Commit Graph

547 Commits

Author SHA1 Message Date
Tomofumi Hayashi af780b8255 Fix to get NAT port as uint16_t. 2015-03-16 19:38:28 +09:00
Tomofumi Hayashi d2bc556733 In case of remove filter, just remove one rule. 2015-03-16 19:35:23 +09:00
Tomofumi Hayashi 939b3262c3 Add expr_set_reg_val_u16 for network port num. 2015-03-16 18:02:07 +09:00
Tomofumi Hayashi 75fd37e958 Fix NAT issue (cannot snat/dnat actually).
Port number endian is failed.
2015-03-16 17:29:20 +09:00
Tomofumi Hayashi c19b87ee07 Add egress if index val and rename ifidx to ingress_ifidx. 2015-03-16 17:28:03 +09:00
Tomofumi Hayashi 3e635dbe17 Changes init script (only add chains). 2015-03-16 17:24:31 +09:00
Tomofumi Hayashi f7288efb5e Fix init script. 2015-03-12 15:17:33 +09:00
Tomofumi Hayashi 7065b0040f Add README. 2015-03-11 22:18:26 +09:00
Tomofumi Hayashi dcf218c452 Initial commit to support nftables. 2015-03-11 21:10:25 +09:00
Thomas Bernard b137df30d9 Merge remote-tracking branch 's1061123/fix_range1' 2015-03-09 10:59:49 +01:00
Tomofumi Hayashi 3b472b59e0 Fix get_portmappings_in_range() in non-expand case.
In get_portmappings_in_range(), array[] is not updated when
realloc() is not called, hence get_portmappings_in_range() is
always null. This fix changes to fill array[].
2015-03-09 17:33:10 +09:00
Thomas Bernard 85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard eb72ab5330 miniupnpd.c: don't die when IPv6 is enabled and interface has no IPv4 address 2015-02-20 18:31:55 +01:00
Thomas Bernard e896e298f3 miniupnpd: remove warnings 2015-02-16 22:41:40 +01:00
Thomas BERNARD d5ccd5e86e Merge pull request #101 from pyzhu/master
avoid compile warning
2015-02-11 23:33:47 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 5df35db6ab fix c7d7efd230 2015-02-08 10:46:13 +01:00
Thomas Bernard 7c1a04ab30 upnpsoap.c: 2014 => 2015 2015-02-08 10:23:54 +01:00
Thomas Bernard c7d7efd230 fix realloc failure issues detected thanks to cppcheck 2015-02-08 10:23:22 +01:00
Thomas Bernard 241ede9ddf miniupnpd: improve (some) logs 2015-01-20 14:13:18 +01:00
Thomas Bernard f795af5f54 2014 => 2015 2015-01-20 14:12:10 +01:00
Thomas Bernard bbb6df523d miniupnpd/natpmp.c: #if IPV6_PKTINFO => #ifdef IPV6_PKTINFO 2014-12-31 01:38:15 +01:00
Thomas Bernard c336b23706 miniupnpd/upnpglobalvars.c: documentation about CONFIGID.UPNP.ORG 2014-12-15 12:02:42 +01:00
Thomas Bernard c4b167537f miniupnpd/Makefile.linux: fix clean (testporinuse.o) 2014-12-15 11:59:17 +01:00
Thomas Bernard 22bc695f91 remove unused bsdqueue.h 2014-12-15 11:58:57 +01:00
Thomas Bernard 2d89a05982 miniupnpd/miniupnpd.c: minor fixes in usage output 2014-12-10 10:44:32 +01:00
Thomas Bernard 99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard 00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard 2d52890608 miniupnpd/upnpglobalvars.c: document BOOTID.UPNP.ORG and CONFIGID.UPNP.ORG 2014-12-10 10:03:13 +01:00
Thomas Bernard e283270274 miniupnpd/pf/pfpinhole.c: reduce log verbosity
also remove a "argument not used" warning
2014-12-10 09:46:57 +01:00
Thomas Bernard e013870cca miniupnpd/upnpsoap.c: remove an unneeded \n in log 2014-12-09 18:32:31 +01:00
Thomas Bernard 181850ad1f miniupnpd/upnphttp.c: check ':' in HTTP header names 2014-12-09 18:28:23 +01:00
Thomas Bernard 98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard 31986d8190 miniupnpd/upnphttp.c: fix 526e1dcd40 2014-12-09 17:48:14 +01:00
Thomas Bernard 9e30117cac miniupnpd/upnphttp.c: fix ec94c5663f
thanks to Stephen Röttger
2014-12-09 11:44:28 +01:00
Thomas Bernard 526e1dcd40 miniupnpd/upnphttp.c: skip only spaces and tab (stop on CR and LF) 2014-12-09 11:38:50 +01:00
Thomas Bernard 064c78730c miniupnpd/upnphttp.c: cosmetical changes 2014-12-09 11:04:38 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard 7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard 3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard 33a5ebf367 miniupnpd/upnpsoap.c: make WANAccessType easier to configure 2014-11-27 13:25:45 +01:00
Thomas Bernard eef94da7e0 miniupnpd/upnpreplyparse.c: fix DisplayNameValueList() 2014-11-12 17:05:15 +01:00
Thomas Bernard bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard 27d4d10a3e miniupnpd/miniupnpd.c: fix PCP third party mode (in IPv4)
fixes problem introduced in commit 16389fda3c
2014-10-30 20:37:35 +01:00
Thomas Bernard 50f7611227 miniupnpd/TODO: updated TODO (a bit) 2014-10-30 20:35:36 +01:00
Thomas Bernard 510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard 067aa01856 miniupnpd/pcpserver.c: remove unused argument warning 2014-10-27 17:39:01 +01:00
Thomas Bernard a80c87fb8d remove need of sys/queue.h or bsdqueue.h in upnpreplyparse.c/.h 2014-10-27 17:38:26 +01:00
Thomas Bernard fb1aba3c9a miniupnpd/natpmp.c: fix walktrough of mapping "list" for NATPMP removal 2014-10-23 18:00:24 +02:00
Thomas Bernard 350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
fixes #97
2014-10-23 17:57:31 +02:00
Thomas Bernard 8baf8d351a miniupnpd/minissdp.c: Remove warning (caused by double const) 2014-10-22 13:57:24 +02:00
Thomas Bernard 88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard 447bad32c9 miniupnpd/minissdp.c: Add documentation to SSDPNotify* functions 2014-10-22 12:11:34 +02:00
Thomas Bernard aef2c0a3b4 miniupnpd/minissdp.c: fix 50e370abcd
while() => for() / reindent/etc
2014-10-22 12:10:30 +02:00
Thomas Bernard ac816e91f9 Merge branch 'master' into mcast_ssdp 2014-10-22 11:47:46 +02:00
Thomas Bernard 9194b02071 miniupnpd/minissdp.c: comments about binding "notify" sockets
Explain why bind() is called in functions
OpenAndConfSSDPNotifySocket and OpenAndConfSSDPNotifySocketIPV6
2014-10-22 11:43:42 +02:00
Thomas Bernard e810903443 miniupnpd/upnputils.c: do something in case inet_ntop() fails 2014-10-22 11:14:48 +02:00
Thomas Bernard bedbf88fc6 miniupnpd/upnputils.c: compile some debug output only when needed 2014-10-22 11:13:48 +02:00
Thomas Bernard 16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
sbyx 4cbcdc34d2 UPNP pinholing: add missing sys/types.h include
sys/types.h is necessary to declare u_int64_t for some c libraries, so include it.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 15:54:02 +02:00
sbyx 47b77fabb6 Remove unnecessary sysctl.h include for linux
miniupnpd on Linux unnecessarily includes sys/sysctl.h which breaks builds with musl-libc.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 10:56:34 +02:00
Thomas Bernard 82604ec5d0 miniupnpd/miniupnpd.conf: add comments regarding security
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
Markus Stenberg 17dabcc708 Use -f with gzip, to prevent interactive promots when running make install multiple times. 2014-10-08 14:24:01 +03:00
Thomas Bernard 97c001d464 add use(less ?)ful comments 2014-10-06 14:44:45 +02:00
Thomas Bernard 55c959247b miniupnpd/minissdp.c: remove warning if ipv6 is disabled 2014-10-06 14:44:23 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 9885060d5c miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3
see commit 7f6cf3680e
2014-09-15 17:12:31 +02:00
Gleb Smirnoff 7f6cf3680e Use BSD libc API to fetch data about interface statistics instead
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.

This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.

Tested by:	Daniel Engberg <daniel.engberg.lists pyret.net>
2014-09-14 13:41:49 +04:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard 1961868cd5 miniupnpd/minissdp.c: add a default delay before SSDP response
fixes #084
2014-08-01 12:30:55 +02:00
sbyx ef408d0857 Fix typo in byte conversion & writing in NAT-PMP
This fixes https://github.com/miniupnp/miniupnp/issues/89.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-07-31 08:43:48 +02:00
Daniel Becker dcf658c55e miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD 2014-06-20 23:23:16 -07:00
Thomas Bernard 78d32ba012 Merge remote branch 'mikedld/remove-macosx-macro' 2014-06-16 10:54:03 +02:00
Mike Gelfand c08833f9e8 Use _WIN32 instead of WIN32 to check for Windows
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
2014-06-15 09:37:13 +03:00
Mike Gelfand 920845b107 Use built-in __APPLE__ macro instead of MACOSX
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
2014-06-15 04:14:43 +03:00
Markus Stenberg 5aaac2c6f5 miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port. 2014-06-02 19:39:06 +03:00
Markus Stenberg 3eb71223b4 For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh) 2014-05-29 17:56:48 +03:00
Thomas Bernard 50e370abcd miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses 2014-05-23 17:05:15 +02:00
Thomas Bernard 4069d9633c miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket 2014-05-23 17:03:56 +02:00
Thomas Bernard 6bf84dc834 miniupnpd/minissdp.c: clean SendSSDPbyebye() 2014-05-23 12:07:39 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 00fbdb70cf miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface 2014-05-22 10:17:06 +02:00
Thomas Bernard 165aeef129 miniupnpd/minissdp.c: clean SendSSDPNotify() code 2014-05-22 10:12:26 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 72463253dc miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT 2014-05-22 01:38:18 +02:00
Thomas Bernard 9f78015a5b miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Markus Stenberg c038146cee Added ipv6_listening_ip option to override it from in6addr_any.
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard d851ad4c25 miniupnpd: Retreive PCP packed IPV6 destination address 2014-05-19 15:27:34 +02:00
Markus Stenberg 83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard 7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard 653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00