
+# Now, set port in Transmission
+#
+
+# Check if transmission remote is set up with authentication
+auth_enabled=$(grep 'rpc-authentication-required\"' $transmission_settings_file | grep -oE 'true|false')
+if [ "true" = "$auth_enabled" ]
+  then
+  echo "transmission auth required"
+  myauth="--auth $transmission_username:$transmission_passwd"
+else
+    echo "transmission auth not required"
+    myauth=""
+fi
+
+# get current listening port
+sleep 3
+transmission_peer_port=$(transmission-remote $myauth -si | grep Listenport | grep -oE '[0-9]+')
+if [ "$new_port" != "$transmission_peer_port" ]; then
+  if [ "true" = "$ENABLE_UFW" ]; then
+    echo "Update UFW rules before changing port in Transmission"
+
+    echo "denying access to $transmission_peer_port"
+    ufw deny ${transmission_peer_port}
+
+    echo "allowing $new_port through the firewall"
+    ufw allow ${new_port}
+  fi
+
+  transmission-remote ${myauth} -p "$new_port"
+
+  echo "Checking port..."
+  sleep 10
+  transmission-remote ${myauth} -pt
+else
+    echo "No action needed, port hasn't changed"
+fi