1114 Commits

Author SHA1 Message Date
Thomas Bernard
6e16650bc2
miniupnpd/configure: fix comparaison
[ "$IPTABLES_143" -eq 1 ]
doesn't work if $ITABLES_143 is empty
using instead :
 [ "$IPTABLES_143" = "1" ]
2021-09-30 01:49:30 +02:00
Thomas Bernard
c88178650e
replace 'which' with 'command -v' 2021-09-30 01:49:30 +02:00
Thomas Bernard
5d315359aa
gitrev.mk: use gitlab-ci predefined variables 2021-09-30 01:49:29 +02:00
Thomas Bernard
50950a3520
iptcrdr.c: fix a potential double iptc_free(h)
closes #566
2021-09-28 22:47:05 +02:00
Pali Rohár
200d6c2509 miniupnpd: Add some missing checks when update_ext_ip_addr_from_stun() or getifaddr() fails
There is missing corner case check when these functions return failure.
Network in this case does not work, so disable port forwarding to prevent
returning incorrect response about port forwarding state.

Also explicitly set disable_port_forwarding to 0 on success to make code
more readable.
2021-08-31 21:34:27 +02:00
Michał Górny
2087e14b8e testgetifaddr.sh: Always use the first IP addr from 'ip -4 addr'
Terminate the awk after getting the first interface name and IP address
from 'ip -4 addr' output.  Otherwise, the test fails if the interface
in question has multiple IP addresses, as the test program returns
the first address, while awk prints all.
2021-08-22 09:53:31 +02:00
Michał Górny
8c1e5f9500 testgetifaddr.sh: Implement EXTIF fallback to 'ip -4 addr'
Fall back to getting the interface name from 'ip -4 addr' when there
is no default route.  In this case, the test simply uses the interface
providing the IP address for 'ip -4 addr' (since the command is
implicitly called with no interface argument).
2021-08-22 09:50:25 +02:00
Thomas Bernard
df0fbf08b8 miniupnpd version 2.2.3 2021-08-21 11:17:30 +02:00
Thomas Bernard
92cf5c2f95 nftnlrdr_misc.c: 2021 2021-08-21 10:26:31 +02:00
Thomas Bernard
23edb7e5eb options.c: 2021 2021-08-21 10:24:22 +02:00
Thomas Bernard
fec7d87f00 pcplearndscp.h: "new" website 2021-08-21 10:22:26 +02:00
Thomas Bernard
9dbee950ad
upnppinhole.c/.h: 2021 2021-08-21 10:14:28 +02:00
Thomas BERNARD
2115b8f8f0
Merge pull request #553 from ncopa/musl-libc-fix
miniupnpd: don't check for glibc version with musl
2021-08-21 09:52:06 +02:00
Thomas Bernard
5d5a06c206
Changelog.txt: lease file for IPv6 pinholes
closes #18
2021-08-18 12:38:04 +02:00
Sven Auhagen
74dbad5ab0 IPv6 pinholes lease file
This patch adds a lease file for IPv6 pinholes.
The leases are maintained and readded when miniupnpd restarts.
Currently all IPv6 leases are lost on restart.

Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
2021-08-18 11:06:12 +01:00
Thomas Bernard
46fedcbc32
update Changelog.txt
see #539
2021-08-12 23:19:14 +02:00
Thomas Bernard
32f1d4cd1a
upnpdescgen.c: rootDesc.xml skip DeviceProtection and WANIPv6FirewallControl when force_igd1
see #539
2021-08-12 23:19:14 +02:00
Thomas Bernard
4d4121bf40
upnpdescgen.c: move a variable declaration 2021-08-12 23:19:14 +02:00
Thomas Bernard
2f2685af97
upnphttp.c: detecting MS client and forcing IGD v1
should fix #539
2021-08-12 23:19:14 +02:00
Thomas Bernard
d8e5659c7b
upnpdescgen.c: add force_igd1 param to XML description generation functions 2021-08-12 23:19:13 +02:00
Thomas Bernard
7c112e2b39 Merge commit '7ee554d31b47a7227ab85aa919792597ce78c81e' 2021-08-11 14:49:06 +02:00
Thomas Bernard
f1388717af
miniupnpd.c: fix 1aa46b5a2c71578d63f836c446686c3bc7316733 2021-08-11 12:19:30 +02:00
Pali Rohár
7ee554d31b miniupnpd: Disable port forwarding when upstream interface is down
Obviously port forwarding cannot work when upstream interface is down. So
correctly report status code for port forwarding requests to clients in
this case.
2021-08-06 16:13:25 +02:00
Natanael Copa
ebaa69b313 miniupnpd: don't check for glibc version with musl
Test that ldd is from GLIBC before exctracting the GLIBC_VERSION. This
is not needed with musl libc.
2021-07-21 10:38:35 +02:00
Natanael Copa
1aa46b5a2c miniupnpd: improve error message for bad config
Improve error message so users don't need read the source to figure out
why miniupnpd refuses to start even if the usage is correct.
2021-07-15 12:23:26 +02:00
Thomas Bernard
6f848ae082
2021 2021-06-18 00:37:27 +02:00
Thomas Bernard
7fcbcd35b9
fix commit 5567e7c7e05f2cda8e2f82d97b4054c5729fb933 2021-06-18 00:31:27 +02:00
Thomas Bernard
5567e7c7e0
miniupnpd: improves error handling during init.
- Fails on config parsing and init errors.
- print errors during init to both syslog and stderr.

fixes #551
2021-06-18 00:21:16 +02:00
Thomas Bernard
97b7ec1ad2
normalize use of __STDC_VERSION__ 2021-06-17 09:25:26 +02:00
Thomas Bernard
7783ac1545
upnphttp.c: Code factorization : use SendResp_upnphttp() in SendRespAndClose_upnphttp() 2021-05-22 23:54:32 +02:00
Thomas Bernard
acca60a365
miniupnpd: Better comment snprintf() used to build HTTP headers 2021-05-22 23:30:05 +02:00
Thomas Bernard
08ae9e9e71
miniupnpd: dynamically retrieve uname -r
fixes #547
2021-05-22 00:16:40 +02:00
Thomas Bernard
982f47a8b6
miniupnpd: version 2.2.2 2021-05-13 13:33:02 +02:00
SeaEagle1
1713f4b9b4
Add SO_REUSEPORT option for SSDP
fixes #541
2021-05-12 00:15:02 +02:00
Thomas Bernard
57e9a52b95
miniupnpd/Changelog.txt: update 2021-05-11 23:58:35 +02:00
Thomas Bernard
3a87be33e7
upnpsoap.c: comment and improve GetExternalIPAddress()
GetExternalIPAddress returns empty string when the External IP address can
not be retrieved.
2021-03-31 09:43:28 +02:00
Pali Rohár
79ca440f73 miniupnpd: When ExternalIPAddress is unknown returns empty string in GetExternalIPAddress
IGD v2.0 specification for WANIPConnection:2 says:

  When the external IP address could not be retrieved by the gateway (for
  example, because the interface is down or because there was a failure in
  the last connection setup attempt), then the ExternalIPAddress MUST be
  equal to the empty string.

So instead of Error 501 "Action Failed" returns empty string to be
compliant with IGD v2.0 specification.
2021-03-28 17:20:34 +02:00
Thomas Bernard
9239cf28c1
Fix the cleanup of PREROUTING mangle chain
it was changed iby mistake to FORWARD by 82ec7bc3df0eab362163545f5e61eb97a84652cd

see discussion in PR #530
2021-02-26 15:15:09 +01:00
Thomas Bernard
3b6b0ba1e3
INSTALL: update 2021-02-26 15:14:03 +01:00
Thomas Bernard
207d1849e4 miniupnpd.c: typo and ip -> IP 2021-01-15 19:33:29 +01:00
Pali Rohár
e6bf74a691 Add check that miniupnpd is not going to listen on WAN interface with public IP address
Option listen= is used for LAN interface/address and option ext_addr= is
used for public IP address. If users by mistake swap WAN and LAN interface
or public and private IP addresses then miniupnpd obviously would not work
and instead of hacking miniupnpd code users should rather check their
miniupnpd configuration or local firewall settings.

So add checks and hints which prevents security issues like swapping LAN
and WAN interfaces/addresses and therefore prevent exposing port forwarding
and firewall configuration on public Internet.
2020-12-30 11:23:29 +01:00
Pali Rohár
304ff79dc5 Update and extend description from STUN output
People sometimes do not understand where is the problem, so include also
hints what they needs to check, change and re-configure.
2020-12-30 11:22:12 +01:00
Thomas Bernard
9ef311d235
miniupnpd: version 2.2.1 2020-12-20 19:12:47 +01:00
Tim Gates
341d0f51a2
docs: fix simple typo, decription -> description
There is a small typo in miniupnpd/commonrdr.h, miniupnpd/ipf/ipfrdr.c, miniupnpd/pf/obsdrdr.c.

Should read `description` rather than `decription`.
2020-12-10 05:26:04 +11:00
Thomas Bernard
22c1386351
protocol[] can be "UDPLITE"
fixes #5034
2020-11-12 08:59:47 +01:00
Thomas Bernard
f50f00b5ea
errno.h not sys/errno.h 2020-11-11 13:24:48 +01:00
Thomas Bernard
ab544c3a0e
asyncsendto.c: use named enum.
see #502
2020-11-11 13:16:14 +01:00
Thomas Bernard
30c27967ae
fix error message for IPV6. 2020 2020-11-05 21:59:25 +01:00
Thomas Bernard
97fd716bd0
2020 2020-11-04 22:32:14 +01:00
Thomas Bernard
057368701e
fix warning 2020-11-04 22:31:47 +01:00