From e5487073f864f13dff4a7263aa862e2e423b3c05 Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Tue, 14 Oct 2025 15:28:29 +0200
Subject: [PATCH 1/4] fix: Validate user ports

---
 src/network.sh | 59 +++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 49 insertions(+), 10 deletions(-)

diff --git a/src/network.sh b/src/network.sh
index 5b347e18..db33bbdd 100644
--- a/src/network.sh
+++ b/src/network.sh
@@ -210,7 +210,7 @@ compat() {
 
 getHostPorts() {
 
-  local list="$1"
+  local list="${HOST_PORTS:-}"
   list=$(echo "${list// /}" | sed 's/,*$//g')
 
   if [[ "${DISPLAY,,}" == "web" ]]; then
@@ -228,21 +228,58 @@ getHostPorts() {
     [ -z "$list" ] && list="$WSD_PORT" || list+=",$WSD_PORT"
   fi
 
+  if [ -n "$list" ]; then
+    if echo "$list" | tr ',' '\n' | grep -v '^$' | sort -rf | uniq -ci | sort -k 1,1nr | sed 's/^[\ ]*//' | grep -vq '^1\ '; then
+      warn "the variable \"HOST_PORTS\" contains duplicate port numbers: $list"
+    fi
+  fi
+
   echo "$list"
   return 0
 }
 
 getUserPorts() {
 
-  local args=""
-  local list=$1
+  local list="${USER_PORTS:-}"
   list=$(echo "${list// /}" | sed 's/,*$//g')
 
+  list="${list//,/ }"
+  list="${list## }"
+  list="${list%% }"
+
+  local exclude
+  exclude=$(getHostPorts)
+  exclude="${exclude//,/ }"
+  exclude="${exclude## }"
+  exclude="${exclude%% }"
+
+  local ports=""
   local ssh="22"
   [[ "${BOOT_MODE:-}" == "windows"* ]] && ssh="3389"
-  [ -z "$list" ] && list="$ssh" || list+=",$ssh"
 
-  echo "$list"
+  for userport in $list; do
+
+    local num="${userport///tcp}"
+    num="${num///udp}"
+
+    for hostport in $exclude; do
+
+      local val="${port///tcp}"
+      [[ "$num" == "${val///udp}" ]] && num=""
+  
+    done
+
+    [ -n "$num" ] && [[ "$num" != "$ssh" ]] && ports+="$userport,"
+
+  done
+
+  [ -z "$ports" ] && ports="$ssh" || ports+=",$ssh"
+
+  if echo "$ports" | tr ',' '\n' | grep -v '^$' | sort -rf | uniq -ci | sort -k 1,1nr | sed 's/^[\ ]*//' | grep -vq '^1\ '; then
+    warn "the variable \"USER_PORTS\" contains duplicate port numbers: $ports"
+  fi
+
+  echo "$ports"
   return 0
 }
 
@@ -251,15 +288,15 @@ getSlirp() {
   local args=""
   local list=""
 
-  list=$(getUserPorts "${USER_PORTS:-}")
+  list=$(getUserPorts)
   list="${list//,/ }"
   list="${list## }"
   list="${list%% }"
 
   for port in $list; do
 
-    proto="tcp"
-    num="${port%/tcp}"
+    local proto="tcp"
+    local num="${port%/tcp}"
 
     if [[ "$port" == *"/udp" ]]; then
       proto="udp"
@@ -273,6 +310,8 @@ getSlirp() {
     args+="hostfwd=$proto::$num-$VM_NET_IP:$num,"
   done
 
+  [ -n "$args" ] && args=$(echo "$args" | sed 's/,*$//g')
+
   echo "${args%?}"
   return 0
 }
@@ -341,7 +380,7 @@ configurePasst() {
   [ -n "$PASST_MTU" ] && PASST_OPTS+=" -m $PASST_MTU"
 
   local forward=""
-  forward=$(getUserPorts "${USER_PORTS:-}")
+  forward=$(getUserPorts)
   forward="${forward///tcp}"
   forward="${forward///udp}"
 
@@ -492,7 +531,7 @@ configureNAT() {
     update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
   fi
 
-  exclude=$(getHostPorts "$HOST_PORTS")
+  exclude=$(getHostPorts)
 
   if [ -n "$exclude" ]; then
     if [[ "$exclude" != *","* ]]; then

From a26f8da87a71c686045ed3e9ad96516362b10c6d Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Tue, 14 Oct 2025 15:38:51 +0200
Subject: [PATCH 2/4] Update network.sh

---
 src/network.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/network.sh b/src/network.sh
index db33bbdd..fa29c4f9 100644
--- a/src/network.sh
+++ b/src/network.sh
@@ -269,7 +269,9 @@ getUserPorts() {
   
     done
 
-    [ -n "$num" ] && [[ "$num" != "$ssh" ]] && ports+="$userport,"
+    if [ -n "$num" ] && [[ "$num" != "$ssh" ]]; then
+      [ -z "$ports" ] && ports="$userport" || ports+=",$userport"
+    fi
 
   done
 

From 7f4768dad9fecb6a031528f08f14b1d1402ee216 Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Tue, 14 Oct 2025 16:25:42 +0200
Subject: [PATCH 3/4] feat: Validate user port configuration

Refactor port handling to remove duplicates and improve warnings.
---
 src/network.sh | 33 ++++++++++++++++++---------------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/src/network.sh b/src/network.sh
index fa29c4f9..45399fb8 100644
--- a/src/network.sh
+++ b/src/network.sh
@@ -212,6 +212,7 @@ getHostPorts() {
 
   local list="${HOST_PORTS:-}"
   list=$(echo "${list// /}" | sed 's/,*$//g')
+  list="${list//,,/,}"
 
   if [[ "${DISPLAY,,}" == "web" ]]; then
     [ -z "$list" ] && list="$WSS_PORT" || list+=",$WSS_PORT"
@@ -228,11 +229,8 @@ getHostPorts() {
     [ -z "$list" ] && list="$WSD_PORT" || list+=",$WSD_PORT"
   fi
 
-  if [ -n "$list" ]; then
-    if echo "$list" | tr ',' '\n' | grep -v '^$' | sort -rf | uniq -ci | sort -k 1,1nr | sed 's/^[\ ]*//' | grep -vq '^1\ '; then
-      warn "the variable \"HOST_PORTS\" contains duplicate port numbers: $list"
-    fi
-  fi
+  # Remove duplicates
+  list=$(echo "$list," | awk 'BEGIN{RS=ORS=","} !seen[$0]++' | sed 's/,*$//g')
 
   echo "$list"
   return 0
@@ -243,6 +241,7 @@ getUserPorts() {
   local list="${USER_PORTS:-}"
   list=$(echo "${list// /}" | sed 's/,*$//g')
 
+  list="${list//,,/,}"
   list="${list//,/ }"
   list="${list## }"
   list="${list%% }"
@@ -254,32 +253,36 @@ getUserPorts() {
   exclude="${exclude%% }"
 
   local ports=""
-  local ssh="22"
-  [[ "${BOOT_MODE:-}" == "windows"* ]] && ssh="3389"
 
   for userport in $list; do
 
     local num="${userport///tcp}"
     num="${num///udp}"
+    [ -z "$num" ] && continue
 
     for hostport in $exclude; do
 
-      local val="${port///tcp}"
-      [[ "$num" == "${val///udp}" ]] && num=""
-  
+      local val="${hostport///tcp}"
+
+      if [[ "$num" == "${val///udp}" ]]; then
+        num=""
+        warn "Could not assign port ${val///udp} to \"USER_PORTS\" because it is already in \"HOST_PORTS\"!"
+      fi
+
     done
 
-    if [ -n "$num" ] && [[ "$num" != "$ssh" ]]; then
+    if [ -n "$num" ]; then
       [ -z "$ports" ] && ports="$userport" || ports+=",$userport"
     fi
 
   done
 
+  local ssh="22"
+  [[ "${BOOT_MODE:-}" == "windows"* ]] && ssh="3389"
   [ -z "$ports" ] && ports="$ssh" || ports+=",$ssh"
 
-  if echo "$ports" | tr ',' '\n' | grep -v '^$' | sort -rf | uniq -ci | sort -k 1,1nr | sed 's/^[\ ]*//' | grep -vq '^1\ '; then
-    warn "the variable \"USER_PORTS\" contains duplicate port numbers: $ports"
-  fi
+  # Remove duplicates
+  ports=$(echo "$ports," | awk 'BEGIN{RS=ORS=","} !seen[$0]++' | sed 's/,*$//g')
 
   echo "$ports"
   return 0
@@ -312,7 +315,7 @@ getSlirp() {
     args+="hostfwd=$proto::$num-$VM_NET_IP:$num,"
   done
 
-  [ -n "$args" ] && args=$(echo "$args" | sed 's/,*$//g')
+  args=$(echo "$args" | sed 's/,*$//g')
 
   echo "${args%?}"
   return 0

From 9272b95a255b42ced721dac711201e8a4a668828 Mon Sep 17 00:00:00 2001
From: Kroese <kroese@users.noreply.github.com>
Date: Tue, 14 Oct 2025 16:39:53 +0200
Subject: [PATCH 4/4] feat: Validate user port configuration

---
 src/network.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/network.sh b/src/network.sh
index 45399fb8..6668dc16 100644
--- a/src/network.sh
+++ b/src/network.sh
@@ -241,6 +241,10 @@ getUserPorts() {
   local list="${USER_PORTS:-}"
   list=$(echo "${list// /}" | sed 's/,*$//g')
 
+  local ssh="22"
+  [[ "${BOOT_MODE:-}" == "windows"* ]] && ssh="3389"
+  [ -z "$list" ] && list="$ssh" || list+=",$ssh"
+  
   list="${list//,,/,}"
   list="${list//,/ }"
   list="${list## }"
@@ -277,10 +281,6 @@ getUserPorts() {
 
   done
 
-  local ssh="22"
-  [[ "${BOOT_MODE:-}" == "windows"* ]] && ssh="3389"
-  [ -z "$ports" ] && ports="$ssh" || ports+=",$ssh"
-
   # Remove duplicates
   ports=$(echo "$ports," | awk 'BEGIN{RS=ORS=","} !seen[$0]++' | sed 's/,*$//g')