Commit Graph

510 Commits

Author SHA1 Message Date
Thomas Bernard 15a2320c86 miniupnpd/portinuse.c/iptcrdr.c: cosmetic changes 2014-03-13 14:49:05 +01:00
Thomas Bernard c4e63048c4 miniupnpd: add CHECK_PORTINUSE to enable/disable port_in_use() 2014-03-13 14:48:52 +01:00
Thomas Bernard 06764123fb Merge remote branch 'origin/master' into portinuse
Conflicts:
	miniupnpd/Makefile.linux
	miniupnpd/natpmp.c
2014-03-13 14:19:44 +01:00
Thomas Bernard a7d9071c5a miniupnpd/upnpevents.c: fix upnp_event_notify_connect() when ENABLE_IPV6 is set 2014-03-13 11:56:28 +01:00
Thomas Bernard 8d93ddb076 miniupnpd: change IP change msg from LOG_DEBUG to LOG_INFO 2014-03-13 11:34:34 +01:00
Thomas Bernard 9f665b572f miniupnpd: fix BSD Makefile 2014-03-13 11:34:34 +01:00
Thomas Bernard 62d6c860ce catch up Changelog.txt
see commit 3ed3478398
2014-03-13 11:34:34 +01:00
Thomas Bernard 7b13adafbd miniupnpd: reduce number of global variables by using more runtime_flags
change ipv6_enabled/ipv6fc_inbound_pinhole_allowed/ipv6fc_firewall_enabled
global vars to flags in runtime_flags
2014-03-13 11:34:33 +01:00
Thomas Bernard 15682180a5 miniupnpd: Work in IPv6 on system where PF_INET6 are restricted to IPv6 only 2014-03-13 11:34:08 +01:00
Thomas Bernard 2a48074f45 miniupnpd: Enable PCP by default. 2014-03-13 11:24:04 +01:00
Thomas Bernard 3ed3478398 miniupnpd/getifaddr.c: clean up and fix getifaddr_in6() 2014-03-13 10:42:07 +01:00
Thomas Bernard 81fa1bcd57 miniupnpd/getifaddr.c: getifaddr_in6() only return IPv4 address when IPV6 disabled
see if it can help for issue #62
pcp/CheckAddress() is likely to need more changes.
2014-03-13 10:00:42 +01:00
Thomas Bernard d397d73628 miniupnpd/getifaddr.c: fix getifaddr_in6()
-1 is returned if no address is found
2014-03-13 09:56:34 +01:00
Thomas Bernard 081c46338c miniupnpd/upnppermissions.c: disable match_permission_internal() 2014-03-13 09:53:44 +01:00
Thomas Bernard b01152666c Adding Daniel Becker to thanks list 2014-03-12 09:04:47 +01:00
Daniel Becker 408a0b55f6 miniupnpd/pcpserver.c: return error code if PCP mapping fails
This change causes CreatePCPMap to return a PCP_ERR_NO_RESOURCES
response when upnp_redirect_internal does not succeed;
previously, no error code was returned in this case.
2014-03-11 02:06:38 -07:00
Thomas BERNARD 2ee9c05843 Merge pull request #59 from razzfazz/port_natpmp_updates_to_pcp
miniupnpd/pcpserver.c: port NAT-PMP updates to PCP
2014-03-11 10:00:28 +01:00
Daniel Becker efbb95aa10 miniupnpd/pcpserver.c: port NAT-PMP updates to PCP
This change ports the recent updates to the permissions checking
and eport selection code for NAT-PMP to the PCP MAP handler.
2014-03-11 01:54:10 -07:00
Thomas Bernard 210876f2a7 miniupnpd/natpmp.c: make indentation consistant and add a comment 2014-03-11 09:47:09 +01:00
Daniel Becker 4f160366bd miniupnpd/natpmp.c: remove obsolete assignment
The eport_first variable now gets initialized in the first
iteration of the while loop; the assignment right before the
loop should have been removed in the previous commit.
2014-03-10 11:14:49 -07:00
Daniel Becker f4f4573f53 miniupnpd: fix eport selection and error handling
The find_available_eport function that was intended to check if
at least one eport is allowed for a given iaddr/iport does not
work as intended; for example, it does not properly handle rule
precedence (i.e., it considers allow rules even if they are
effectively masked by earlier deny rules), and it also does not
handle the case where no rules are specified at all (which
should default to accept in order to be consistent with
check_upnp_rule_against_permissions). The present change removes
this function and instead integrates the check into the existing
while loop that iterates over all eports.
2014-03-10 00:32:23 -07:00
Thomas Bernard ecf414e160 miniupnpd/Changelog.txt: Catch up changes... 2014-03-10 00:12:20 +01:00
Thomas Bernard a27979afde Merge branch 'fix_pf_redirect'
Conflicts:
	miniupnpd/pf/testobsdrdr.c
2014-03-10 00:03:06 +01:00
Thomas BERNARD 0ff8e67c26 Merge pull request #57 from razzfazz/natpmp_avoid_port_zero
miniupnpd/natpmp.c: skip port zero when finding free eport
2014-03-08 01:03:43 +01:00
Thomas BERNARD 69643d377c Merge pull request #56 from razzfazz/natpmp_cleanup
miniupnpd/natpmp.c: remove redundant break statements
2014-03-07 22:54:42 +01:00
Daniel Becker 1db670d6ff miniupnpd/natpmp.c: skip port zero when finding free eport
When skipping ports that are in use or not allowed, the existing
NAT-PMP code will consider port zero as a candidate eport after
wraparound occurs. Since this is not a legal port, we skip over it.

port zero as an eport value.
2014-03-07 11:02:04 -08:00
Daniel Becker ba04327bb0 miniupnpd/natpmp.c: remove redundant break statements
These two break statements are redundant: The subsequent continue
statement will cause the loop condition to be re-evaluated, at which
point the loop will terminate if resp[3] != 0.
2014-03-07 07:42:40 -08:00
Thomas Bernard e385db03b9 miniupnpd: improved permission checking for NAT-PMP
NAT-PMP now searches an allowed eport if the one from
request is not, instead of returning an error
2014-03-07 11:48:17 +01:00
Thomas Bernard b7ee469980 miniupnpd/pf: update testobsdrdr.c 2014-03-06 14:24:58 +01:00
Thomas Bernard 60e129d131 miniupnpd/pf: delete_redirect_and_filter_rules() now take internal address into account 2014-03-06 14:24:10 +01:00
Thomas Bernard acc149ee99 miniupnpd/pf: fix add_filter_rule2() by adding internal address 2014-03-06 14:23:13 +01:00
Thomas Bernard 65b776f1ed miniupnpd/pf: add clear_filter_rules() for testing
also add a --clear / -c argument to testobsdrdr programm
2014-03-06 14:21:39 +01:00
Thomas Bernard f49a70aab0 miniupnpd/testgetifaddr.c: also test find_ipv6_addr() 2014-03-03 12:37:01 +01:00
Thomas Bernard e5146cdf24 miniupnpd/Makefile.linux: fixes for testasyncsendto
also update dependencies
2014-03-03 12:35:12 +01:00
Thomas BERNARD d38902230e Merge pull request #54 from razzfazz/fix_no_eport_error_code
miniupnpd/natpmp.c: return correct error code when all external ports in...
2014-03-01 13:51:25 +01:00
Daniel Becker edd501f59c miniupnpd/natpmp.c: return correct error code when all external ports in use
Instead of returning code 3 ("Network Failure"), we should the
more appropriate code 4 ("Out of resources") when no external
port is available for a mapping.
2014-02-28 14:47:53 -08:00
Thomas Bernard 5512d022ac miniupnpd/pf/obsdrdr.c: add UNUSED() when necessary 2014-02-28 21:28:12 +01:00
Thomas Bernard 9d23b88cef miniupnpd/pf: replace delete_filter_rule()
now use delete_redirect_and_filter_rules()
2014-02-28 21:26:52 +01:00
Thomas Bernard 37208eecae miniupnpd/pf/obsdrdr.c: improve documentation 2014-02-28 21:22:52 +01:00
Thomas Bernard 9c7df04b13 miniupnpd/pcpserver.c: fix defines
with OpenBSD,  <netinet/in.h> must be included before <arpa/inet.h>
2014-02-28 20:26:02 +01:00
Thomas Bernard 7f3fbccbeb testminissdpd: various improvements
more tests.
2014-02-28 20:24:19 +01:00
Thomas Bernard bd83aa90c5 minissdpd: accept request of type 3 with 0 lenght argument 2014-02-28 20:23:51 +01:00
Thomas Bernard 56aca98164 miniupnpd/pf: catch up test programs 2014-02-28 20:20:51 +01:00
Thomas Bernard 802ad22f4d miniupnpd: minor stuff (remove warning, add debug log) 2014-02-28 16:40:20 +01:00
Thomas Bernard dbdad6a79b miniupnpd: improve finalize_sendto() 2014-02-28 16:39:59 +01:00
Thomas Bernard b71e0c028f Merge branch 'limit_eport_search' 2014-02-28 13:36:28 +01:00
Thomas Bernard 3c90f6a30d miniupnpd/natpmp.c: avoid hang when all external ports in use
reorganize a bit
2014-02-28 13:34:46 +01:00
Thomas Bernard 8fc7f0b5e1 miniupnpd: log message when shutting down 2014-02-28 13:16:22 +01:00
Thomas Bernard 6dff4263bd miniupnpd/Changelog.txt catch up... 2014-02-28 13:16:06 +01:00
Daniel Becker c6a8879c87 miniupnpd/natpmp.c: avoid hang when all external ports in use
The NAT-PMP code attempts to find a different eport if the
requested one is already in use. If all eports are in use, that
would previously cause the code to iterate through the range of
eports forever. To avoid this case, we keep track of the first
eport we attempted to use and abort the loop once we've cycled
through all possible values exactly once (which takes us back
to the initial eport).
2014-02-28 00:00:26 -08:00