Commit Graph

947 Commits

Author SHA1 Message Date
Thomas Bernard 7800de9429
miniupnpd: fix for bridges
you now can setup :
listening_ip=igb1 bridge0 xxx0 xxx1 ...

miniupnpd will use igd1 address, but will not complain when receiving
packets from either igb1, bridge0, xxx0 or xxx1

fixes #379
see also #408
2020-04-29 00:03:54 +02:00
Thomas Bernard a965520085
fix warning (int promotion)
also add (c) Thomas Bernard
2020-04-29 00:01:44 +02:00
Thomas Bernard fcac8b9690
upnpstun.c: support for more attributes types
0x0009: /* ERROR-CODE */
 0x0020: /* XOR-MAPPED-ADDRESS (RFC 5389) */
 0x802b: /* RESPONSE-ORIGIN (RFC 5780) */
 0x802c: /* OTHER-ADDRESS (RFC 5780) */
2020-04-21 23:25:17 +02:00
Thomas Bernard 78956a97df
upnpstun.c: improve error and debug log 2020-04-21 23:24:58 +02:00
Thomas Bernard 38c3419ea5 miniupnpd/Changelog.txt: update about e49d44f700 2020-04-21 18:38:09 +02:00
Chen Minqiang e49d44f700 miniupnpd: set SNAT to support bidirectional mapping
we cannot expect that iport == eport on all the case in firewall.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-21 07:41:58 +08:00
Thomas Bernard db82286683
genconfig.sh: allow --firewall option on BSD's too 2020-04-21 00:24:11 +02:00
Thomas Bernard 89e63507ac
Remove FW API detecting code from Makefile (BSD)
generate bsdmake.inc
2020-04-21 00:24:07 +02:00
Thomas Bernard 07abee862c miniupnpd: Fix "IGD2 Port Triggering" in update_portmapping() 2020-04-20 23:37:24 +02:00
Chen Minqiang 7662088603 miniupnpd: fix typo
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:13 +08:00
Chen Minqiang 93c89c209c miniupnpd: update snat rules on update_portmapping
We forget to update the snat rule when update the
portmapping.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:00 +08:00
Thomas Bernard c51c5b7d58
miniupnpd: be more explicit about usage of ext_ip= in double nat setups 2020-04-12 19:44:27 +02:00
Thomas Bernard 3f04f7992c
miniupnpd/pf: disabled setting dst address in rule by default
see #433
was introduced by 53e8185725 to fix #231
2020-04-12 19:30:37 +02:00
Thomas Bernard a774830fe0
miniupnpd: Option to disable IPv6 at runtime : -4 / ipv6_disable=yes 2020-04-09 21:12:20 +02:00
Thomas Bernard 040fbc40f8 miniupnpd/Makefile: fix FreeBSD firewall detection
see 5e11ef3245
fixes #431
2020-04-06 12:00:09 +02:00
Thomas Bernard c3fab25f86 update Changelog.txt 2020-03-29 11:08:15 +02:00
Thomas Bernard 5e11ef3245
miniupnpd: fix FreeBSD Firewall detection
fixes #431
2020-03-29 10:54:26 +02:00
Blink 05e09f9e6d
fix build for macos 2020-03-21 17:38:46 +08:00
HanJong Jang 5eaf3ec0fe Correct typo 2020-03-05 22:46:01 +09:00
Thomas Bernard 927e2f3666 miniupnpd/Changelog.txt: update 2019-12-24 01:38:55 +01:00
Thomas Bernard 351b28c5ad
Fix PCPSendUnsolicitedAnnounce() when IPv6 is not available
IPV6 can be enabled at compile time but unavailable at runtime
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?t=2395
2019-12-18 01:18:56 +01:00
Khem Raj 533f46cb7e Add OpenEmbedded cross compile case
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-11-01 08:24:51 -07:00
Thomas Bernard aa08b09068 miniupnpd version prints backend 2019-10-22 20:11:02 +02:00
Thomas Bernard 1876efc823 https://miniupnp.tuxfamily.org/ 2019-10-22 20:11:02 +02:00
Thomas Bernard 733c3c25f7
INSTALL: update about apt-get packages to install for nftables 2019-10-22 17:49:48 +02:00
Thomas Bernard 0d7ccf1388 2019 2019-10-06 22:53:20 +02:00
Thomas Bernard d17912b95b ignore validateversion 2019-10-06 22:44:32 +02:00
Thomas Bernard ce9cf89f07
Makefile.linux_nft: fix depends 2019-10-06 22:41:47 +02:00
Thomas Bernard f200b1b7e8
netfilter_nft/nftpinhole.c: fix after function renames
nft_send_request() => nft_send_rule()
reflesh_nft_cache_filter() => refresh_nft_cache_filter()
2019-10-06 22:30:36 +02:00
Thomas Bernard 8ac3784fe2 Merge branch 'version' 2019-10-06 22:17:25 +02:00
Paul Chambers 913194cf75 Move print_rule to the file it's used in. 2019-10-06 21:47:50 +02:00
Paul Chambers 9d1680455e cleanup some formatting inconsistencies 2019-10-06 21:38:58 +02:00
Thomas Bernard 4ac428cbc9 netfilter_nft: remove dead code 2019-10-06 21:25:03 +02:00
Paul Chambers 35fa178ec8 encapsulate debug printing of rules. keeps stack layout the same between debug & non-debug builds. 2019-10-06 21:15:25 +02:00
Thomas Bernard a87011f933 fix checking of "~Man:" header"
bug introduced in 3571a41d1b
2019-10-06 00:17:52 +02:00
Thomas Bernard b747e222a8 miniupnpd/.gitignore: dox/ 2019-10-05 23:55:44 +02:00
Thomas Bernard 0a35f97db7
Makefile.linux: validate version 2019-10-05 22:44:36 +02:00
Thomas Bernard 49d3b57441
miniupnpd: Add --version commandline option
fixes #370
2019-10-05 22:44:31 +02:00
Thomas Bernard 700b86eeda
compatibility with OpenSSL 1.1.x
Use OpenSSL TLS_server_method() instead of TLSv1_server_method()
Also fix ERR_remove_state(0) call
2019-10-05 22:44:31 +02:00
Paul Chambers 123e589266 establish persistent mnl/netlink socket at init_redirect (needs elevated privileges) 2019-10-05 22:39:05 +02:00
Thomas Bernard 22223da9a1 use OpenBSD pledge() to drop privileges
To be tested

see #405
2019-10-03 23:23:53 +02:00
Thomas Bernard 174db857f8 fix end of file 2019-10-03 00:15:50 +02:00
Thomas Bernard 49a60028e7 2019 2019-10-03 00:15:32 +02:00
Thomas Bernard 6f4057ee82 update Changelog.txt 2019-10-03 00:15:13 +02:00
Thomas Bernard 57bc67f72a 2019 2019-10-02 23:42:55 +02:00
Paul Chambers 7ea314412c make rdr_name_type enum values more unique 2019-10-02 23:42:15 +02:00
Paul Chambers b36a6e94f8 NFT_RULE_USERDATA is sized, not null-terminated. Must use strndup() 2019-10-02 23:42:15 +02:00
Paul Chambers fda82bceef remove lingering debug stuff, add my name to file headers 2019-10-02 13:08:22 -07:00
Paul Chambers dcad93615f set the family attribute on the chain 2019-10-01 01:12:10 -07:00
Paul Chambers 2a496a1c1c Minimize attributes set if chain_op is not NFT_MSG_NEWCHAIN 2019-10-01 00:40:05 -07:00