Commit Graph

29 Commits

Author SHA1 Message Date
Thomas Bernard f91a32ff02
miniupnpd: enable secure mode by default 2023-05-27 18:42:18 +02:00
Thomas Bernard 66c4921758
miniupnpd.conf: comments improvement 2023-05-27 11:24:03 +02:00
Thomas Bernard 02da7055fc
option enable_natpmp => enable_pcp_pmp
for backward compatibility, enable_natpmp is stick recognized
2023-05-27 11:21:21 +02:00
MoonlightWave-12 49991e00f6
miniupnpd.conf: Update the address of a STUN-server
See: https://stunprotocol.org/

Also: Adding more newlines for better readability.
2023-05-15 01:00:56 +02:00
yangfl 2ff8cb17da miniupnpd: Add option to match rules with regex
Some reports that a certain app is abusing UPnP for exploiting upload
bandwidth. This commit adds support to restrict UPnP rules to a regex.
By matching requester's description string against rule's regex, this
will make some obstacles for that app.
2022-10-21 21:26:39 +02:00
Brian John 87776e8345 Split "NAT" and "TABLE" for consistency 2022-01-01 16:58:55 -06:00
Thomas Bernard 46ecef1365
miniupnpd.conf: default table name changed with #584 / 3129683c 2021-12-02 00:06:23 +01:00
Sven Auhagen 3129683cb3 NFTables use scripts to create tables and chains
To hardcode table and chain creation and deletion makes it impossible
for existing firewall infrastructures to integrate miniupnpd.
NFTables will either reevaluate packets through miniupnpd or
it will delete existing tables when there are already custom chains in it.

Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
2021-11-28 08:08:37 +01:00
Thomas Bernard d4849fa08e
miniupnpd.conf: comments about netfilter table/chain names 2021-11-27 21:49:25 +01:00
Pali Rohár 304ff79dc5 Update and extend description from STUN output
People sometimes do not understand where is the problem, so include also
hints what they needs to check, change and re-configure.
2020-12-30 11:22:12 +01:00
Thomas Bernard 7800de9429
miniupnpd: fix for bridges
you now can setup :
listening_ip=igb1 bridge0 xxx0 xxx1 ...

miniupnpd will use igd1 address, but will not complain when receiving
packets from either igb1, bridge0, xxx0 or xxx1

fixes #379
see also #408
2020-04-29 00:03:54 +02:00
Thomas Bernard c51c5b7d58
miniupnpd: be more explicit about usage of ext_ip= in double nat setups 2020-04-12 19:44:27 +02:00
Thomas Bernard a774830fe0
miniupnpd: Option to disable IPv6 at runtime : -4 / ipv6_disable=yes 2020-04-09 21:12:20 +02:00
Thomas Bernard a1ceec3dba
miniupnpd: Allow to use two different network interfaces for IPv4 and IPv6 internet
-i / -I
ext_ifname= / ext_ifname6=

see :
df906367be/
thanks to "sfstudio"
2019-05-21 10:42:40 +02:00
Pali Rohár 8c97654d70 miniupnpd: When enabled perform STUN to learn external IP address and NAT type
Also enable port forwarding when direct (non-NAT) connection or unrestricted NAT 1:1 (without any filtering) is detected.
2018-05-19 13:32:42 +02:00
Nye Liu c6bf0ba6f3 Allow runtime override of igd to v1 for people running binaries with v2 enabled
Towards miniupnp/miniupnp#277
2018-02-19 22:14:05 -08:00
Thomas Bernard d3635faeed add upnp_nat_postrouting_chain .conf option
fixes #190

MINIUPNPD-PCP-PEER has also been renamed to MINIUPNPD-POSTROUTING
( 1ba4362910 )
2016-01-26 16:59:04 +01:00
Thomas Bernard f5f3ad1631 clarify multiple LAN interfaces / listening_ip= 2015-11-05 11:51:02 +01:00
Chocobo1 3fcd2b5117 miniupnpd.conf: Fix typos, capitalize each sentence. 2015-04-25 16:10:15 +08:00
Thomas Bernard 82604ec5d0 miniupnpd/miniupnpd.conf: add comments regarding security
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
Thomas Bernard 13037e57b7 miniupnpd/miniupnpd.conf: add a comment 2014-04-22 10:53:58 +02:00
Thomas Bernard 7a2bafd071 miniupnpd/miniupnpd.conf: add https_port option and rename port to http_port 2014-04-22 00:44:37 +02:00
Thomas Bernard d19048ef9e miniupnpd: Make all manufacturer info configurable 2013-12-13 12:03:28 +01:00
Leo Moll d200fb748f Made all manufacturer related information configurable:
- manufacturer_name, default is "`uname -s`"
- manufacturer_url, default is URL of OS verndor
- model_name, default is "`uname -s` router"
- model_description, default is "`uname -s` router"
- model_url, default is URL of OS verndor
2013-10-20 23:02:19 +02:00
Peter Tatrai 9e1ffd5cd9 Add initial PCP support 2013-07-11 09:38:55 +02:00
Thomas Bernard 6d32d69608 Allow LAN interface to be given as interface names.
(instead of interface IP addresses)
It will allow IPv6 operations.
2012-04-06 17:31:24 +02:00
Thomas Bernard a0a1e45ac5 Added friendl_name= option to config file 2012-02-05 00:24:13 +01:00
Thomas Bernard 874283b36f Anchor name (PF) is now configurable through the config file with anchor= 2012-02-03 13:14:10 +01:00
Thomas Bernard 0d96346588 Adding miniupnpd 2011-09-28 21:13:20 +02:00