819 Commits

Author SHA1 Message Date
Thomas BERNARD
f841aa9e56 Merge pull request #75 from fingon/fix-linux3.10-ipv6-pinhole
netfilter: Linux 3.10(?) IPv6 firewall pinhole fix
2014-05-30 13:05:06 +02:00
Markus Stenberg
3eb71223b4 For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh) 2014-05-29 17:56:48 +03:00
Thomas Bernard
50e370abcd miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses 2014-05-23 17:05:15 +02:00
Thomas Bernard
4069d9633c miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket 2014-05-23 17:03:56 +02:00
Thomas Bernard
6bf84dc834 miniupnpd/minissdp.c: clean SendSSDPbyebye() 2014-05-23 12:07:39 +02:00
Thomas Bernard
c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard
00fbdb70cf miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface 2014-05-22 10:17:06 +02:00
Thomas Bernard
165aeef129 miniupnpd/minissdp.c: clean SendSSDPNotify() code 2014-05-22 10:12:26 +02:00
Thomas Bernard
0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard
d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard
72463253dc miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT 2014-05-22 01:38:18 +02:00
Thomas Bernard
9f78015a5b miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Thomas BERNARD
a2effc1535 Merge pull request #74 from fingon/ipv6-listening-ip
Added ipv6_listening_ip option to override it from in6addr_any.
2014-05-20 15:09:51 +02:00
Markus Stenberg
c038146cee Added ipv6_listening_ip option to override it from in6addr_any.
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard
1213033912 => 2014 2014-05-20 00:25:35 +02:00
Thomas Bernard
126bf58d23 miniupnpc: add more info to python packages 2014-05-20 00:24:59 +02:00
Thomas Bernard
93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard
d851ad4c25 miniupnpd: Retreive PCP packed IPV6 destination address 2014-05-19 15:27:34 +02:00
Thomas BERNARD
5f288bf804 Merge pull request #73 from fingon/pcp-int-check-mandatory-always
Internal address check is mandatory even if third party option is set.
2014-05-19 12:28:29 +02:00
Markus Stenberg
83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard
b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard
7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard
653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg
c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00
Markus Stenberg
6b3ff0242d Made failed pinhole request actually fail in terms of return value too. 2014-05-15 12:03:18 +02:00
Markus Stenberg
924b6d1613 Checking lan only in non-thirdparty mode. 2014-05-15 12:02:46 +02:00
Markus Stenberg
28b3afbb8f Added TODO about IPv6 permission handling. 2014-05-15 12:02:12 +02:00
Markus Stenberg
3a457092ce Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg
be6db5995d miniupnpd: work in progress on PCP pinhole support 2014-05-15 11:58:17 +02:00
Markus Stenberg
7c7407099e Added Linux get_pinhole_uid_by_index. 2014-05-15 11:45:37 +02:00
Markus Stenberg
e907d7bba6 miniupnpd: Some initial effort at actually adding pinhole support to PCP code. 2014-05-15 11:45:33 +02:00
Markus Stenberg
c000a00508 Fixed PEER supporting PCP to compile too. 2014-05-15 11:29:01 +02:00
Markus Stenberg
3e03562b77 miniupnpd: Added ENABLE_UPNPPINHOLE macro
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard
ba97c9b238 miniupnpd/pcpserver.c: fix ProcessPCPRequest()
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg
3f9000db76 Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay. 2014-05-15 10:51:00 +02:00
Thomas Bernard
de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard
4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
improve commit 20f1e070a1d123a43b58857eaccc202734c4553b
2014-05-15 10:35:27 +02:00
Thomas BERNARD
8fa9446d65 Merge pull request #71 from arr2036/master
Add support for IGD2 AddAnyPortMapping DeletePortMappingRange
2014-05-15 10:32:17 +02:00
Arran Cudbard-Bell
f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
0490d16221 Don't print garbage values on failure 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
b9362f32a7 Add support for IGD2 AddAnyPortMapping and DeletePortMappingRange
Added python bindings for both AddAnyPortMapping and DeletePortMappingRange
2014-05-13 21:50:07 +01:00
Arran Cudbard-Bell
be9584d156 Fix formatting in areas the next commit will touch 2014-05-13 21:49:51 +01:00
Thomas Bernard
5724b6b8b5 add Markus Stenberg 2014-05-06 15:17:15 +02:00
Thomas Bernard
98109ea92e miniupnpd/getifaddr.c: fix when IPV6 is not enabled 2014-05-06 15:15:07 +02:00
Markus Stenberg
338a533a09 miniupnpd/pcpserver.c: Preliminary work for PCP fw control
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg
d058fd3f36 miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00
Markus Stenberg
5e5a9d39eb Added missing check for int_ip. 2014-05-06 13:27:42 +02:00
Markus Stenberg
2f5c3ce959 miniupnpd/pcpserver.c: Some IPv6 related work on PCP. 2014-05-06 13:26:06 +02:00
Thomas Bernard
0e49fe7e94 miniupnpd: change "allow_thirdparty" PCP option to a bit flag 2014-05-06 13:15:24 +02:00