miniupnpd/INSTALL: update infos
rdr-anchor lines should be removed in OpenBSD since 4.7 rephrased a bit the part about permissions
This commit is contained in:
parent
3997a2ebe7
commit
401c624bcf
|
@ -1,5 +1,5 @@
|
||||||
MiniUPnP project.
|
MiniUPnP project.
|
||||||
(c) 2006-2013 Thomas Bernard
|
(c) 2006-2014 Thomas Bernard
|
||||||
Homepage : http://miniupnp.free.fr/
|
Homepage : http://miniupnp.free.fr/
|
||||||
Mirror: http://miniupnp.tuxfamily.org/
|
Mirror: http://miniupnp.tuxfamily.org/
|
||||||
github: https://github.com/miniupnp/miniupnp
|
github: https://github.com/miniupnp/miniupnp
|
||||||
|
@ -17,7 +17,9 @@ To Build and Install :
|
||||||
Alternatively to editing config.h, options can be passed to genconfig.sh
|
Alternatively to editing config.h, options can be passed to genconfig.sh
|
||||||
For more details :
|
For more details :
|
||||||
> ./genconfig.sh -h
|
> ./genconfig.sh -h
|
||||||
- add "rdr-anchor miniupnpd" and "anchor miniupnpd" lines to /etc/pf.conf
|
- add "rdr-anchor miniupnpd" or/and "anchor miniupnpd" lines to /etc/pf.conf
|
||||||
|
(Since OpenBSD 4.7, rdr-anchor lines are no longer used and should be
|
||||||
|
removed, leaving only the anchor lines).
|
||||||
- some FreeBSD users reported that it is also necessary for them
|
- some FreeBSD users reported that it is also necessary for them
|
||||||
to explicitly allow udp traffic on 239.0.0.0/8 by adding the two following
|
to explicitly allow udp traffic on 239.0.0.0/8 by adding the two following
|
||||||
lines to /etc/pf.conf :
|
lines to /etc/pf.conf :
|
||||||
|
@ -26,7 +28,7 @@ To Build and Install :
|
||||||
- dont forget to " pfctl -f /etc/pf.conf "
|
- dont forget to " pfctl -f /etc/pf.conf "
|
||||||
- you can check your modifications are taken into accout with
|
- you can check your modifications are taken into accout with
|
||||||
"pfctl -s nat" and "pfctl -s rule". Look for the "rdr-anchor miniupnpd"
|
"pfctl -s nat" and "pfctl -s rule". Look for the "rdr-anchor miniupnpd"
|
||||||
and "anchor miniupnpd" lines.
|
(if applicable) and/or "anchor miniupnpd" lines.
|
||||||
- install as root using :
|
- install as root using :
|
||||||
# make install
|
# make install
|
||||||
or
|
or
|
||||||
|
@ -53,7 +55,7 @@ http://blogs.sun.com/avalon/category/IPFilter
|
||||||
- To enable non standard compilation options,
|
- To enable non standard compilation options,
|
||||||
> ./genconfig.sh -h
|
> ./genconfig.sh -h
|
||||||
Or edit config.h after it has been generated by genconfig.sh
|
Or edit config.h after it has been generated by genconfig.sh
|
||||||
- use 'bsdmake' or 'make -f Makefile.macosx' to build
|
- use 'bsdmake' (if available) or 'make -f Makefile.macosx' to build
|
||||||
|
|
||||||
============================== Mac OS X/pf ================================
|
============================== Mac OS X/pf ================================
|
||||||
|
|
||||||
|
@ -118,11 +120,11 @@ also available through command line switches.
|
||||||
Miniupnpd supports some kind of security check for allowing or disallowing
|
Miniupnpd supports some kind of security check for allowing or disallowing
|
||||||
redirection to be made. The UPnP permission rules are read from the
|
redirection to be made. The UPnP permission rules are read from the
|
||||||
miniupnpd.conf configuration file.
|
miniupnpd.conf configuration file.
|
||||||
When a new redirection is asked, permission rules are evaluated in top-down
|
When a new redirection is requested, permission rules are evaluated in
|
||||||
order and the first permission rule matched gives the answer : redirection
|
top-down order and the first permission rule matched gives the response :
|
||||||
allowed or denied. If no rule is matching, the redirection is allowed, so
|
redirection allowed or denied. If no rule is matching, the redirection is
|
||||||
it is a good practice to have a "catch all" deny permission rule at the end
|
allowed, so it is a good practice to have a "catch all" deny permission
|
||||||
of your mermission ruleset.
|
rule at the end of your permission ruleset.
|
||||||
Sample permission ruleset :
|
Sample permission ruleset :
|
||||||
allow 4662-4672 192.168.1.34/32 4662-4672
|
allow 4662-4672 192.168.1.34/32 4662-4672
|
||||||
deny 0-65535 192.168.1.34/32 0-65535
|
deny 0-65535 192.168.1.34/32 0-65535
|
||||||
|
@ -147,8 +149,8 @@ More simple, use the genuuid makefile target :
|
||||||
> make genuuid
|
> make genuuid
|
||||||
or
|
or
|
||||||
> make -f Makefile.linux genuuid
|
> make -f Makefile.linux genuuid
|
||||||
This target is needed by the "install" target, so it should be done
|
This target is needed by the "install" target, so it is done automatically
|
||||||
automatically.
|
during install.
|
||||||
|
|
||||||
To stop the daemon use :
|
To stop the daemon use :
|
||||||
# kill `cat /var/run/miniupnpd.pid`
|
# kill `cat /var/run/miniupnpd.pid`
|
||||||
|
|
Loading…
Reference in New Issue