Commit Graph

911 Commits

Author SHA1 Message Date
Thomas Bernard 18ec4e88e7 asyncsendto.c: 2018 2018-07-06 13:31:44 +02:00
Thomas Bernard 1da39554c7 fixes in upnpstun.c
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:31:26 +02:00
Thomas Bernard 15b6f3e9c2 fixes in update_ext_ip_addr_from_stun()
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:29:33 +02:00
Thomas Bernard 8bc6d6f556 PERFORMSTUN => PERFORMSTUNMASK. allow to specify stun using -o option 2018-07-06 13:23:22 +02:00
Thomas Bernard 8c91ff515e reserved[] is const 2018-07-06 13:20:30 +02:00
Nils Andreas Svee 5262990d8e miniupnpd: support newer libnftnl versions 2018-07-01 23:50:12 +02:00
Thomas Bernard ef179a45e3 do not check empty string with strlen(s) == 0
see #292
2018-06-01 10:55:45 +02:00
Thomas Bernard 72005ce86a add -w option to iptables.
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5113

Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-05-29 12:26:33 +02:00
Pali Rohár c1472ffe4e miniupnpd: GetExternalIPAddress(): Instead of invalid IP address 0.0.0.0 returns error 501
IP address 0.0.0.0 is filled when it is not possible to retrieve IP address. According to specification, GetExternalIPAddress() can return error 501 when action failed.
2018-05-19 17:28:43 +02:00
Pali Rohár 8c97654d70 miniupnpd: When enabled perform STUN to learn external IP address and NAT type
Also enable port forwarding when direct (non-NAT) connection or unrestricted NAT 1:1 (without any filtering) is detected.
2018-05-19 13:32:42 +02:00
Pali Rohár 8e10a1aeab miniupnpd: Disable port forwarding when we are behind restrictive nat with reserved / private IP address
In this case port forwarding is impossible, so rather return error code to the client instead of silently trying to do something and informing clients that port forwarding is enabled.
2018-05-19 13:32:04 +02:00
Pali Rohár cce19781e6 miniupnpd: Add validation that public ip address is not reserved and is really public
This ensures that all requests for getting public IP address (either via UPnP IGD or PCP/PMP) would contain correct public IP address or an error (instead of some invalid private/reserved IP address).
2018-05-19 13:31:26 +02:00
Pali Rohár c35935c61d miniupnpd: Add function addr_is_reserved() to check if address is private/reserved and therefore not for public port forwarding 2018-05-19 13:31:14 +02:00
Pali Rohár 4f53b322fd miniupnpd: Add function perform_stun() for detecting external IP address and restrictive NAT via STUN protocol
It automatically unblock selected UDP ports for incoming responses and after finishing ports unblock is removed.
2018-05-19 13:31:08 +02:00
Pali Rohár cd7284785b miniupnpd: Add function delete_filter_rule() also for PF and Linux Netfilter
It is needed for STUN implementation.
2018-05-19 13:31:02 +02:00
Thomas Bernard 582375b64f
miniupnpd: VERSION 2.1 2018-05-08 23:40:27 +02:00
Thomas Bernard e11bbf0bc0
miniupnpd/pcp: Send PCP announcment at startup
fixes #254
2018-05-08 23:06:19 +02:00
yangfl b3849ef311 Fix OS detection for Debian kFreeBSD 2018-05-08 21:59:15 +08:00
Thomas Bernard d2bbdee995 fix typo introduced in 00abd9e6c8 2018-05-03 09:54:02 +02:00
Thomas Bernard a92138345b add option LEASEFILE_USE_REMAINING_TIME
new function lease_file_rewrite()
that is called just before exiting, and when SIGUSR2 is received
see #295
2018-05-02 09:40:12 +02:00
Thomas Bernard d0e7958617 lease_file_remove(): replace strncpy/strncat by snprintf() 2018-05-01 13:04:20 +02:00
Thomas Bernard f6ac854f0f miniupnpd: fix storing of unlimited lease time in lease_file
see #295
2018-05-01 11:26:49 +02:00
Thomas Bernard 17773f0a72 if LEASEFILE_USE_REMAINING_TIME is defined, only the remaining time is stored
see #295
2018-04-30 17:25:26 +02:00
Thomas Bernard 00abd9e6c8 miniupnpd: store UNIX time in lease_file
fixes #295
2018-04-30 16:59:40 +02:00
Thomas Bernard 491ee9f8bf miniupnpd/upnpevents.c: Add log when error 2018-04-27 00:08:06 +02:00
Thomas Bernard 239d048489 Merge branch 'pf_use_ext_ip_addr' 2018-04-22 21:27:44 +02:00
Thomas Bernard 5dcd40aece netfilter/iptpinhole.c: remove warning: implicit declaration of function 'upnp_time'
fixes ef94635100
2018-04-22 21:24:30 +02:00
Thomas Bernard 0366cd0ba0 replace strlen(s) > 0 by s[0] != '\0'
see #292
2018-04-22 21:21:58 +02:00
Thomas Bernard 2b6fa0839f no more strlen(xxx) == 0.
Fixes #292
2018-04-20 17:19:52 +02:00
Thomas Bernard 53e8185725 miniupnpd/pf: set dst address in rule if use_ext_ip_addr is set
fixes #231
2018-04-12 11:36:12 +02:00
Thomas Bernard 1fe8d21cf2 fixes #272 2018-04-12 10:49:53 +02:00
Thomas Bernard eaaf4f10ae miniupnpd: introduce upnp_gettimeofday() which is monotonic :)
fixes #288
2018-04-12 10:07:11 +02:00
Thomas Bernard 0bbff2bb0f miniupnpd: update Changelog
see 82ec7bc3df
2018-04-06 13:00:23 +02:00
yangfl 82ec7bc3df miniupnpd: Add options for netfilter scripts 2018-03-16 23:57:39 +08:00
Thomas Bernard ef94635100 miniupnpd: time() => upnp_time()
I had forgotten some
see #288
2018-03-14 00:09:42 +01:00
Thomas Bernard 9516c9a007 miniupnpd: fix warnings 2018-03-13 11:53:33 +01:00
Thomas Bernard dd2aa84204 miniupnpd: use monotonic clock for timeouts, etc.
fixes #288

also changed set_startup_time()
2018-03-13 11:43:07 +01:00
Thomas Bernard f0511d761b miniupnpd: Add -1 option
fixes #277
see #282
2018-02-22 14:02:52 +01:00
Thomas Bernard 9efd7fda66 ChangeLog for #282 2018-02-22 13:53:39 +01:00
Thomas Bernard 80779ff4f7 Fix commit 6cbf0ba
Use the "flags" global variable to store the option value
Save a lot of complexity.
2018-02-22 13:47:48 +01:00
Nye Liu c6bf0ba6f3 Allow runtime override of igd to v1 for people running binaries with v2 enabled
Towards miniupnp/miniupnp#277
2018-02-19 22:14:05 -08:00
Thomas Bernard 7f17837253 miniupnpd/minissdp.c: Fix submission of services to minissdpd
Version was hardcoded to 1 in "ST:"
2018-02-03 18:14:31 +01:00
yangfl 3158862058 miniupnpd/miniupnpd.8: update man page 2018-02-03 01:46:09 +08:00
Thomas Bernard 718deea11e Update file headers. 2017 => 2018 etc. 2018-01-16 02:06:46 +01:00
Thomas Bernard ed35fc6cd4 miniupnpd/testminissdp.c: int => size_t. 2018 2018-01-15 17:47:22 +01:00
yangfl d492fa39ef fix typo 2018-01-09 09:33:31 +08:00
Thomas Bernard a55234d806 upnpreplyparse.c: NameValueParserEndElt() rename arg to avoid confusion 2017-12-12 12:47:33 +01:00
Thomas Bernard bf4f616f58 miniupnpd/Makefile.linux: add testminissdp 2017-12-12 12:46:59 +01:00
Thomas Bernard a4d6939193 miniupnpd: update Changelog.txt 2017-12-12 10:51:36 +01:00
Thomas Bernard 9fcc0a72f0 minissdpc.c: Fix buffer overrun in SSDP packet parsing
fixes #267

there were several errors in ProcessSSDPData()
in the parsing of ST: MX: and MAN: headers
so a few bytes could be read after the end of the buffer.
2017-12-12 10:42:54 +01:00
Thomas Bernard 256b93e5d3 miniupnpd: add a test for ProcessSSDPData()
see #267
2017-12-12 10:08:44 +01:00
Thomas Bernard a0573e2518 minixml.c: fix heap buffer overflow
should fix #268
2017-12-11 14:59:29 +01:00
Thomas Bernard 7aeb624b44 properly initialize data structure for SOAP parsing in ParseNameValue()
topelt field was not properly initialized.

should fix #268
2017-12-11 14:27:27 +01:00
Thomas Bernard 7492fe42c2 pcpserver.c: send ANNOUNCE when IP changed
see #254
2017-11-27 23:04:51 +01:00
Thomas Bernard cc0fad78d7 miniupnpd: use epoch_origin for NAT-PMP as well
see #254
2017-11-27 23:02:34 +01:00
Thomas Bernard 165c5f0d57 upnpdescgen.c: check for stack overflow in genXML()
remove two TODO's ! ;)
2017-11-24 11:00:34 +01:00
Thomas Bernard ba9315b9b4 natpmp.c: improve error logging 2017-11-05 11:10:13 +01:00
Thomas Bernard 9bd290fccb more explicit explanations about public address change 2017-11-05 10:52:47 +01:00
Thomas Bernard 6ce6a70973 PCP : reset epoch after address change
see #254
2017-11-02 17:27:24 +01:00
Thomas Bernard 665478a47f two words about signals 2017-11-02 17:25:39 +01:00
Thomas Bernard ad22fe5c08 copyright notice => 2017 2017-11-02 16:52:07 +01:00
Thorsten Liepert f7ec37d92f added rc-once script to initialize uuid on first start 2017-09-03 16:59:19 +02:00
David Kerr 7befb60ab0 Add source IP and port to syslog for upnp_event_send() error.
Adds the IP and port of requesting host when a send error is logged to syslog so that it is possible to identify the application causing the problem.  Copied the syntax used for Connect() errors in same file.
2017-08-06 10:33:28 -04:00
Thomas Bernard d13f840a4a =>2017. http => https 2017-07-06 00:03:12 +02:00
Thomas Bernard 2946f9e105 => 2017 2017-07-05 23:06:16 +02:00
Thomas Bernard 8870da723e char * => const char * 2017-07-05 23:06:07 +02:00
edrikk 9ac353cb5e Adding Tomato ifdef for netfilter chain to check
To allow for "drop-in" upgrades of Miniupnp within Tomato firmware, submitting this change back upstream.
Original source:  b9d9e4b0ed?at=shibby-arm
2017-07-05 14:40:51 -04:00
David Carlier e56b0587a7 Mainly adding fd_set related header missing 2017-06-12 09:27:26 +02:00
Thomas Bernard 5923d5de6f => 2017 2017-05-27 10:25:53 +02:00
Thomas Bernard 74bb1827cb miniupnpd: update Changelog.txt about randomize_url 2017-05-26 17:59:45 +02:00
Thomas Bernard 552f6d37cf Merge branch 'master' into randomize_url 2017-05-26 17:58:13 +02:00
Thomas Bernard e40a433a99 disable URL randomization by default
see http://miniupnp.tuxfamily.org/forum/viewtopic.php?p=4470
https://github.com/filetofirewall/fof
2017-05-26 17:44:45 +02:00
Thomas Bernard 772c70ee41 miniupnpd/testgetifaddr.sh: fix for FreeBSD 2017-05-26 17:36:44 +02:00
Thomas Bernard 11fcf5a008 Merge branch 'master' into randomize_url 2017-05-26 17:30:18 +02:00
Thomas Bernard e362e84e9e => 2017 2017-05-25 00:53:55 +02:00
Thomas Bernard 08c554104d Update Changelog.txt 2017-05-25 00:48:18 +02:00
Thomas Bernard 50d21a38d0 SSDP: use receiving interface index to check if from LAN 2017-05-25 00:44:29 +02:00
Thomas Bernard 9303816a5b check receiving interface index when receiving SSDP 2017-05-25 00:44:12 +02:00
Thomas Bernard 6ed6b4e607 minissdp.c: const int on = 1; for setsockopt() arg 2017-05-24 11:04:20 +02:00
Thomas Bernard 57a74f2739 Merge branch 'master' into randomize_url 2017-04-21 11:33:25 +02:00
Chris Lamb 7c45f219e4 Please make the build reproducible
Whilst working on the Reproducible Builds effort [0], we noticed that
miniupnpd could not be built reproducibly due to embedded timestamps.

 [0] https://reproducible-builds.org/

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
2017-04-13 22:09:42 +02:00
Thomas Bernard b4ed41eae8 add -w parameter to iptables for locking
fixes #232
2017-03-13 13:07:22 +01:00
Thomas Bernard 0cc906169a use LinkLocal address for HTTP when needed
should fix #229

should be tested...
2017-03-13 13:01:00 +01:00
Thomas Bernard da64fd85cb pass ext_if_name arg to add_pinhole()
should fix #228
2017-03-13 11:47:21 +01:00
Thomas Bernard 2c02ef2b7b right printf format in testobsdrdr.c and tespfpinhole.c 2017-03-13 11:37:43 +01:00
Thomas Bernard 07a3729b59 sanitize <RemoteHost> arg of AddPinhole
see #228
2017-03-13 11:30:44 +01:00
Thomas Bernard 93845c5abe DEfault to client address for AddPortMapping when <NewInternalClient> is empty
see #236
2017-03-13 11:03:58 +01:00
Thomas Bernard 859b986385 bsd/getroute.c: proper SA_SIZE() definition
fixes #227
2017-01-30 18:12:11 +01:00
Thomas Bernard a39fd6d280 bsd/getroute.c: output offset
see #227
2017-01-30 17:44:48 +01:00
Thomas Bernard 0e69178412 miniupnpd: improve README 2016-12-28 12:44:38 +01:00
Thomas Bernard 7aaf82a654 miniupnpd: Update conf instructions in INSTALL
see #102
https://github.com/miniupnp/miniupnp/issues/102
2016-12-28 12:43:27 +01:00
Thomas Bernard ee2f6ac2ce miniupnpd: FreeBSD uses /etc/defaults/rc.conf
fixes #24
2016-12-28 12:10:06 +01:00
Thomas Bernard 2c77721888 do not split conditional statement #184
closes #184
2016-12-28 11:58:21 +01:00
Thomas Bernard 3571a41d1b Fix UDA-1.2.10 Man header empty or invalid 2016-12-23 12:12:49 +01:00
Thomas Bernard 9fc3b09017 miniupnpd: update changelog and 2016 2016-12-16 10:18:41 +01:00
Thomas Bernard 32855b854c dot not try to find IPv6 address if IPv6 is disabled
see #49
2016-12-16 09:39:19 +01:00
Thomas Bernard 2a1cc8d798 do not try to call OpenAndConfPCPv6Socket() when IPv6 is off
see #49
2016-12-16 09:32:41 +01:00
Thomas Bernard cfa01c5c32 fix 1a6c57847a 2016-12-01 12:14:10 +01:00
Thomas Bernard 3d9b606a88 update Changelog.txt 2016-12-01 12:05:40 +01:00
Thomas Bernard 1a6c57847a Fix "AddPinhole Twice" test
UCTT 2.0 test case - AddPinhole Twice
see http://miniupnp.tuxfamily.org/forum/viewtopic.php?p=4731
2016-12-01 12:00:16 +01:00
Thomas Bernard 144eeefd19 Merge branch 'master' into randomize_url
Conflicts:
	miniupnpd/genconfig.sh
	miniupnpd/testupnpdescgen.c
	miniupnpd/upnpdescgen.c
	miniupnpd/upnpglobalvars.c
	miniupnpd/upnpglobalvars.h
2016-11-11 18:01:35 +01:00
Thomas Bernard d9fdb58a05 fixes testgetifaddr.sh for Solaris 2016-11-11 09:44:45 -05:00
Thomas Bernard 77968a09d9 Solaris 11 compilation fixes 2016-11-11 09:42:22 -05:00
Thomas Bernard 81d348207c Add makefile specific for Solaris/SunOS 2016-11-11 09:40:56 -05:00
Thomas Bernard 1579f4a2af 2015 => 2016 2016-10-07 11:16:03 +02:00
Thomas Bernard 3f04f69163 2015 => 2016 2016-10-07 10:56:56 +02:00
Thomas Bernard 8aa6c73a85 genconfig.sh add a comment
comment about DragonFly BSD 2.8 version detection for
PFRULE_INOUT_COUNTS
2016-08-16 11:39:54 +02:00
YONETANI Tomokazu 18e9a376c7 net.inet6.ip6.v6only, 1 by default, has been removed on DragonFly
Build on DragonFly with ENABLE_IPV6 defined has been broken unless
this sysctl node is turned off.  Since we cannot turn it off now and
it's been that way for almost 2 years, simply treat it as 1.

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2fd1df03f3071b4559ce3bbe36924b2305631edd

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:14:03 +09:00
YONETANI Tomokazu 07ae540724 Fix build error on DragonFly for missing inp_vflag
DragonFly has dropped V4-mapped address support some time ago,
and here's how to fix the related code:
  http://lists.dragonflybsd.org/pipermail/users/2014-December/207284.html

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:12:36 +09:00
YONETANI Tomokazu c92b9fa296 DragonFly v2.8+ needs PFRULE_INOUT_COUNTS defined
This removes a couple of warnings from the compiler.

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:12:33 +09:00
Thomas Bernard 9a5eaaa767 remove extra curly brace in tomato_load()
fixes #195 which was introduced in 6532b02cab
2016-04-24 22:20:14 +02:00
Thomas Bernard 1337158fcf miniupnpd & miniupnpc version 2.0 2016-04-19 23:17:29 +02:00
Thomas Bernard 60b38bf556 Fix test of iptables(libiptc) version
fix for versions >= 1.5.x
2016-04-18 11:00:53 +02:00
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes #193
2016-03-08 10:29:47 +01:00
Thomas Bernard 6532b02cab Fix tomato_load() leaseduration
fixes #192
2016-03-04 19:33:18 +01:00
Thomas Bernard ee22350d5f Changelog.txt: Update 2016-02-20 20:13:34 +01:00
Thomas Bernard 36c4c0ded4 do not use multicast global scope 2016-02-19 14:20:45 +01:00
Thomas Bernard 984a6f144e set IPv6 Hop limit to 10 2016-02-19 14:20:31 +01:00
Thomas Bernard fd82e4c2d9 upnpevents.c: properly enclose IPv6 address in []
in the HOST: header of NOTIFY http requests
2016-02-19 12:38:32 +01:00
Thomas Bernard 19ee0577e3 fix compliance issue on 64bit machines
ui4 values should wrap to 0 after overflowing (2^32 - 1)
2016-02-19 11:59:52 +01:00
Thomas Bernard 0f7747496d update Changelog 2016-02-16 13:16:57 +01:00
Thomas Bernard be733d5f62 more checks on argument value 2016-02-16 12:07:22 +01:00
Thomas Bernard 527dd946ef check invalid values for ExternalPort 2016-02-16 10:58:11 +01:00
Thomas Bernard a712218af8 Second-infinite is deprecated 2016-02-16 10:57:22 +01:00
Thomas Bernard 92e6173a97 with UDA 1.1 content-type should include charset 2016-02-16 10:56:32 +01:00
Thomas Bernard 22f7836816 reorder elements in XML descriptions to follow UDA 1.1 2016-02-16 10:55:48 +01:00
Thomas Bernard 13a6a38241 add configId attribute to <root> element (UDA 1.1) 2016-02-16 10:55:03 +01:00
Thomas Bernard 8c5e90db3a do not delete/re-add pf rule if the desc/label is unchanged 2016-02-15 18:48:23 +01:00
Thomas Bernard 0d6d6afc32 try to support better IPPROTO_UDPLITE :) 2016-02-15 13:36:30 +01:00
Thomas Bernard 34883b7113 use a proto_itoa() function 2016-02-15 13:34:22 +01:00
Thomas Bernard 430dcc7b22 update leasefile 2016-02-12 16:57:22 +01:00
Thomas Bernard 680862915a accept udp in lowercase 2016-02-12 16:55:13 +01:00
Thomas Bernard 7112203428 pf/obsdrdr.c: add_timestamp_entry() 2016-02-12 16:35:46 +01:00
Thomas Bernard 4eda8234c2 reject mappings with wildcard ExternalPort 2016-02-12 15:58:19 +01:00
Thomas Bernard 9c28a0745f remove warning 2016-02-12 15:31:21 +01:00
Thomas Bernard b439bd7791 check uuid-dev / libuuid 2016-02-12 15:29:49 +01:00
Thomas Bernard 68dd51559c minimal support for ipf 2016-02-12 15:13:59 +01:00
Thomas Bernard ff4b9c5d75 netfilter/iptcrdr.c: improve debug output 2016-02-12 15:02:44 +01:00
Thomas Bernard db6f272bba miniupnpd: update some TODO 2016-02-12 15:02:06 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard 34f80a011f Add light version of iptables_display.sh script 2016-02-12 14:56:10 +01:00
Thomas Bernard 8bad6cd338 netfilter/iptcrdr.c: remove old USE_INDEX_FROM_DESC_LIST code 2016-02-12 14:55:09 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard c4f2397d5c upnpevents.c: quick syntax fix... 2016-02-11 11:42:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 19211d20d1 add debug log in remove_unused_rules() 2016-02-11 10:31:49 +01:00
Thomas Bernard cac8668a7d miniupnpd/Makefile: linking uses LDFLAGS, not CFLAGS 2016-02-10 21:37:00 +01:00
Thomas Bernard 42c7bf935c ClearOS specifics 2016-02-10 20:44:46 +01:00
Thomas Bernard 81e0ca10df upnphttp.c: fix when compiling with UPNP_STRICT 2016-02-09 10:17:58 +01:00