Commit Graph

1225 Commits

Author SHA1 Message Date
Thomas Bernard bde31cd4f1 update miniupnpd/Changelog.txt 2018-09-07 17:28:42 +02:00
Thomas Bernard 95d707a71f
pcpserver.c: properly fill the opcode field of response
fixes #327
2018-09-07 17:24:43 +02:00
Pali Rohár a2baa36312 Fix compilation with nftables
Fixes #324
2018-09-06 17:44:41 +02:00
Thomas Bernard 11785205f1 Merge remote-tracking branch 'Lochnair/fix_nftables' into travis-ci-nftables 2018-07-15 12:59:25 +02:00
Nils Andreas Svee 181428e843 miniupnpd: add update_portmappings functions for nft 2018-07-14 19:59:26 +02:00
Thomas Bernard ac796a4077 linux: add -lrt when building for glibc < 2.17 2018-07-14 14:23:13 +02:00
Thomas Bernard d27a3152bd fix generate_transaction_id() 2018-07-06 15:29:15 +02:00
Thomas Bernard efe5d87103 LOG_WARNING if behind restrictive NAT 2018-07-06 14:41:04 +02:00
Pali Rohár e6011dc534 miniupnpd: Allow to specify also port number in -o STUN: option
Also update help for -o STUN: option, it can take stun hostname too.
2018-07-06 14:38:37 +02:00
Thomas Bernard 6e5a88098d fix file headers (=>2018)
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 14:16:49 +02:00
Thomas Bernard d84e004849 Fix upnpstun.o dependencies 2018-07-06 14:16:07 +02:00
Thomas Bernard 810cb665c2 Merge branch 'pr_307'
see #307
2018-07-06 13:40:18 +02:00
Thomas Bernard 012cad4111 Makefile.linux: fix depends 2018-07-06 13:36:23 +02:00
Thomas Bernard b2343c87a7 Add STUN support
see #307
2018-07-06 13:33:33 +02:00
Thomas Bernard 18ec4e88e7 asyncsendto.c: 2018 2018-07-06 13:31:44 +02:00
Thomas Bernard 1da39554c7 fixes in upnpstun.c
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:31:26 +02:00
Thomas Bernard 15b6f3e9c2 fixes in update_ext_ip_addr_from_stun()
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 13:29:33 +02:00
Thomas Bernard 8bc6d6f556 PERFORMSTUN => PERFORMSTUNMASK. allow to specify stun using -o option 2018-07-06 13:23:22 +02:00
Thomas Bernard 8c91ff515e reserved[] is const 2018-07-06 13:20:30 +02:00
Nils Andreas Svee 5262990d8e miniupnpd: support newer libnftnl versions 2018-07-01 23:50:12 +02:00
Thomas Bernard ef179a45e3 do not check empty string with strlen(s) == 0
see #292
2018-06-01 10:55:45 +02:00
Thomas Bernard 72005ce86a add -w option to iptables.
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5113

Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-05-29 12:26:33 +02:00
Pali Rohár c1472ffe4e miniupnpd: GetExternalIPAddress(): Instead of invalid IP address 0.0.0.0 returns error 501
IP address 0.0.0.0 is filled when it is not possible to retrieve IP address. According to specification, GetExternalIPAddress() can return error 501 when action failed.
2018-05-19 17:28:43 +02:00
Pali Rohár 8c97654d70 miniupnpd: When enabled perform STUN to learn external IP address and NAT type
Also enable port forwarding when direct (non-NAT) connection or unrestricted NAT 1:1 (without any filtering) is detected.
2018-05-19 13:32:42 +02:00
Pali Rohár 8e10a1aeab miniupnpd: Disable port forwarding when we are behind restrictive nat with reserved / private IP address
In this case port forwarding is impossible, so rather return error code to the client instead of silently trying to do something and informing clients that port forwarding is enabled.
2018-05-19 13:32:04 +02:00
Pali Rohár cce19781e6 miniupnpd: Add validation that public ip address is not reserved and is really public
This ensures that all requests for getting public IP address (either via UPnP IGD or PCP/PMP) would contain correct public IP address or an error (instead of some invalid private/reserved IP address).
2018-05-19 13:31:26 +02:00
Pali Rohár c35935c61d miniupnpd: Add function addr_is_reserved() to check if address is private/reserved and therefore not for public port forwarding 2018-05-19 13:31:14 +02:00
Pali Rohár 4f53b322fd miniupnpd: Add function perform_stun() for detecting external IP address and restrictive NAT via STUN protocol
It automatically unblock selected UDP ports for incoming responses and after finishing ports unblock is removed.
2018-05-19 13:31:08 +02:00
Pali Rohár cd7284785b miniupnpd: Add function delete_filter_rule() also for PF and Linux Netfilter
It is needed for STUN implementation.
2018-05-19 13:31:02 +02:00
Thomas Bernard 582375b64f
miniupnpd: VERSION 2.1 2018-05-08 23:40:27 +02:00
Thomas Bernard e11bbf0bc0
miniupnpd/pcp: Send PCP announcment at startup
fixes #254
2018-05-08 23:06:19 +02:00
yangfl b3849ef311 Fix OS detection for Debian kFreeBSD 2018-05-08 21:59:15 +08:00
Thomas Bernard d2bbdee995 fix typo introduced in 00abd9e6c8 2018-05-03 09:54:02 +02:00
Thomas Bernard a92138345b add option LEASEFILE_USE_REMAINING_TIME
new function lease_file_rewrite()
that is called just before exiting, and when SIGUSR2 is received
see #295
2018-05-02 09:40:12 +02:00
Thomas Bernard d0e7958617 lease_file_remove(): replace strncpy/strncat by snprintf() 2018-05-01 13:04:20 +02:00
Thomas Bernard f6ac854f0f miniupnpd: fix storing of unlimited lease time in lease_file
see #295
2018-05-01 11:26:49 +02:00
Thomas Bernard 17773f0a72 if LEASEFILE_USE_REMAINING_TIME is defined, only the remaining time is stored
see #295
2018-04-30 17:25:26 +02:00
Thomas Bernard 00abd9e6c8 miniupnpd: store UNIX time in lease_file
fixes #295
2018-04-30 16:59:40 +02:00
Thomas Bernard 491ee9f8bf miniupnpd/upnpevents.c: Add log when error 2018-04-27 00:08:06 +02:00
Thomas Bernard 239d048489 Merge branch 'pf_use_ext_ip_addr' 2018-04-22 21:27:44 +02:00
Thomas Bernard 5dcd40aece netfilter/iptpinhole.c: remove warning: implicit declaration of function 'upnp_time'
fixes ef94635100
2018-04-22 21:24:30 +02:00
Thomas Bernard 0366cd0ba0 replace strlen(s) > 0 by s[0] != '\0'
see #292
2018-04-22 21:21:58 +02:00
Thomas Bernard 2b6fa0839f no more strlen(xxx) == 0.
Fixes #292
2018-04-20 17:19:52 +02:00
Thomas Bernard 53e8185725 miniupnpd/pf: set dst address in rule if use_ext_ip_addr is set
fixes #231
2018-04-12 11:36:12 +02:00
Thomas Bernard 1fe8d21cf2 fixes #272 2018-04-12 10:49:53 +02:00
Thomas Bernard eaaf4f10ae miniupnpd: introduce upnp_gettimeofday() which is monotonic :)
fixes #288
2018-04-12 10:07:11 +02:00
Thomas Bernard 0bbff2bb0f miniupnpd: update Changelog
see 82ec7bc3df
2018-04-06 13:00:23 +02:00
yangfl 82ec7bc3df miniupnpd: Add options for netfilter scripts 2018-03-16 23:57:39 +08:00
Thomas Bernard ef94635100 miniupnpd: time() => upnp_time()
I had forgotten some
see #288
2018-03-14 00:09:42 +01:00
Thomas Bernard 9516c9a007 miniupnpd: fix warnings 2018-03-13 11:53:33 +01:00
Thomas Bernard dd2aa84204 miniupnpd: use monotonic clock for timeouts, etc.
fixes #288

also changed set_startup_time()
2018-03-13 11:43:07 +01:00
Thomas Bernard f0511d761b miniupnpd: Add -1 option
fixes #277
see #282
2018-02-22 14:02:52 +01:00
Thomas Bernard 9efd7fda66 ChangeLog for #282 2018-02-22 13:53:39 +01:00
Thomas Bernard 80779ff4f7 Fix commit 6cbf0ba
Use the "flags" global variable to store the option value
Save a lot of complexity.
2018-02-22 13:47:48 +01:00
Nye Liu c6bf0ba6f3 Allow runtime override of igd to v1 for people running binaries with v2 enabled
Towards miniupnp/miniupnp#277
2018-02-19 22:14:05 -08:00
Thomas Bernard 7f17837253 miniupnpd/minissdp.c: Fix submission of services to minissdpd
Version was hardcoded to 1 in "ST:"
2018-02-03 18:14:31 +01:00
yangfl 3158862058 miniupnpd/miniupnpd.8: update man page 2018-02-03 01:46:09 +08:00
Thomas Bernard 718deea11e Update file headers. 2017 => 2018 etc. 2018-01-16 02:06:46 +01:00
Thomas Bernard ed35fc6cd4 miniupnpd/testminissdp.c: int => size_t. 2018 2018-01-15 17:47:22 +01:00
yangfl d492fa39ef fix typo 2018-01-09 09:33:31 +08:00
Thomas Bernard a55234d806 upnpreplyparse.c: NameValueParserEndElt() rename arg to avoid confusion 2017-12-12 12:47:33 +01:00
Thomas Bernard bf4f616f58 miniupnpd/Makefile.linux: add testminissdp 2017-12-12 12:46:59 +01:00
Thomas Bernard a4d6939193 miniupnpd: update Changelog.txt 2017-12-12 10:51:36 +01:00
Thomas Bernard 9fcc0a72f0 minissdpc.c: Fix buffer overrun in SSDP packet parsing
fixes #267

there were several errors in ProcessSSDPData()
in the parsing of ST: MX: and MAN: headers
so a few bytes could be read after the end of the buffer.
2017-12-12 10:42:54 +01:00
Thomas Bernard 256b93e5d3 miniupnpd: add a test for ProcessSSDPData()
see #267
2017-12-12 10:08:44 +01:00
Thomas Bernard a0573e2518 minixml.c: fix heap buffer overflow
should fix #268
2017-12-11 14:59:29 +01:00
Thomas Bernard 7aeb624b44 properly initialize data structure for SOAP parsing in ParseNameValue()
topelt field was not properly initialized.

should fix #268
2017-12-11 14:27:27 +01:00
Thomas Bernard 7492fe42c2 pcpserver.c: send ANNOUNCE when IP changed
see #254
2017-11-27 23:04:51 +01:00
Thomas Bernard cc0fad78d7 miniupnpd: use epoch_origin for NAT-PMP as well
see #254
2017-11-27 23:02:34 +01:00
Thomas Bernard 165c5f0d57 upnpdescgen.c: check for stack overflow in genXML()
remove two TODO's ! ;)
2017-11-24 11:00:34 +01:00
Thomas Bernard ba9315b9b4 natpmp.c: improve error logging 2017-11-05 11:10:13 +01:00
Thomas Bernard 9bd290fccb more explicit explanations about public address change 2017-11-05 10:52:47 +01:00
Thomas Bernard 6ce6a70973 PCP : reset epoch after address change
see #254
2017-11-02 17:27:24 +01:00
Thomas Bernard 665478a47f two words about signals 2017-11-02 17:25:39 +01:00
Thomas Bernard ad22fe5c08 copyright notice => 2017 2017-11-02 16:52:07 +01:00
Thorsten Liepert f7ec37d92f added rc-once script to initialize uuid on first start 2017-09-03 16:59:19 +02:00
David Kerr 7befb60ab0 Add source IP and port to syslog for upnp_event_send() error.
Adds the IP and port of requesting host when a send error is logged to syslog so that it is possible to identify the application causing the problem.  Copied the syntax used for Connect() errors in same file.
2017-08-06 10:33:28 -04:00
Thomas Bernard d13f840a4a =>2017. http => https 2017-07-06 00:03:12 +02:00
Thomas Bernard 2946f9e105 => 2017 2017-07-05 23:06:16 +02:00
Thomas Bernard 8870da723e char * => const char * 2017-07-05 23:06:07 +02:00
edrikk 9ac353cb5e Adding Tomato ifdef for netfilter chain to check
To allow for "drop-in" upgrades of Miniupnp within Tomato firmware, submitting this change back upstream.
Original source:  b9d9e4b0ed?at=shibby-arm
2017-07-05 14:40:51 -04:00
David Carlier e56b0587a7 Mainly adding fd_set related header missing 2017-06-12 09:27:26 +02:00
Thomas Bernard 5923d5de6f => 2017 2017-05-27 10:25:53 +02:00
Thomas Bernard 74bb1827cb miniupnpd: update Changelog.txt about randomize_url 2017-05-26 17:59:45 +02:00
Thomas Bernard 552f6d37cf Merge branch 'master' into randomize_url 2017-05-26 17:58:13 +02:00
Thomas Bernard e40a433a99 disable URL randomization by default
see http://miniupnp.tuxfamily.org/forum/viewtopic.php?p=4470
https://github.com/filetofirewall/fof
2017-05-26 17:44:45 +02:00
Thomas Bernard 772c70ee41 miniupnpd/testgetifaddr.sh: fix for FreeBSD 2017-05-26 17:36:44 +02:00
Thomas Bernard 11fcf5a008 Merge branch 'master' into randomize_url 2017-05-26 17:30:18 +02:00
Thomas Bernard e362e84e9e => 2017 2017-05-25 00:53:55 +02:00
Thomas Bernard 08c554104d Update Changelog.txt 2017-05-25 00:48:18 +02:00
Thomas Bernard 50d21a38d0 SSDP: use receiving interface index to check if from LAN 2017-05-25 00:44:29 +02:00
Thomas Bernard 9303816a5b check receiving interface index when receiving SSDP 2017-05-25 00:44:12 +02:00
Thomas Bernard 6ed6b4e607 minissdp.c: const int on = 1; for setsockopt() arg 2017-05-24 11:04:20 +02:00
Thomas Bernard 57a74f2739 Merge branch 'master' into randomize_url 2017-04-21 11:33:25 +02:00
Chris Lamb 7c45f219e4 Please make the build reproducible
Whilst working on the Reproducible Builds effort [0], we noticed that
miniupnpd could not be built reproducibly due to embedded timestamps.

 [0] https://reproducible-builds.org/

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
2017-04-13 22:09:42 +02:00
Thomas Bernard b4ed41eae8 add -w parameter to iptables for locking
fixes #232
2017-03-13 13:07:22 +01:00
Thomas Bernard 0cc906169a use LinkLocal address for HTTP when needed
should fix #229

should be tested...
2017-03-13 13:01:00 +01:00
Thomas Bernard da64fd85cb pass ext_if_name arg to add_pinhole()
should fix #228
2017-03-13 11:47:21 +01:00
Thomas Bernard 2c02ef2b7b right printf format in testobsdrdr.c and tespfpinhole.c 2017-03-13 11:37:43 +01:00
Thomas Bernard 07a3729b59 sanitize <RemoteHost> arg of AddPinhole
see #228
2017-03-13 11:30:44 +01:00
Thomas Bernard 93845c5abe DEfault to client address for AddPortMapping when <NewInternalClient> is empty
see #236
2017-03-13 11:03:58 +01:00
Thomas Bernard 859b986385 bsd/getroute.c: proper SA_SIZE() definition
fixes #227
2017-01-30 18:12:11 +01:00
Thomas Bernard a39fd6d280 bsd/getroute.c: output offset
see #227
2017-01-30 17:44:48 +01:00
Thomas Bernard 0e69178412 miniupnpd: improve README 2016-12-28 12:44:38 +01:00
Thomas Bernard 7aaf82a654 miniupnpd: Update conf instructions in INSTALL
see #102
https://github.com/miniupnp/miniupnp/issues/102
2016-12-28 12:43:27 +01:00
Thomas Bernard ee2f6ac2ce miniupnpd: FreeBSD uses /etc/defaults/rc.conf
fixes #24
2016-12-28 12:10:06 +01:00
Thomas Bernard 2c77721888 do not split conditional statement #184
closes #184
2016-12-28 11:58:21 +01:00
Thomas Bernard 3571a41d1b Fix UDA-1.2.10 Man header empty or invalid 2016-12-23 12:12:49 +01:00
Thomas Bernard 9fc3b09017 miniupnpd: update changelog and 2016 2016-12-16 10:18:41 +01:00
Thomas Bernard 32855b854c dot not try to find IPv6 address if IPv6 is disabled
see #49
2016-12-16 09:39:19 +01:00
Thomas Bernard 2a1cc8d798 do not try to call OpenAndConfPCPv6Socket() when IPv6 is off
see #49
2016-12-16 09:32:41 +01:00
Thomas Bernard cfa01c5c32 fix 1a6c57847a 2016-12-01 12:14:10 +01:00
Thomas Bernard 3d9b606a88 update Changelog.txt 2016-12-01 12:05:40 +01:00
Thomas Bernard 1a6c57847a Fix "AddPinhole Twice" test
UCTT 2.0 test case - AddPinhole Twice
see http://miniupnp.tuxfamily.org/forum/viewtopic.php?p=4731
2016-12-01 12:00:16 +01:00
Thomas Bernard 144eeefd19 Merge branch 'master' into randomize_url
Conflicts:
	miniupnpd/genconfig.sh
	miniupnpd/testupnpdescgen.c
	miniupnpd/upnpdescgen.c
	miniupnpd/upnpglobalvars.c
	miniupnpd/upnpglobalvars.h
2016-11-11 18:01:35 +01:00
Thomas Bernard d9fdb58a05 fixes testgetifaddr.sh for Solaris 2016-11-11 09:44:45 -05:00
Thomas Bernard 77968a09d9 Solaris 11 compilation fixes 2016-11-11 09:42:22 -05:00
Thomas Bernard 81d348207c Add makefile specific for Solaris/SunOS 2016-11-11 09:40:56 -05:00
Thomas Bernard 1579f4a2af 2015 => 2016 2016-10-07 11:16:03 +02:00
Thomas Bernard 3f04f69163 2015 => 2016 2016-10-07 10:56:56 +02:00
Thomas Bernard 8aa6c73a85 genconfig.sh add a comment
comment about DragonFly BSD 2.8 version detection for
PFRULE_INOUT_COUNTS
2016-08-16 11:39:54 +02:00
YONETANI Tomokazu 18e9a376c7 net.inet6.ip6.v6only, 1 by default, has been removed on DragonFly
Build on DragonFly with ENABLE_IPV6 defined has been broken unless
this sysctl node is turned off.  Since we cannot turn it off now and
it's been that way for almost 2 years, simply treat it as 1.

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2fd1df03f3071b4559ce3bbe36924b2305631edd

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:14:03 +09:00
YONETANI Tomokazu 07ae540724 Fix build error on DragonFly for missing inp_vflag
DragonFly has dropped V4-mapped address support some time ago,
and here's how to fix the related code:
  http://lists.dragonflybsd.org/pipermail/users/2014-December/207284.html

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:12:36 +09:00
YONETANI Tomokazu c92b9fa296 DragonFly v2.8+ needs PFRULE_INOUT_COUNTS defined
This removes a couple of warnings from the compiler.

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7

Signed-off-by: YONETANI Tomokazu <y0n3t4n1@gmail.com>
2016-07-23 16:12:33 +09:00
Thomas Bernard 9a5eaaa767 remove extra curly brace in tomato_load()
fixes #195 which was introduced in 6532b02cab
2016-04-24 22:20:14 +02:00
Thomas Bernard 1337158fcf miniupnpd & miniupnpc version 2.0 2016-04-19 23:17:29 +02:00
Thomas Bernard 60b38bf556 Fix test of iptables(libiptc) version
fix for versions >= 1.5.x
2016-04-18 11:00:53 +02:00
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes #193
2016-03-08 10:29:47 +01:00
Thomas Bernard 6532b02cab Fix tomato_load() leaseduration
fixes #192
2016-03-04 19:33:18 +01:00
Thomas Bernard ee22350d5f Changelog.txt: Update 2016-02-20 20:13:34 +01:00
Thomas Bernard 36c4c0ded4 do not use multicast global scope 2016-02-19 14:20:45 +01:00
Thomas Bernard 984a6f144e set IPv6 Hop limit to 10 2016-02-19 14:20:31 +01:00
Thomas Bernard fd82e4c2d9 upnpevents.c: properly enclose IPv6 address in []
in the HOST: header of NOTIFY http requests
2016-02-19 12:38:32 +01:00
Thomas Bernard 19ee0577e3 fix compliance issue on 64bit machines
ui4 values should wrap to 0 after overflowing (2^32 - 1)
2016-02-19 11:59:52 +01:00
Thomas Bernard 0f7747496d update Changelog 2016-02-16 13:16:57 +01:00
Thomas Bernard be733d5f62 more checks on argument value 2016-02-16 12:07:22 +01:00
Thomas Bernard 527dd946ef check invalid values for ExternalPort 2016-02-16 10:58:11 +01:00
Thomas Bernard a712218af8 Second-infinite is deprecated 2016-02-16 10:57:22 +01:00
Thomas Bernard 92e6173a97 with UDA 1.1 content-type should include charset 2016-02-16 10:56:32 +01:00
Thomas Bernard 22f7836816 reorder elements in XML descriptions to follow UDA 1.1 2016-02-16 10:55:48 +01:00
Thomas Bernard 13a6a38241 add configId attribute to <root> element (UDA 1.1) 2016-02-16 10:55:03 +01:00
Thomas Bernard 8c5e90db3a do not delete/re-add pf rule if the desc/label is unchanged 2016-02-15 18:48:23 +01:00
Thomas Bernard 0d6d6afc32 try to support better IPPROTO_UDPLITE :) 2016-02-15 13:36:30 +01:00
Thomas Bernard 34883b7113 use a proto_itoa() function 2016-02-15 13:34:22 +01:00
Thomas Bernard 430dcc7b22 update leasefile 2016-02-12 16:57:22 +01:00
Thomas Bernard 680862915a accept udp in lowercase 2016-02-12 16:55:13 +01:00
Thomas Bernard 7112203428 pf/obsdrdr.c: add_timestamp_entry() 2016-02-12 16:35:46 +01:00
Thomas Bernard 4eda8234c2 reject mappings with wildcard ExternalPort 2016-02-12 15:58:19 +01:00
Thomas Bernard 9c28a0745f remove warning 2016-02-12 15:31:21 +01:00
Thomas Bernard b439bd7791 check uuid-dev / libuuid 2016-02-12 15:29:49 +01:00
Thomas Bernard 68dd51559c minimal support for ipf 2016-02-12 15:13:59 +01:00
Thomas Bernard ff4b9c5d75 netfilter/iptcrdr.c: improve debug output 2016-02-12 15:02:44 +01:00
Thomas Bernard db6f272bba miniupnpd: update some TODO 2016-02-12 15:02:06 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard 34f80a011f Add light version of iptables_display.sh script 2016-02-12 14:56:10 +01:00
Thomas Bernard 8bad6cd338 netfilter/iptcrdr.c: remove old USE_INDEX_FROM_DESC_LIST code 2016-02-12 14:55:09 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard c4f2397d5c upnpevents.c: quick syntax fix... 2016-02-11 11:42:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 19211d20d1 add debug log in remove_unused_rules() 2016-02-11 10:31:49 +01:00
Thomas Bernard cac8668a7d miniupnpd/Makefile: linking uses LDFLAGS, not CFLAGS 2016-02-10 21:37:00 +01:00
Thomas Bernard 42c7bf935c ClearOS specifics 2016-02-10 20:44:46 +01:00
Thomas Bernard 81e0ca10df upnphttp.c: fix when compiling with UPNP_STRICT 2016-02-09 10:17:58 +01:00
Thomas Bernard d23bb8d670 improve config.h comment :) 2016-02-09 10:16:45 +01:00
Thomas Bernard 06049f1e7d add ENABLE_PORT_TRIGGERING macro in config.h
enabled by default. Will allow people to disable the code :)
2016-02-09 10:09:19 +01:00
Thomas Bernard 5f74a08dd6 update README and INSTALL 2016-01-28 23:10:25 +01:00
Thomas Bernard 0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard 3284d113c7 remove ifname arg from addmasqueraderule()
also improve comment and remove useless log :)
2016-01-28 22:16:07 +01:00
Thomas Bernard 40aa39679f improve comments 2016-01-26 19:51:07 +01:00
Thomas Bernard 141e861c3a remove call to addpeernatrule() ... 2016-01-26 18:17:05 +01:00
Thomas Bernard 9059966122 netfilter/iptcrdr.c: improve comments
give which iptables command is equivalent for adding the rule
2016-01-26 18:16:23 +01:00
Thomas Bernard d3635faeed add upnp_nat_postrouting_chain .conf option
fixes #190

MINIUPNPD-PCP-PEER has also been renamed to MINIUPNPD-POSTROUTING
( 1ba4362910 )
2016-01-26 16:59:04 +01:00
Thomas Bernard 1ba4362910 MINIUPNPD-PCP-PEER => MINIUPNPD-POSTROUTING
renamed
miniupnpd_peer_chain = "MINIUPNPD-PCP-PEER"
to
miniupnpd_nat_postrouting_chain = "MINIUPNPD-POSTROUTING";
2016-01-26 16:50:48 +01:00
Thomas Bernard ba91c4ec23 add addmasqueraderule()
see issue #166
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820

iptables -t nat -I POSTROUTING -o <extif> -s <iaddr> -p UDP --sport <iport> -j MASQUERADE --to-ports <eport>
2016-01-26 16:38:32 +01:00
Thomas Bernard f4324d45e5 fix netfilter/Makefile dependencies, fix iptables_display.sh 2016-01-26 16:38:32 +01:00
Thomas Bernard 55cf34a101 fix iptc_init_verify_and_append() calls 2016-01-26 16:38:32 +01:00
Thomas Bernard aa4e0a4549 add netfilter/test_nfct_get 2016-01-26 16:38:31 +01:00
Thomas Bernard 21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard f1ce2301da shutdown_iptpinhole() frees memory 2016-01-19 10:53:14 +01:00
Thomas Bernard 6f8951d40d find_pinhole() return -2 if not found 2016-01-19 10:52:36 +01:00
Thomas Bernard f16b291cfa add pf/BSD files to .gitignore 2016-01-18 22:48:18 +01:00
Thomas Bernard be124b6508 add find_pinhole() to pf/ code also
see #188
2016-01-18 22:46:30 +01:00
Thomas Bernard e252acef88 PCP: check pinhole before adding in CreatePCPMap_FW()
fixes #188
2016-01-18 20:16:06 +01:00
vvsvic a8ab2149f4 Remove some bugs in DeletePCPPeer and DeletePCPMap 2016-01-13 13:26:20 +03:00
Chocobo1 e405f78b89 Fix output specifier 2016-01-04 12:13:00 +08:00
Chocobo1 948b883966 Fix memory leak when realloc fails 2016-01-04 11:51:49 +08:00
Thomas Bernard e076899a37 buffer overflow fix
in MULTIPLE_EXTERNAL_IP code which is not used normally...
2015-12-31 00:41:24 +01:00
Thomas Bernard 58b130116b revert to UPnP/1.1 (UDA v1.1) as default.
see https://github.com/miniupnp/miniupnp/issues/167
fixes #167
2015-12-19 11:52:38 +01:00
Thomas Bernard fb1c29f732 cleanup 2015-12-16 11:26:40 +01:00
Thomas Bernard 1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard 6f89608a2c ExecuteSoapAction() : add namespace to log messages 2015-12-15 12:14:05 +01:00
Thomas Bernard ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard 9d8a988b82 add comments in upnpdescgen.c 2015-12-15 11:17:15 +01:00
Thomas Bernard 0139addbda Merge branch 'desc_test' 2015-12-15 10:57:14 +01:00
Thomas Bernard 9e31ceb630 add --disable-pppconn genconfig.sh option to disable WANPPPConnection
fixes #176
2015-12-13 15:57:49 +01:00
Thomas BERNARD 66b087b9b1 Merge pull request #174 from razzfazz/new_subscriber_uuid_cleanup
use sizeof() instead of hard-coded UUID length in newSubscriber()
2015-12-13 00:32:01 +01:00
Thomas Bernard f076f368bd fix DeviceProtection#GetSupportedProtocols response
add CDATA to escape XML document in response :
ProtocolList content is an XML document that should be escaped
See  section 2.4.3.1 of the DeviceProtection spec
http://upnp.org/specs/gw/UPnP-gw-DeviceProtection-v1-Service.pdf

see PR #178
2015-12-13 00:24:05 +01:00
Thomas Bernard e76dd788c4 Merge remote-tracking branch 'razzfazz/fix_dp_setup_ready_notify'
PR #182
2015-12-12 12:02:36 +01:00
Daniel Becker 04b344b6f8 actually return a value in SetupReady notifications 2015-12-12 02:42:13 -08:00
Daniel Becker db0ef3022e fix parsing of input arguments in SendSetupMessage() 2015-12-12 02:33:30 -08:00
Thomas Bernard f77d701489 update changelog and year => 2015
see 1cc3d1a5fa
and 6430805381
2015-12-12 10:38:40 +01:00
Thomas Bernard a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard 9f32a1de1d add "uname -a" result to config.h 2015-12-12 09:13:05 +01:00
Thomas Bernard 58f6626179 add --uda-version to usage help + fix
fixes 9e65fbbded
2015-12-12 09:10:54 +01:00
Thomas BERNARD 128bbee806 Merge pull request #180 from razzfazz/fix_dp_action_args
fix action arguments for DeviceProtection service (IGDv2)
2015-12-12 08:58:25 +01:00
Thomas Bernard aa34dd2e45 Merge branch 'fix_advertised_versions' 2015-12-12 08:47:32 +01:00
Thomas Bernard e97be7f37f add comments to previous commit 2015-12-12 08:47:06 +01:00
Daniel Becker ce3d66a3ee fix tags for DeviceProtection action responses 2015-12-11 23:36:19 -08:00
Thomas Bernard 2a654e0ef4 Merge remote-tracking branch 'razzfazz/renew_cleanup' 2015-12-12 08:28:48 +01:00
Daniel Becker 0298b66365 fix argument names for DeviceProtection actions 2015-12-11 23:12:11 -08:00
Daniel Becker 7774c24daa add missing parameters for DeviceProtection service actions 2015-12-11 22:56:20 -08:00
Daniel Becker 1cc3d1a5fa advertise correct service and device versions when IGDv2 is enabled 2015-12-11 18:08:18 -08:00
Daniel Becker 6430805381 return SID in renew response 2015-12-11 16:29:32 -08:00
Daniel Becker 5fd754c4e2 use sizeof() instead of hard-coded UUID length in newSubscriber() 2015-12-11 16:21:32 -08:00
Thomas Bernard 0d0728e2d1 name WANIPv6FirewallControl:1 service WANUPv6Firewall1
done according to http://upnp.org/specs/gw/UPnP-gw-InternetGatewayDevice-v2-Device.pdf
2.2 (page 9)
2015-12-11 14:40:13 +01:00
Thomas Bernard 9e65fbbded allow to set UPnP Device architecture version using commandline
--uda-version=x.x
2015-12-11 14:37:59 +01:00
Daniel Becker d89e4aaf70 fix Layer3Forwarding serviceId to be consistent with IGDv2 spec 2015-12-11 02:13:42 -08:00
Thomas Bernard 76a5f9930b Changes to WANIPCn.xml
Add default values for :
RSIPAvailable
NATEnabled
LastConnectionError
ConnectionStatus

follow the Specification regarding ConnectionType / PossibleConnectionTypes
allowed values
2015-12-11 10:57:25 +01:00
Thomas Bernard 24d54ba13a SA_SIZE() is >= sizeof(long) 2015-11-19 12:55:44 +01:00
Thomas Bernard 834a7f5db9 use bash or ksh to execute ./testupnppermissions.sh 2015-11-19 12:54:56 +01:00
Thomas Bernard 3d50adc170 bsd/getroute.c: check message length. Avoid buffer overread 2015-11-18 09:53:58 +01:00
Thomas Bernard 35aae6debb bsd/getroute.c: fix parsing of address with SA_LEN() = 0
at least with OpenBSD 4.3, the minimum is 4 bytes
2015-11-18 09:52:54 +01:00
Daniel Becker e5d30a1f4b explicitly request interface name as well 2015-11-17 17:29:09 -08:00
Daniel Becker eb5f179c9f make get_src_for_route_to() actually return the source address on *BSD 2015-11-17 17:06:05 -08:00
Thomas BERNARD 7d19326ef9 get_src_for_route_to() is tested with Mac OS X 10.4 2015-11-17 11:25:10 +01:00
Thomas Bernard 191940467f define SA_SIZE if needed 2015-11-17 10:55:17 +01:00
Daniel Becker 7ab525700d fix parsing of sockaddr entries returned by routing socket on BSD 2015-11-17 10:16:51 +01:00
Thomas Bernard 5cfa875477 fill sa_len in address for rt_msg 2015-11-17 10:15:36 +01:00
Thomas Bernard 84b609849a fix get_src_for_route_to() with IPv6
fixes #160
2015-11-16 23:01:44 +01:00
Thomas Bernard 66dceb5e94 Fix get_src_for_route_to() when args are NULL
fixes #160 ???
2015-11-16 20:32:02 +01:00
Thomas Bernard 5856fb0f7d test get_src_for_route_to() with NULL args 2015-11-16 20:19:00 +01:00
Thomas Bernard 372ad64bb5 update Changelog.txt files 2015-11-05 12:04:26 +01:00
Thomas Bernard f5f3ad1631 clarify multiple LAN interfaces / listening_ip= 2015-11-05 11:51:02 +01:00
Thomas Bernard be70a04c66 use LOG_INFO instead of LOG_ERR for PCP PEER and MAP success
fixes #158
2015-11-02 23:30:28 +01:00
Thomas Bernard 92cc93f6f8 use name server from query in SOAP responses (continued)
see a4b97cf105
and 1e7b2342fa
2015-10-30 19:53:08 +01:00
Thomas Bernard 4ed5bc6fee remove a warning :) 2015-10-30 19:52:41 +01:00
Thomas Bernard 4afc6fcf7f fix : properly call find_ipv6_addr() with the 1st LAN interface 2015-10-30 19:36:42 +01:00
Thomas BERNARD d4ee1ee7e6 Add "make check" to BSD Makefile.
Also make sure files are removed properly when using "make clean"
2015-10-25 16:33:24 +01:00
Thomas BERNARD f4b730af9b clean up UTF-8 chars 2015-10-25 16:19:21 +01:00
Thomas Bernard 359c5d8805 add a validation of SSDP packet generation
checks it doesn't overflow  SSDP_PACKET_MAX_LEN
2015-10-24 17:02:11 +02:00
Thomas Bernard 3bd1886d2a move SSDP_PACKET_MAX_LEN to config.h
also set it to 1024 by default. See #129
2015-10-24 13:11:31 +02:00
Thomas Bernard 8fde9568cc make it work with Darwin (Mac OS X) 2015-10-08 14:03:15 +02:00
Thomas Bernard 6c46d285aa fix testupnppermissions.sh for non DEBUG builds
cleanup tests also
2015-09-22 17:13:26 +02:00
Thomas Bernard 6837787f1c validategetifaddr 2015-09-22 16:51:56 +02:00
Thomas Bernard aa1e24acf8 bash is needed for arrays 2015-09-22 16:19:24 +02:00
Thomas Bernard 71a7846479 add "make check" to miniupnpd 2015-09-22 16:02:19 +02:00
Thomas Bernard 146613a493 update Changelog.txt 2015-09-22 12:13:32 +02:00
Thomas Bernard 3b12b8fb4e copy ext_ip in response only if needed 2015-09-22 11:52:24 +02:00
Thomas Bernard 68b3cab718 add a warning syslog() in parsePCPOptions 2015-09-22 11:36:09 +02:00
Thomas Bernard c87809a608 remove redundant test about ports 2015-09-22 11:35:24 +02:00
Thomas Bernard c3660a5aa7 add include guard 2015-09-22 10:24:47 +02:00
Thomas Bernard 13aeb88feb remove #pragma directive 2015-09-22 10:24:38 +02:00
Thomas Bernard 3d8986b646 Dont read/write PCP messages as C struct to remove dependency to the "pack" feature.
structs are left (commented out) in pcp_msg_struct.h for information
2015-09-22 10:22:06 +02:00
Thomas Bernard a6b947e0ca move READNUxx/WRITENUxx macros to macros.h 2015-09-21 23:58:00 +02:00
Thomas Bernard 2372d7bdd9 Merge branch 'uda_20' 2015-09-21 22:40:16 +02:00
Thomas Bernard 7ae5783d85 UPNP_VERSION_MAJOR / UPNP_VERSION_MINOR macros defined in config.h 2015-09-21 22:39:30 +02:00
Thomas Bernard 50c68a9f03 rename macro UPNP_VERSION to MINIUPNPD_DATE
(a more meaningful name)
2015-09-21 22:37:50 +02:00
Thomas Bernard 861c5f5796 add comments with usual namespace
see a4b97cf105
2015-09-21 17:10:15 +02:00
Thomas Bernard 7b3cda0f9a add testdescs to .gitignore 2015-09-15 16:17:29 +02:00
Thomas Bernard 1e7b2342fa use name server from query in SOAP responses (continued)
see a4b97cf105
2015-09-15 09:39:50 +02:00
Thomas Bernard a4b97cf105 use name server from query in SOAP responses
to be finished :)
2015-09-15 00:02:56 +02:00
Thomas Bernard fde90d221b fix typo in "urn" (url) 2015-09-14 23:35:14 +02:00
Thomas Bernard a8f80040c9 Randomize URLs to avoid http://www.filet-o-firewall.com/ 2015-09-14 12:10:15 +02:00
Thomas Bernard 32f1981520 ipfwrdr.c: remove unused argument warnings 2015-09-10 16:01:26 +02:00
Thomas Bernard 8ecb5fcd92 fix includes for old Mac OS X 2015-09-04 18:50:54 +02:00
Thomas Bernard 5873c5a6b4 miniupnpd: improve warning log 2015-08-26 10:04:23 +02:00
Thomas Bernard f8f5f2eb97 miniupnpd: bind to device using SO_BINDTODEVICE 2015-08-26 09:46:05 +02:00
Thomas Bernard 0cf182e51e miniupnpd: remove int_if_name, use ip_mreqn if available 2015-08-25 20:33:47 +02:00
Timothy Redaelli 138ec9e972 miniupnpd: Bind to device
This is needed when you have two interfaces with the same IP address
(for example using tinc)
2015-08-21 16:05:26 +02:00
Thomas Bernard 6db99a1a40 use mktemp properly ?
-t option to put in /tmp dir
2015-07-16 17:16:52 +02:00
Thomas Bernard 904399cd62 => (c) 2015 2015-07-16 17:16:09 +02:00
Thomas Bernard d02b1d4ec3 genconfig.sh: 2014 => 2015 2015-07-15 18:13:01 +02:00
Thomas Bernard 81d03ad41d DECODELENGTH_READ 2015-07-15 18:11:27 +02:00
Thomas Bernard a3179fb284 Check malloc/calloc return values 2015-07-15 18:10:10 +02:00
Thomas Bernard 769f4d4708 pcpserver.c: correctly return NOT_AUTHORIZED PCP error
When trying to remove PCP Map when nonce is bad

fixes #132
2015-07-09 12:46:51 +02:00
Thomas Bernard 8d08346c60 pcpserver.c: Don't overwrite lifetime.
fix #131
2015-07-09 12:28:05 +02:00
Chocobo1 24307d2951 Comparing array address with 0 is not useful, use strlen() instead 2015-06-24 16:24:01 +08:00
Chocobo1 61289d42fb Correctly terminate the string 2015-06-24 16:24:01 +08:00
Chocobo1 7e088a9039 Fix memory leak 2015-06-24 13:14:14 +08:00
Thomas Bernard 6400a13a50 miniupnpd/pcpserver.c: fix for compilation with PCP_FLOWP defined 2015-06-22 11:51:23 +02:00
Thomas Bernard 8a180b1cac Merge remote-tracking branch 'edrikk/master' 2015-06-16 09:49:02 +02:00
edrikk d002502e68 Make Tomato's OS_VERSION shorter to stop SendSSDPNotify log messages
As discussed in this thread:
http://www.linksysinfo.org/index.php?threads/tomato-shibbys-releases.33858/page-53#post-262636

It appears that the Tomato OS_VERSION has gotten long enough, that it's causing SSDP_PACKET_MAX_LEN being larger than 512 by a few characters.

This change reduces unnecessary "verbiage" at the end of the Tomato OS_VERSION string.

In short, what was previously (as example):
     Tomato 1.28.0000 MIPSR2-130 K26AC USB AIO-64K
 will become
     Tomato MIPSR2-130 K26AC
2015-06-15 12:47:34 -04:00
edrikk 70a2eee3e2 Define "TOMATO" in Tomato portion of config file creation
Define "TOMATO" in Tomato portion of config file creation
2015-06-09 15:53:11 -04:00
Thomas Bernard df85522c73 miniupnpd/miniupnpd.c: commenting #endif + minor cleaning 2015-06-09 15:13:25 +02:00
edrikk ec0707d559 Add Tomato modifications exactly as is, wrapped by ifdef TOMATO
Add Tomato modifications exactly as is in Tomato firmware, wrapped by #ifdef TOMATO so that it is dormant in base miniupnpd.
This will ease merging upstream changes back to Tomato.
2015-06-05 23:19:52 -04:00
edrikk 9fe747894c Drop log severity level to reduce verbosity
Dropping syslog message severity from WARNING to INFO.  
Tomato makes this change each update, to reduce verbosity.  This change will allow for easier merging of upstream changes back into Tomato.
2015-06-05 22:31:28 -04:00
edrikk bc69cece0e Add client address to syslog message
Align with Tomato, to ease merges back downstream.
Adds client address to syslog message, corrects typo "inexpectedly" -> "unexpectedly"
2015-06-05 22:27:20 -04:00
edrikk 2c8e3c1fc2 Align with active Tomato builds genconfig.sh entry
The current active Tomato builds do not incorporate these two lines.  Removing to ease merging upstream changes.

Toastman:
http://repo.or.cz/w/tomato.git/blob/refs/heads/Toastman-RT-N:/release/src/router/miniupnpd/genconfig.sh#l249

Shibby:
f799186a9d/release/src-rt-6.x.4708/router/miniupnpd/genconfig.sh?at=shibby-arm#cl-265
2015-06-05 22:14:47 -04:00
Thomas Bernard a43beeccf1 fix minor typo 2015-05-27 15:31:49 +02:00
Thomas Bernard 01eb15af3d Adding linux/nftables support 2015-04-30 10:52:11 +02:00
Thomas Bernard 42a5e2ae22 Merge remote-tracking branch 's1061123/nft_support' into nft_support
Conflicts:
	miniupnpd/Makefile.linux_nft
	miniupnpd/netfilter_nft/README.md
	miniupnpd/netfilter_nft/nftnlrdr.c
	miniupnpd/netfilter_nft/nftnlrdr_misc.c
2015-04-30 10:49:11 +02:00
Tomofumi Hayashi 8fedfdc4ae Fix compiler warning. 2015-04-28 17:23:09 +09:00
Tomofumi Hayashi a39365279c Fix d_printf() compile error. 2015-04-28 17:22:46 +09:00
Tomofumi Hayashi af3ac20395 Change printf to d_printf (only valid in case of -DDEBUG) 2015-04-28 17:13:09 +09:00
Tomofumi Hayashi 79d4028a93 Change message. 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi 7948b7d754 Fix SEGV issue (due to invalid memory alloc case). 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi 101c443192 Update README.md
Fix format.
2015-04-28 17:13:08 +09:00
Tomofumi Hayashi 73f02afca9 Remove .travis.yml and rename README.md 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi e167cc1675 Move travisCI to top. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi 1e97b408f1 First commit for travisCI. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi cc0a6eecbb Add libmnl flags in Makefile.linux_nft. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi 050845156a Fix to remove rule with correct handle. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi 9e10d91347 Skip to parse rules not in miniupnpd chain. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi e54c5ff773 Fix to get NAT port as uint16_t. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi 26a5c9a3aa In case of remove filter, just remove one rule. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi c2af2650d9 Add expr_set_reg_val_u16 for network port num. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi 7f57e686d0 Fix NAT issue (cannot snat/dnat actually).
Port number endian is failed.
2015-04-28 17:13:06 +09:00
Tomofumi Hayashi 01ecb49d0e Add egress if index val and rename ifidx to ingress_ifidx. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi ad1e380d10 Changes init script (only add chains). 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi 12f6bdb274 Fix init script. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi 55fba2b6c4 Add README. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi b2b6f025fb Initial commit to support nftables. 2015-04-28 17:13:06 +09:00
Thomas Bernard 2a08805783 minissdp.c: Dont try to close sockets with fd=-1
fixes #112
2015-04-28 09:08:35 +02:00
Thomas Bernard c52657f7fb update Changelog.txt 2015-04-26 16:44:57 +02:00
Thomas Bernard a224264194 Merge remote-tracking branch 'Chocobo1/typo' 2015-04-26 16:29:08 +02:00
Thomas Bernard 940909890e remove dependency on libnfnetlink
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
2015-04-26 16:18:39 +02:00
Thomas Bernard f8c122034c remove dependency on libnfnetlink
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
2015-04-26 16:15:41 +02:00
Chocobo1 3fcd2b5117 miniupnpd.conf: Fix typos, capitalize each sentence. 2015-04-25 16:10:15 +08:00
Thomas Bernard 60db6230ab minor README edit 2015-04-24 23:02:38 +02:00
Tomofumi Hayashi 0df3555a8c Update README.md
Fix format.
2015-04-24 16:57:40 +09:00
Tomofumi Hayashi c70e3a4637 Remove .travis.yml and rename README.md 2015-04-24 16:54:23 +09:00
Tomofumi Hayashi 8cd268dd9d Move travisCI to top. 2015-03-18 15:56:42 +09:00
Tomofumi Hayashi 4199ce46ca First commit for travisCI. 2015-03-18 15:52:22 +09:00
Tomofumi Hayashi 40871bb4cc Add libmnl flags in Makefile.linux_nft. 2015-03-18 15:27:57 +09:00
Tomofumi Hayashi c6ebb70f35 Fix to remove rule with correct handle. 2015-03-16 19:58:02 +09:00
Tomofumi Hayashi 841b2fb1f3 Skip to parse rules not in miniupnpd chain. 2015-03-16 19:39:06 +09:00
Tomofumi Hayashi af780b8255 Fix to get NAT port as uint16_t. 2015-03-16 19:38:28 +09:00
Tomofumi Hayashi d2bc556733 In case of remove filter, just remove one rule. 2015-03-16 19:35:23 +09:00
Tomofumi Hayashi 939b3262c3 Add expr_set_reg_val_u16 for network port num. 2015-03-16 18:02:07 +09:00
Tomofumi Hayashi 75fd37e958 Fix NAT issue (cannot snat/dnat actually).
Port number endian is failed.
2015-03-16 17:29:20 +09:00
Tomofumi Hayashi c19b87ee07 Add egress if index val and rename ifidx to ingress_ifidx. 2015-03-16 17:28:03 +09:00
Tomofumi Hayashi 3e635dbe17 Changes init script (only add chains). 2015-03-16 17:24:31 +09:00
Tomofumi Hayashi f7288efb5e Fix init script. 2015-03-12 15:17:33 +09:00
Tomofumi Hayashi 7065b0040f Add README. 2015-03-11 22:18:26 +09:00
Tomofumi Hayashi dcf218c452 Initial commit to support nftables. 2015-03-11 21:10:25 +09:00
Thomas Bernard b137df30d9 Merge remote-tracking branch 's1061123/fix_range1' 2015-03-09 10:59:49 +01:00
Tomofumi Hayashi 3b472b59e0 Fix get_portmappings_in_range() in non-expand case.
In get_portmappings_in_range(), array[] is not updated when
realloc() is not called, hence get_portmappings_in_range() is
always null. This fix changes to fill array[].
2015-03-09 17:33:10 +09:00
Thomas Bernard 85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard eb72ab5330 miniupnpd.c: don't die when IPv6 is enabled and interface has no IPv4 address 2015-02-20 18:31:55 +01:00
Thomas Bernard e896e298f3 miniupnpd: remove warnings 2015-02-16 22:41:40 +01:00
Thomas Bernard e13525c3e7 miniupnpd: UPnP/1.1 => UPnP/2.0 2015-02-16 11:23:05 +01:00
Thomas BERNARD d5ccd5e86e Merge pull request #101 from pyzhu/master
avoid compile warning
2015-02-11 23:33:47 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 5df35db6ab fix c7d7efd230 2015-02-08 10:46:13 +01:00
Thomas Bernard 7c1a04ab30 upnpsoap.c: 2014 => 2015 2015-02-08 10:23:54 +01:00
Thomas Bernard c7d7efd230 fix realloc failure issues detected thanks to cppcheck 2015-02-08 10:23:22 +01:00
Thomas Bernard 241ede9ddf miniupnpd: improve (some) logs 2015-01-20 14:13:18 +01:00
Thomas Bernard f795af5f54 2014 => 2015 2015-01-20 14:12:10 +01:00
Thomas Bernard bbb6df523d miniupnpd/natpmp.c: #if IPV6_PKTINFO => #ifdef IPV6_PKTINFO 2014-12-31 01:38:15 +01:00
Thomas Bernard c336b23706 miniupnpd/upnpglobalvars.c: documentation about CONFIGID.UPNP.ORG 2014-12-15 12:02:42 +01:00
Thomas Bernard c4b167537f miniupnpd/Makefile.linux: fix clean (testporinuse.o) 2014-12-15 11:59:17 +01:00
Thomas Bernard 22bc695f91 remove unused bsdqueue.h 2014-12-15 11:58:57 +01:00
Thomas Bernard 2d89a05982 miniupnpd/miniupnpd.c: minor fixes in usage output 2014-12-10 10:44:32 +01:00
Thomas Bernard 99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard 00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard 2d52890608 miniupnpd/upnpglobalvars.c: document BOOTID.UPNP.ORG and CONFIGID.UPNP.ORG 2014-12-10 10:03:13 +01:00
Thomas Bernard e283270274 miniupnpd/pf/pfpinhole.c: reduce log verbosity
also remove a "argument not used" warning
2014-12-10 09:46:57 +01:00
Thomas Bernard e013870cca miniupnpd/upnpsoap.c: remove an unneeded \n in log 2014-12-09 18:32:31 +01:00
Thomas Bernard 181850ad1f miniupnpd/upnphttp.c: check ':' in HTTP header names 2014-12-09 18:28:23 +01:00
Thomas Bernard 98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard 31986d8190 miniupnpd/upnphttp.c: fix 526e1dcd40 2014-12-09 17:48:14 +01:00
Thomas Bernard 9e30117cac miniupnpd/upnphttp.c: fix ec94c5663f
thanks to Stephen Röttger
2014-12-09 11:44:28 +01:00
Thomas Bernard 526e1dcd40 miniupnpd/upnphttp.c: skip only spaces and tab (stop on CR and LF) 2014-12-09 11:38:50 +01:00
Thomas Bernard 064c78730c miniupnpd/upnphttp.c: cosmetical changes 2014-12-09 11:04:38 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard 7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard 3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard 33a5ebf367 miniupnpd/upnpsoap.c: make WANAccessType easier to configure 2014-11-27 13:25:45 +01:00
Thomas Bernard eef94da7e0 miniupnpd/upnpreplyparse.c: fix DisplayNameValueList() 2014-11-12 17:05:15 +01:00
Thomas Bernard bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard 27d4d10a3e miniupnpd/miniupnpd.c: fix PCP third party mode (in IPv4)
fixes problem introduced in commit 16389fda3c
2014-10-30 20:37:35 +01:00
Thomas Bernard 50f7611227 miniupnpd/TODO: updated TODO (a bit) 2014-10-30 20:35:36 +01:00
Thomas Bernard 510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard 067aa01856 miniupnpd/pcpserver.c: remove unused argument warning 2014-10-27 17:39:01 +01:00
Thomas Bernard a80c87fb8d remove need of sys/queue.h or bsdqueue.h in upnpreplyparse.c/.h 2014-10-27 17:38:26 +01:00
Thomas Bernard fb1aba3c9a miniupnpd/natpmp.c: fix walktrough of mapping "list" for NATPMP removal 2014-10-23 18:00:24 +02:00
Thomas Bernard 350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
fixes #97
2014-10-23 17:57:31 +02:00
Thomas Bernard 8baf8d351a miniupnpd/minissdp.c: Remove warning (caused by double const) 2014-10-22 13:57:24 +02:00
Thomas Bernard 88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard 447bad32c9 miniupnpd/minissdp.c: Add documentation to SSDPNotify* functions 2014-10-22 12:11:34 +02:00
Thomas Bernard aef2c0a3b4 miniupnpd/minissdp.c: fix 50e370abcd
while() => for() / reindent/etc
2014-10-22 12:10:30 +02:00
Thomas Bernard ac816e91f9 Merge branch 'master' into mcast_ssdp 2014-10-22 11:47:46 +02:00
Thomas Bernard 9194b02071 miniupnpd/minissdp.c: comments about binding "notify" sockets
Explain why bind() is called in functions
OpenAndConfSSDPNotifySocket and OpenAndConfSSDPNotifySocketIPV6
2014-10-22 11:43:42 +02:00
Thomas Bernard e810903443 miniupnpd/upnputils.c: do something in case inet_ntop() fails 2014-10-22 11:14:48 +02:00
Thomas Bernard bedbf88fc6 miniupnpd/upnputils.c: compile some debug output only when needed 2014-10-22 11:13:48 +02:00
Thomas Bernard 16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
sbyx 4cbcdc34d2 UPNP pinholing: add missing sys/types.h include
sys/types.h is necessary to declare u_int64_t for some c libraries, so include it.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 15:54:02 +02:00
sbyx 47b77fabb6 Remove unnecessary sysctl.h include for linux
miniupnpd on Linux unnecessarily includes sys/sysctl.h which breaks builds with musl-libc.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 10:56:34 +02:00
Thomas Bernard 82604ec5d0 miniupnpd/miniupnpd.conf: add comments regarding security
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
Markus Stenberg 17dabcc708 Use -f with gzip, to prevent interactive promots when running make install multiple times. 2014-10-08 14:24:01 +03:00
Thomas Bernard 97c001d464 add use(less ?)ful comments 2014-10-06 14:44:45 +02:00
Thomas Bernard 55c959247b miniupnpd/minissdp.c: remove warning if ipv6 is disabled 2014-10-06 14:44:23 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 9885060d5c miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3
see commit 7f6cf3680e
2014-09-15 17:12:31 +02:00
Gleb Smirnoff 7f6cf3680e Use BSD libc API to fetch data about interface statistics instead
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.

This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.

Tested by:	Daniel Engberg <daniel.engberg.lists pyret.net>
2014-09-14 13:41:49 +04:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard 1961868cd5 miniupnpd/minissdp.c: add a default delay before SSDP response
fixes #084
2014-08-01 12:30:55 +02:00
sbyx ef408d0857 Fix typo in byte conversion & writing in NAT-PMP
This fixes https://github.com/miniupnp/miniupnp/issues/89.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-07-31 08:43:48 +02:00
Daniel Becker dcf658c55e miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD 2014-06-20 23:23:16 -07:00
Thomas Bernard 78d32ba012 Merge remote branch 'mikedld/remove-macosx-macro' 2014-06-16 10:54:03 +02:00
Mike Gelfand c08833f9e8 Use _WIN32 instead of WIN32 to check for Windows
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
2014-06-15 09:37:13 +03:00
Mike Gelfand 920845b107 Use built-in __APPLE__ macro instead of MACOSX
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
2014-06-15 04:14:43 +03:00
Markus Stenberg 5aaac2c6f5 miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port. 2014-06-02 19:39:06 +03:00
Markus Stenberg 3eb71223b4 For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh) 2014-05-29 17:56:48 +03:00
Thomas Bernard 50e370abcd miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses 2014-05-23 17:05:15 +02:00
Thomas Bernard 4069d9633c miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket 2014-05-23 17:03:56 +02:00
Thomas Bernard 6bf84dc834 miniupnpd/minissdp.c: clean SendSSDPbyebye() 2014-05-23 12:07:39 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 00fbdb70cf miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface 2014-05-22 10:17:06 +02:00
Thomas Bernard 165aeef129 miniupnpd/minissdp.c: clean SendSSDPNotify() code 2014-05-22 10:12:26 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 72463253dc miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT 2014-05-22 01:38:18 +02:00
Thomas Bernard 9f78015a5b miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Markus Stenberg c038146cee Added ipv6_listening_ip option to override it from in6addr_any.
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard d851ad4c25 miniupnpd: Retreive PCP packed IPV6 destination address 2014-05-19 15:27:34 +02:00
Markus Stenberg 83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard 7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard 653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00
Markus Stenberg 6b3ff0242d Made failed pinhole request actually fail in terms of return value too. 2014-05-15 12:03:18 +02:00
Markus Stenberg 924b6d1613 Checking lan only in non-thirdparty mode. 2014-05-15 12:02:46 +02:00
Markus Stenberg 28b3afbb8f Added TODO about IPv6 permission handling. 2014-05-15 12:02:12 +02:00
Markus Stenberg 3a457092ce Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg be6db5995d miniupnpd: work in progress on PCP pinhole support 2014-05-15 11:58:17 +02:00
Markus Stenberg 7c7407099e Added Linux get_pinhole_uid_by_index. 2014-05-15 11:45:37 +02:00
Markus Stenberg e907d7bba6 miniupnpd: Some initial effort at actually adding pinhole support to PCP code. 2014-05-15 11:45:33 +02:00
Markus Stenberg c000a00508 Fixed PEER supporting PCP to compile too. 2014-05-15 11:29:01 +02:00
Markus Stenberg 3e03562b77 miniupnpd: Added ENABLE_UPNPPINHOLE macro
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard ba97c9b238 miniupnpd/pcpserver.c: fix ProcessPCPRequest()
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg 3f9000db76 Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay. 2014-05-15 10:51:00 +02:00
Thomas Bernard de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard 4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell 20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Thomas Bernard 98109ea92e miniupnpd/getifaddr.c: fix when IPV6 is not enabled 2014-05-06 15:15:07 +02:00
Markus Stenberg 338a533a09 miniupnpd/pcpserver.c: Preliminary work for PCP fw control
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg d058fd3f36 miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00
Markus Stenberg 5e5a9d39eb Added missing check for int_ip. 2014-05-06 13:27:42 +02:00
Markus Stenberg 2f5c3ce959 miniupnpd/pcpserver.c: Some IPv6 related work on PCP. 2014-05-06 13:26:06 +02:00
Thomas Bernard 0e49fe7e94 miniupnpd: change "allow_thirdparty" PCP option to a bit flag 2014-05-06 13:15:24 +02:00
Markus Stenberg c801138c63 Added PCP third party option and made it's use an option. 2014-05-06 13:10:09 +02:00