Thomas Bernard
585a1d64e2
getifaddr.c: properly use strncpy()
...
silent a gcc8 warning
2019-05-20 21:55:17 +02:00
Vladislav Grishenko
08b80d5abd
miniupnpd: fix ssdp notify on unrelated interfaces
...
If several different interfaces share same ipv4 address on different
subnets (i.e. eth0 192.168.1.1/24 + eth1 192.168.1.1/16), miniupnpd
may pick any one of them, possibly wrong one w/o respecting exact
listening_ip interface.
syslog will contain something similar to:
miniupnpd: sendto(udp_notify=6, 192.168.1.1): No such device
miniupnpd: sendto(udp_notify=6, 192.168.1.1): No such device
miniupnpd: try_sendto(sock=6, len=464, dest=239.255.255.250:1900): sendto: No such device
miniupnpd: try_sendto(sock=6, len=464, dest=239.255.255.250:1900): sendto: No such device
miniupnpd: try_sendto failed to send 11 packets
Fix that with specifying exact outgoing mcast interface for each
notify socket with help of IP_MULTICAST_IF/mreqn struct.
Since OpenAndConfSSDPNotifySocket() now takes lan_addr_s struct,
OpenAndConfSSDPNotifySocketIPv6() was similary changed for api
consistency.
2019-05-02 15:36:06 +05:00
Thomas Bernard
2ffc7afae9
minissdp.c: fix indentation
2019-05-02 12:09:28 +02:00
Thomas Bernard
1ef1deec01
upnpevents.c: properly handle urls in the form http://ip:port
...
Fix buffer over-read in upnpevents.c with urls in the form http://ip:port
(without path).
Assume / when the path is empty
fixes #361
2019-04-09 22:06:21 +02:00
Thomas Bernard
922372bff3
2019
2019-04-08 14:46:11 +02:00
Thomas Bernard
2f16cf7387
AddPortMapping supports error 606 in IGDv2
...
see #359
2019-04-07 23:01:51 +02:00
Thomas Bernard
e1b4f25bba
upnpreplyparse.c: Fix memory leak
...
If there are multiple NewPortListing tags,
there is a malloc() for each one.
fixes #357
2019-04-05 10:30:10 +02:00
Thomas Bernard
a9a764cea9
update Changlogs.
2019-04-03 17:38:33 +02:00
Thomas Bernard
8f403ae8ae
Makefile.linux: clean testminissdp.o and testssdppktgen.o
2019-03-22 15:36:58 +01:00
Thomas Bernard
2d873ce908
miniupnpd_functions.sh parsing fix.
...
both MINIUPNPD and MINIUPNPD-PREROUTING were matched by
/$CHAIN/.
2019-03-22 15:35:23 +01:00
Thomas Bernard
476974ab52
use iptables -I instead of -A to add rules
...
So the rules are added at the head of the chains, taking
priority over the preloaded rules.
should fix #354
2019-03-22 15:33:57 +01:00
Thomas Bernard
c3f752db4a
miniupnpd/netfilter: fix iptables_init.sh for postrouting chain
...
should fix #334
2019-03-09 16:16:00 +01:00
Steven Mestdagh
dedbee16b1
AddAnyPortMapping: check against NULL
...
this avoids a crash in strcasecmp by passing an empty protocol argument
2019-03-09 10:24:38 +01:00
Thomas Bernard
a613992892
update Changelog
2019-03-07 23:37:11 +01:00
Rodrigo Osorio
e0ddc97997
Update portinuse code to reflect changes made in FreeBSD 12.0
...
Structures xtcpcb and xinpcb returned by the kernel
hide now part of its members after r315662. The fix
was inspired by changes made in usr.bin/systat/netstat.c
tool.
2019-03-07 17:22:36 +01:00
Thomas Bernard
e0b5b4efe6
linux/getifstats.c: use custom strtoul() implementation to roll over after 2^32-1
...
fixes #349
http://upnp.org/specs/gw/UPnP-gw-WANCommonInterfaceConfig-v1-Service.pdf
2.2.9 2.2.10 2.2.11 2.2.12 :
This variable represents the cumulative counter for total number
of bytes sent upstream across all connection service instances on
WANDevice. The count rolls over to 0 after it reaching the maximum
value (2^32) –1
2019-02-12 15:10:49 +01:00
Thomas Bernard
08e955de40
Update Changelogs + 2019
2019-02-10 16:11:16 +01:00
Thomas Bernard
30a89be85e
update miniupnpd/minixml.h
2019-02-10 16:10:07 +01:00
Thomas Bernard
e94a724ae5
Merge remote-tracking branch 'sorz/install-nft-script'
...
see pull request #345
2019-02-04 19:39:35 +01:00
Shachar Menashe
51b5e09e04
miniupnpd: add secure compilation flags for Linux
2019-02-04 17:23:42 +02:00
Thomas Bernard
f7d65cdaad
miniupnpd/netfilter/ipctcrdr.c: conditionnaly use NFC_UNKNOWN as well
...
fix #346
2019-02-03 19:04:44 +01:00
Thomas Bernard
6106111972
miniupnpd/netfilter: build with linux kernel 5.0
...
should fix #346
2019-02-03 13:26:27 +01:00
Thomas Bernard
510a6e9630
fix check of valid HTTPS socket
2019-01-23 09:25:10 +01:00
sorz
031915f856
Install nftables scripts
2019-01-18 16:21:25 +08:00
Thomas Bernard
86030db849
fix error from commit 13585f15c7
2018-12-18 23:47:54 +01:00
Thomas Bernard
cb8a02af7a
pcpserver.c: copyIPv6IfDifferent() check for NULL src argument
2018-12-18 23:04:14 +01:00
Thomas Bernard
f321c2066b
upnp_redirect(): accept NULL desc argument
2018-12-18 22:59:18 +01:00
Thomas Bernard
13585f15c7
GetOutboundPinholeTimeout: check args
2018-12-18 22:54:51 +01:00
Thomas Bernard
bec6ccec63
upnp_event_prepare(): check the return value of snprintf()
2018-12-18 22:37:14 +01:00
Thomas Bernard
6b4e9bd855
upnpstun.c: fix generate_transaction_id()
2018-12-15 18:02:46 +01:00
Steven Mestdagh
f6fc66ee41
avoid off-by-one buffer overread
...
similar to commit 9fcc0a72f0
2018-12-06 00:11:21 +01:00
Thomas Bernard
e7fa40f60b
update INSTALL about running a NAT behind NAT setup.
...
also update 2017->2018
2018-10-31 18:33:56 +01:00
Thomas Bernard
bde31cd4f1
update miniupnpd/Changelog.txt
2018-09-07 17:28:42 +02:00
Thomas Bernard
95d707a71f
pcpserver.c: properly fill the opcode field of response
...
fixes #327
2018-09-07 17:24:43 +02:00
Pali Rohár
a2baa36312
Fix compilation with nftables
...
Fixes #324
2018-09-06 17:44:41 +02:00
Thomas Bernard
11785205f1
Merge remote-tracking branch 'Lochnair/fix_nftables' into travis-ci-nftables
2018-07-15 12:59:25 +02:00
Nils Andreas Svee
181428e843
miniupnpd: add update_portmappings functions for nft
2018-07-14 19:59:26 +02:00
Thomas Bernard
ac796a4077
linux: add -lrt when building for glibc < 2.17
2018-07-14 14:23:13 +02:00
Thomas Bernard
d27a3152bd
fix generate_transaction_id()
2018-07-06 15:29:15 +02:00
Thomas Bernard
efe5d87103
LOG_WARNING if behind restrictive NAT
2018-07-06 14:41:04 +02:00
Pali Rohár
e6011dc534
miniupnpd: Allow to specify also port number in -o STUN: option
...
Also update help for -o STUN: option, it can take stun hostname too.
2018-07-06 14:38:37 +02:00
Thomas Bernard
6e5a88098d
fix file headers (=>2018)
...
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 14:16:49 +02:00
Thomas Bernard
d84e004849
Fix upnpstun.o dependencies
2018-07-06 14:16:07 +02:00
Thomas Bernard
810cb665c2
Merge branch 'pr_307'
...
see #307
2018-07-06 13:40:18 +02:00
Thomas Bernard
012cad4111
Makefile.linux: fix depends
2018-07-06 13:36:23 +02:00
Thomas Bernard
b2343c87a7
Add STUN support
...
see #307
2018-07-06 13:33:33 +02:00
Thomas Bernard
18ec4e88e7
asyncsendto.c: 2018
2018-07-06 13:31:44 +02:00
Thomas Bernard
1da39554c7
fixes in upnpstun.c
...
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:31:26 +02:00
Thomas Bernard
15b6f3e9c2
fixes in update_ext_ip_addr_from_stun()
...
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:29:33 +02:00
Thomas Bernard
8bc6d6f556
PERFORMSTUN => PERFORMSTUNMASK. allow to specify stun using -o option
2018-07-06 13:23:22 +02:00
Thomas Bernard
8c91ff515e
reserved[] is const
2018-07-06 13:20:30 +02:00
Nils Andreas Svee
5262990d8e
miniupnpd: support newer libnftnl versions
2018-07-01 23:50:12 +02:00
Thomas Bernard
ef179a45e3
do not check empty string with strlen(s) == 0
...
see #292
2018-06-01 10:55:45 +02:00
Thomas Bernard
72005ce86a
add -w option to iptables.
...
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5113
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-05-29 12:26:33 +02:00
Pali Rohár
c1472ffe4e
miniupnpd: GetExternalIPAddress(): Instead of invalid IP address 0.0.0.0 returns error 501
...
IP address 0.0.0.0 is filled when it is not possible to retrieve IP address. According to specification, GetExternalIPAddress() can return error 501 when action failed.
2018-05-19 17:28:43 +02:00
Pali Rohár
8c97654d70
miniupnpd: When enabled perform STUN to learn external IP address and NAT type
...
Also enable port forwarding when direct (non-NAT) connection or unrestricted NAT 1:1 (without any filtering) is detected.
2018-05-19 13:32:42 +02:00
Pali Rohár
8e10a1aeab
miniupnpd: Disable port forwarding when we are behind restrictive nat with reserved / private IP address
...
In this case port forwarding is impossible, so rather return error code to the client instead of silently trying to do something and informing clients that port forwarding is enabled.
2018-05-19 13:32:04 +02:00
Pali Rohár
cce19781e6
miniupnpd: Add validation that public ip address is not reserved and is really public
...
This ensures that all requests for getting public IP address (either via UPnP IGD or PCP/PMP) would contain correct public IP address or an error (instead of some invalid private/reserved IP address).
2018-05-19 13:31:26 +02:00
Pali Rohár
c35935c61d
miniupnpd: Add function addr_is_reserved() to check if address is private/reserved and therefore not for public port forwarding
2018-05-19 13:31:14 +02:00
Pali Rohár
4f53b322fd
miniupnpd: Add function perform_stun() for detecting external IP address and restrictive NAT via STUN protocol
...
It automatically unblock selected UDP ports for incoming responses and after finishing ports unblock is removed.
2018-05-19 13:31:08 +02:00
Pali Rohár
cd7284785b
miniupnpd: Add function delete_filter_rule() also for PF and Linux Netfilter
...
It is needed for STUN implementation.
2018-05-19 13:31:02 +02:00
Thomas Bernard
582375b64f
miniupnpd: VERSION 2.1
2018-05-08 23:40:27 +02:00
Thomas Bernard
e11bbf0bc0
miniupnpd/pcp: Send PCP announcment at startup
...
fixes #254
2018-05-08 23:06:19 +02:00
yangfl
b3849ef311
Fix OS detection for Debian kFreeBSD
2018-05-08 21:59:15 +08:00
Thomas Bernard
d2bbdee995
fix typo introduced in 00abd9e6c8
2018-05-03 09:54:02 +02:00
Thomas Bernard
a92138345b
add option LEASEFILE_USE_REMAINING_TIME
...
new function lease_file_rewrite()
that is called just before exiting, and when SIGUSR2 is received
see #295
2018-05-02 09:40:12 +02:00
Thomas Bernard
d0e7958617
lease_file_remove(): replace strncpy/strncat by snprintf()
2018-05-01 13:04:20 +02:00
Thomas Bernard
f6ac854f0f
miniupnpd: fix storing of unlimited lease time in lease_file
...
see #295
2018-05-01 11:26:49 +02:00
Thomas Bernard
17773f0a72
if LEASEFILE_USE_REMAINING_TIME is defined, only the remaining time is stored
...
see #295
2018-04-30 17:25:26 +02:00
Thomas Bernard
00abd9e6c8
miniupnpd: store UNIX time in lease_file
...
fixes #295
2018-04-30 16:59:40 +02:00
Thomas Bernard
491ee9f8bf
miniupnpd/upnpevents.c: Add log when error
2018-04-27 00:08:06 +02:00
Thomas Bernard
239d048489
Merge branch 'pf_use_ext_ip_addr'
2018-04-22 21:27:44 +02:00
Thomas Bernard
5dcd40aece
netfilter/iptpinhole.c: remove warning: implicit declaration of function 'upnp_time'
...
fixes ef94635100
2018-04-22 21:24:30 +02:00
Thomas Bernard
0366cd0ba0
replace strlen(s) > 0 by s[0] != '\0'
...
see #292
2018-04-22 21:21:58 +02:00
Thomas Bernard
2b6fa0839f
no more strlen(xxx) == 0.
...
Fixes #292
2018-04-20 17:19:52 +02:00
Thomas Bernard
53e8185725
miniupnpd/pf: set dst address in rule if use_ext_ip_addr is set
...
fixes #231
2018-04-12 11:36:12 +02:00
Thomas Bernard
1fe8d21cf2
fixes #272
2018-04-12 10:49:53 +02:00
Thomas Bernard
eaaf4f10ae
miniupnpd: introduce upnp_gettimeofday() which is monotonic :)
...
fixes #288
2018-04-12 10:07:11 +02:00
Thomas Bernard
0bbff2bb0f
miniupnpd: update Changelog
...
see 82ec7bc3df
2018-04-06 13:00:23 +02:00
yangfl
82ec7bc3df
miniupnpd: Add options for netfilter scripts
2018-03-16 23:57:39 +08:00
Thomas Bernard
ef94635100
miniupnpd: time() => upnp_time()
...
I had forgotten some
see #288
2018-03-14 00:09:42 +01:00
Thomas Bernard
9516c9a007
miniupnpd: fix warnings
2018-03-13 11:53:33 +01:00
Thomas Bernard
dd2aa84204
miniupnpd: use monotonic clock for timeouts, etc.
...
fixes #288
also changed set_startup_time()
2018-03-13 11:43:07 +01:00
Thomas Bernard
f0511d761b
miniupnpd: Add -1 option
...
fixes #277
see #282
2018-02-22 14:02:52 +01:00
Thomas Bernard
9efd7fda66
ChangeLog for #282
2018-02-22 13:53:39 +01:00
Thomas Bernard
80779ff4f7
Fix commit 6cbf0ba
...
Use the "flags" global variable to store the option value
Save a lot of complexity.
2018-02-22 13:47:48 +01:00
Nye Liu
c6bf0ba6f3
Allow runtime override of igd to v1 for people running binaries with v2 enabled
...
Towards miniupnp/miniupnp#277
2018-02-19 22:14:05 -08:00
Thomas Bernard
7f17837253
miniupnpd/minissdp.c: Fix submission of services to minissdpd
...
Version was hardcoded to 1 in "ST:"
2018-02-03 18:14:31 +01:00
yangfl
3158862058
miniupnpd/miniupnpd.8: update man page
2018-02-03 01:46:09 +08:00
Thomas Bernard
718deea11e
Update file headers. 2017 => 2018 etc.
2018-01-16 02:06:46 +01:00
Thomas Bernard
ed35fc6cd4
miniupnpd/testminissdp.c: int => size_t. 2018
2018-01-15 17:47:22 +01:00
yangfl
d492fa39ef
fix typo
2018-01-09 09:33:31 +08:00
Thomas Bernard
a55234d806
upnpreplyparse.c: NameValueParserEndElt() rename arg to avoid confusion
2017-12-12 12:47:33 +01:00
Thomas Bernard
bf4f616f58
miniupnpd/Makefile.linux: add testminissdp
2017-12-12 12:46:59 +01:00
Thomas Bernard
a4d6939193
miniupnpd: update Changelog.txt
2017-12-12 10:51:36 +01:00
Thomas Bernard
9fcc0a72f0
minissdpc.c: Fix buffer overrun in SSDP packet parsing
...
fixes #267
there were several errors in ProcessSSDPData()
in the parsing of ST: MX: and MAN: headers
so a few bytes could be read after the end of the buffer.
2017-12-12 10:42:54 +01:00
Thomas Bernard
256b93e5d3
miniupnpd: add a test for ProcessSSDPData()
...
see #267
2017-12-12 10:08:44 +01:00
Thomas Bernard
a0573e2518
minixml.c: fix heap buffer overflow
...
should fix #268
2017-12-11 14:59:29 +01:00
Thomas Bernard
7aeb624b44
properly initialize data structure for SOAP parsing in ParseNameValue()
...
topelt field was not properly initialized.
should fix #268
2017-12-11 14:27:27 +01:00
Thomas Bernard
7492fe42c2
pcpserver.c: send ANNOUNCE when IP changed
...
see #254
2017-11-27 23:04:51 +01:00