Commit Graph

1077 Commits

Author SHA1 Message Date
Thomas Bernard 9239cf28c1
Fix the cleanup of PREROUTING mangle chain
it was changed iby mistake to FORWARD by 82ec7bc3df

see discussion in PR #530
2021-02-26 15:15:09 +01:00
Thomas Bernard 3b6b0ba1e3
INSTALL: update 2021-02-26 15:14:03 +01:00
Thomas Bernard 207d1849e4 miniupnpd.c: typo and ip -> IP 2021-01-15 19:33:29 +01:00
Pali Rohár e6bf74a691 Add check that miniupnpd is not going to listen on WAN interface with public IP address
Option listen= is used for LAN interface/address and option ext_addr= is
used for public IP address. If users by mistake swap WAN and LAN interface
or public and private IP addresses then miniupnpd obviously would not work
and instead of hacking miniupnpd code users should rather check their
miniupnpd configuration or local firewall settings.

So add checks and hints which prevents security issues like swapping LAN
and WAN interfaces/addresses and therefore prevent exposing port forwarding
and firewall configuration on public Internet.
2020-12-30 11:23:29 +01:00
Pali Rohár 304ff79dc5 Update and extend description from STUN output
People sometimes do not understand where is the problem, so include also
hints what they needs to check, change and re-configure.
2020-12-30 11:22:12 +01:00
Thomas Bernard 9ef311d235
miniupnpd: version 2.2.1 2020-12-20 19:12:47 +01:00
Tim Gates 341d0f51a2
docs: fix simple typo, decription -> description
There is a small typo in miniupnpd/commonrdr.h, miniupnpd/ipf/ipfrdr.c, miniupnpd/pf/obsdrdr.c.

Should read `description` rather than `decription`.
2020-12-10 05:26:04 +11:00
Thomas Bernard 22c1386351
protocol[] can be "UDPLITE"
fixes #5034
2020-11-12 08:59:47 +01:00
Thomas Bernard f50f00b5ea
errno.h not sys/errno.h 2020-11-11 13:24:48 +01:00
Thomas Bernard ab544c3a0e
asyncsendto.c: use named enum.
see #502
2020-11-11 13:16:14 +01:00
Thomas Bernard 30c27967ae
fix error message for IPV6. 2020 2020-11-05 21:59:25 +01:00
Thomas Bernard 97fd716bd0
2020 2020-11-04 22:32:14 +01:00
Thomas Bernard 057368701e
fix warning 2020-11-04 22:31:47 +01:00
Thomas Bernard 32164d27d2
fix a couple of warnings 2020-11-02 00:26:13 +01:00
Thomas Bernard c41094c2af
exact same declaration for random_url[]
see #498
2020-11-01 23:29:08 +01:00
Thomas Bernard 29797cf607 2019 => 2020 2020-10-31 11:36:06 +01:00
Thomas Bernard 01d686078e
use tag as GITREF if available 2020-10-31 10:56:02 +01:00
Thomas Bernard 56c66b5472
miniupnpd version 2.2.0 2020-10-31 10:23:44 +01:00
Thomas Bernard 1331b42410
fix dd99f0eb75 2020-10-31 10:05:50 +01:00
Thomas Bernard dd99f0eb75
sysctl is not always in /sbin 2020-10-30 23:11:44 +01:00
Thomas Bernard 72ec9e1943
update changelog / comments 2020-10-30 22:44:02 +01:00
Thomas Bernard c9939cc01e
fix portinuse.c for OpenBSD 5.5+
all CIRCLEQ have been replaced by TAILQ
fixes #496
2020-10-30 22:14:45 +01:00
Thomas Bernard 1008ed1117 Merge branch 'issue-465' into master 2020-10-28 19:38:52 +01:00
Thomas Bernard 90259ae803
Fix undefined behaviour: shifting signed int by 31 place
see #465

     #0 0x555719469ec5 in AddAnyPortMapping.cfi /home/ryutaroh/miniupnpd-1018/miniupnp/miniupnpd/upnpsoap.c:703:42
     #1 0x5557194705a7 in ExecuteSoapAction /home/ryutaroh/miniupnpd-1018/miniupnp/miniupnpd/upnpsoap.c:2335:5
 SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior upnpsoap.c:703:42 in
2020-10-26 08:46:37 +01:00
Thomas Bernard 85f8123504 Merge branch 'issue-495' into master 2020-10-24 15:23:26 +02:00
Thomas Bernard 946f6c19bb
fix Makefile.bsd
fixes #495
2020-10-24 15:17:59 +02:00
Thomas Bernard 92ff8a6a7e
in_addr_t instead of struct in_addr 2020-10-22 23:20:50 +02:00
Thomas Bernard 6b2070c6e9
fix 18a6ab0201 2020-10-22 23:19:59 +02:00
Thomas Bernard 5e7f8b5183 netfilter_nft/nftnlrdr_misc.h: comment 2020-10-22 21:39:41 +02:00
Thomas Bernard 1b5cab1e87
update Changelog.txt 2020-10-22 21:27:04 +02:00
Thomas Bernard 68cc35156e
fix nftables shutdown_redirect()
see #481
2020-10-22 21:19:37 +02:00
Thomas Bernard 04e245258e
For FreeBSD ports
see #495
2020-10-22 20:45:15 +02:00
Thomas Bernard 18a6ab0201
AddAnyPortMapping(): Only try allowed ports
build an array of all allowed ports.
should fix #465
2020-10-18 00:20:24 +02:00
Thomas Bernard 3a17dea056 pass rule type to the private arg of mnl_cb_run() callback
should fix #481
2020-10-17 23:20:29 +02:00
Thomas Bernard a3522723ae fix .gitignore 2020-10-17 22:55:12 +02:00
Thomas Bernard 2595275eb5 netfilter_nft: build testing 2020-10-17 22:52:34 +02:00
Thomas Bernard 992565201b fix testnftnlrdr.c 2020-09-29 01:00:29 +02:00
BERNARD Thomas 91ff44c9d2 netfilter_nft: fix test stuff 2020-09-29 00:43:55 +02:00
Thomas Bernard 11dec5b25c fix log 2020-09-29 00:17:58 +02:00
Thomas Bernard f9908a788b Move chain name variables to netfilter/* 2020-09-28 22:44:24 +02:00
Thomas Bernard 61d4aecb6e fix warning 2020-09-28 21:58:08 +02:00
Thomas Bernard 7db8ef0921 fix c9f6ddd 2020-09-28 21:57:50 +02:00
Thomas Bernard c9f6ddd102
miniupnpd/netfilter_nft: more logs in set_rdr_name()
see #481
2020-09-26 17:42:26 +02:00
Pali Rohár dbb821a7c9 getifaddr.c: Fix mask for RFC7534 Direct Delegation AS112 Service 2020-07-12 13:45:30 +02:00
Thomas Bernard d7b40010d5
nftnlrdr_misc.c: add log in case of send_batch() failure
useful for #481
2020-07-09 11:16:47 +02:00
Chen Minqiang b44e5e7a83 fix update_portmapping() missing target when update filter table 2020-06-27 11:31:08 +08:00
Thomas Bernard 24df04fc1b update 2020-06-20 17:49:19 +02:00
Thomas Bernard 7a9452fca9
miniupnpd: make sure "runtime_vars" are initialized 2020-06-20 17:02:19 +02:00
Thomas Bernard 5bbcc0bb65
miniupnpd --help shows usage 2020-06-20 17:01:01 +02:00
Thomas Bernard 417b496617
miniupnpd: add -v/-vv command line argument to enable more logs
fixes #477
2020-06-20 17:00:10 +02:00