1261 Commits

Author SHA1 Message Date
Self-Hosting-Group
fc5c72d177 miniupnpd: Fix RemoteHost filtering support not enabled on linux 2024-05-10 16:44:11 +02:00
Thomas Bernard
3ab526b665
IGD_V2: Send byebye before sending the intial ssdp:alive
fixes #697

http://upnp.org/specs/gw/UPnP-gw-WANIPConnection-v2-Service.pdf
p9:
1.2 Changes since WANIPConnection:1

Upon startup, UPnP IGD DCP MUST broadcast an ssdp:byebye before sending the initial
ssdp:alive onto the local network. Sending an ssdp:byebye as part of the normal start up process
for a UPnP device ensures that UPnP control points with information about the previous device
instance will safely discard state information about the previous device instance before
communicating with the new device instance.
2024-05-08 19:30:50 +02:00
Thomas Bernard
752507ed51 upnppinhole.c: 2024 2024-05-08 15:38:02 +02:00
Thomas Bernard
74c5568d15 print empty string instead of null in ipv6 lease file
see #725
2024-04-18 00:58:45 +02:00
Thomas Bernard
7f189988a0 version 2.3.6 2024-03-20 00:41:25 +01:00
Thomas Bernard
6ce3b2eeda 2024 ;) 2024-03-20 00:37:33 +01:00
Thomas Bernard
daaaa60ce9 fix upnp_get_portmapping_number_of_entries() prototype ;) 2024-03-19 23:32:36 +01:00
Thomas Bernard
4a041ccfda
Changelog for https://github.com/miniupnp/miniupnp/pull/672 2024-03-13 00:14:27 +01:00
Thomas Bernard
ef5a1e1abc
testnftnlrdr.c: comments + debug output 2024-03-13 00:14:27 +01:00
Thomas Bernard
1bde68cc9e
nftpinhole.c: fix get_pinhole_info() to return the description
see #663
2024-03-13 00:14:27 +01:00
Thomas Bernard
358f430924
nftpinhole.c: update_pinhole() uses strchr() instead of strsep 2024-03-13 00:14:27 +01:00
Thomas Bernard
c3f1a2cb30
always nul terminate string after strncpy()
see #663
2024-03-13 00:14:27 +01:00
Thomas Bernard
215091b546
nftpinhole.c: fix get_pinhole_info() and log inet_ntop() errors 2024-03-13 00:14:26 +01:00
Thomas Bernard
90fb7801eb
netfilter_nft: rule_t: have src/dst/nat addresses and ports
instead of guessing if it is remote host / external or internal address...
2024-03-13 00:14:20 +01:00
Thomas Bernard
25206a7a3f
testnftpinhole: call init_redirect() / shutdown_redirect() 2024-03-13 00:12:52 +01:00
Thomas Bernard
b3b5dd16d2
more tests in testnftpinhole.c 2024-03-13 00:12:52 +01:00
Thomas Bernard
80d628fa59
netfilter_nft: improve testnftpinhole.c to test find_pinhole() 2024-03-13 00:12:51 +01:00
Thomas Bernard
2e7bfb1e31
netfilter_nft: change debug output for add_pinhole() 2024-03-13 00:12:51 +01:00
Thomas Bernard
e2be9e1571
add comments to rule_set_filter6() and rule_set_filter_common() 2024-03-13 00:12:51 +01:00
Thomas Bernard
4c68985304
netfilter_nft/nftnlrdr_misc.c: comments and warning in parse_rule_payload() 2024-03-13 00:12:51 +01:00
Thomas Bernard
424f5c259f
fix find_pinhole()
see #663
2024-03-13 00:12:51 +01:00
Thomas Bernard
025f0f502b
NFT: check inet_pton() errors in find_pinhole() 2024-03-13 00:12:50 +01:00
Thomas Bernard
4dda6d8820
update (c) lines 2024-03-12 00:37:21 +01:00
Thomas Bernard
9292d251ac
Changelog for https://github.com/miniupnp/miniupnp/pull/711
NFTables: add upnp_nftables_family_split option to use NFPROTO_IPV4/IPV6
instead of the generic NFPROTO_INET

thank you @svenauhagen
2024-03-05 22:52:20 +01:00
Thomas Bernard
ba68624f55
Merge remote-tracking branch 'svenauhagen/feature/nftablesinit'
fixes #710

https://github.com/miniupnp/miniupnp/issues/710
https://github.com/miniupnp/miniupnp/pull/711
2024-03-05 00:33:12 +01:00
Sven Auhagen
2c9a645b10 NFTables: Add backwards compatibility for IPv4 NAT
NFtables uses the INET table for NAT which combines IPv4 and IPv6.
Older systems might not have this option and use the ip table instead.

This adds a flag to fall back to the ip table style.

Signed-Off-By: Sven Auhagen <sven.auhagen@voleatech.de>
2024-03-04 06:18:41 +01:00
Thomas Bernard
cd7cbb59a3
miniupnpd version 2.3.5 2024-03-02 12:09:11 +01:00
Thomas Bernard
65a6cdb92e
miniupnpd: add miniupnpd version in XML descriptions
closes #709
2024-03-02 11:51:52 +01:00
Thomas Bernard
55e650b125
fix IGDv2 WANIPConnection XML service description for AddAnyPortMapping
out argument is NewReservedPort, not NewExternalPort.

Changelog + check precisely lenth of 12
2024-02-25 01:40:25 +01:00
Thomas Bernard
f79e20d17d
miniupnpd: fix IGDv2 WANIPConnection XML service description
was :

<argument>
  <name>NewExternalPort</name>
  <direction>out</direction>
  <relatedStateVariable>ExternalPort</relatedStateVariable>
</argument>

Should be:

<argument>
  <name>NewReservedPort</name>
  <direction>out</direction>
  <relatedStateVariable>ExternalPort</relatedStateVariable>
</argument>

ExternalPort is 12 characters long !
fixes #708
2024-02-25 01:29:54 +01:00
Thomas Bernard
420bd685cf make it more clear that clean_ruleset_interval=0 disables the check
see #699
2024-01-31 05:24:57 +01:00
Thomas Bernard
1a49233fe7
fix typo 2024-01-27 00:35:56 +01:00
Thomas Bernard
0306f6974b
configure: reformat --help 2024-01-26 01:30:16 +01:00
Thomas Bernard
3c02d79b40 configure: DeviceProtection service implementation is incomplete 2024-01-26 01:24:15 +01:00
Thomas Bernard
2355c108db
configure: Fix Caps/spaces... 2024-01-26 01:23:21 +01:00
Thomas Bernard
4b0ff229d8
default to /etc/miniupnpd/miniupnpd.conf under linux
it is still /etc/miniupnpd.conf under BSD.

closes #695
2024-01-17 00:49:32 +01:00
Thomas Bernard
604ca0b82a Changelog.txt: update (2024/01/15) 2024-01-15 01:02:08 +01:00
Thomas Bernard
bbe7d1355e minissdp.c: 2024 2024-01-15 01:01:16 +01:00
Thomas Bernard
b8d9f66890 miniupnpd.c: 2024 2024-01-15 00:59:33 +01:00
Thomas Bernard
8f53b12f81 upnphttp.c: 2024 2024-01-15 00:54:13 +01:00
Thomas Bernard
bfd51459fe pfpinhole.c: 2024 2024-01-15 00:50:55 +01:00
Thomas Bernard
53d4cdd2da
CACHE-CONTROL: max-age=1800 in M-SEARCH response
to be compliant with UPnP UDA 1.0, 1.1 and 2.0

fixes #698

UDA 1.0 1.2.3 Discovery: Search: Response (p21) :
CACHE-CONTROL
Required. Must have max-age directive that specifies number of seconds
the advertisement is valid. After this duration, control points should
assume the device (or service) is no longer available. Should be greater
than or equal to 1800 seconds (30 minutes), although exceptions are defined
in the text above. Specified by UPnP vendor. Integer.

UDA 1.1 1.3.3 Search response (p34) :
CACHE-CONTROL
REQUIRED. Field value MUST have the max-age directive (“max-age=”) followed
by an integer that specifies the number of seconds the advertisement
is valid. After this duration, control points SHOULD assume the device
(or service) is no longer available; as long as a control point has
received at least one advertisement that is still valid from a root
device, any of its embedded devices or any of its services, then the
control point can assume that all are available. The number of seconds
SHOULD be greater than or equal to 1800 seconds (30 minutes), although
exceptions are defined in the text above. Specified by UPnP vendor.
Other directives MUST NOT be sent and MUST be ignored when received.

UDA 2.0 1.3.3 Search response (p40) :
CACHE-CONTROL
Required. Field value shall have the max-age directive (“max-age=”) followed
by an integer that specifies the number of seconds the advertisement
is valid. After this duration, control points should assume the device
(or service) is no longer available; as long as a control point has
received at least one advertisement that is still valid from a root
device, any of its embedded devices or any of its services, then the
control point can assume that all are available. The number of seconds
should be greater than or equal to 1800 seconds (30 minutes), although
exceptions are defined in the text above. Specified by UPnP vendor.
Other directives shall not be sent and shall be ignored when received.
2024-01-15 00:15:32 +01:00
Self-Hosting-Group
30baf316b4
miniupnpd: Fix UPnP UDA 1.1 subscribe timeout compliance
SHOULD be greater than or equal to 1800 seconds (30 minutes).
http://upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf
4.1.2 p91.

see https://github.com/miniupnp/miniupnp/pull/686
2024-01-14 17:49:50 +01:00
Thomas Bernard
e98515ac5e
miniupnpd.conf: document pcp_allow_thirdparty option
this option was introduced by c801138c6355f2744f2c09d5e71aeefed1b84527

fixes #679
2024-01-08 00:27:00 +01:00
Thomas Bernard
aefebb18cb
miniupnpd.c: fix enforcing min_lifetime minimum of 120secs 2024-01-08 00:24:07 +01:00
Thomas Bernard
e0fd153469
Changelog.txt: Fix for OpenBSD 7.4
see #674 (and #676)
2024-01-07 01:25:57 +01:00
Thomas Bernard
0a8224d2fe Merge branch 'pull-request-674'
see #674
2024-01-07 01:24:05 +01:00
Thomas Bernard
0206bc0051 obsdrdr.c: fixes to 6e8b02b715407846b16ecde572c1b6d0d2d8287a
two missing `break` statements, a missed goto and a missed return -1
see https://github.com/miniupnp/miniupnp/pull/674#issuecomment-1877957466
2024-01-06 20:12:17 +01:00
Self-Hosting-Group
c91689cfcd Use the HTTPS-enabled URL of the project website and a small update to
the Python client library description.
2024-01-04 15:09:42 +01:00
Thomas Bernard
1e608d8fd5
Deny secure mode violation with 606 action not authorized if supported
606 was added in IGDv2.

closes #677
2024-01-04 02:36:38 +01:00