Thomas Bernard
82604ec5d0
miniupnpd/miniupnpd.conf: add comments regarding security
...
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
Markus Stenberg
17dabcc708
Use -f with gzip, to prevent interactive promots when running make install multiple times.
2014-10-08 14:24:01 +03:00
Thomas Bernard
97c001d464
add use(less ?)ful comments
2014-10-06 14:44:45 +02:00
Thomas Bernard
55c959247b
miniupnpd/minissdp.c: remove warning if ipv6 is disabled
2014-10-06 14:44:23 +02:00
Thomas Bernard
c79c17115c
miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode
2014-09-25 11:47:16 +02:00
Thomas Bernard
9885060d5c
miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3
...
see commit 7f6cf3680e
2014-09-15 17:12:31 +02:00
Gleb Smirnoff
7f6cf3680e
Use BSD libc API to fetch data about interface statistics instead
...
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.
This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.
Tested by: Daniel Engberg <daniel.engberg.lists pyret.net>
2014-09-14 13:41:49 +04:00
Thomas Bernard
05cc5daf14
update Changelog.txt files
2014-09-06 10:37:08 +02:00
Thomas Bernard
1961868cd5
miniupnpd/minissdp.c: add a default delay before SSDP response
...
fixes #084
2014-08-01 12:30:55 +02:00
sbyx
ef408d0857
Fix typo in byte conversion & writing in NAT-PMP
...
This fixes https://github.com/miniupnp/miniupnp/issues/89 .
Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-07-31 08:43:48 +02:00
Daniel Becker
dcf658c55e
miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD
2014-06-20 23:23:16 -07:00
Thomas Bernard
78d32ba012
Merge remote branch 'mikedld/remove-macosx-macro'
2014-06-16 10:54:03 +02:00
Mike Gelfand
c08833f9e8
Use _WIN32 instead of WIN32 to check for Windows
...
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
2014-06-15 09:37:13 +03:00
Mike Gelfand
920845b107
Use built-in __APPLE__ macro instead of MACOSX
...
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
2014-06-15 04:14:43 +03:00
Markus Stenberg
5aaac2c6f5
miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port.
2014-06-02 19:39:06 +03:00
Markus Stenberg
3eb71223b4
For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh)
2014-05-29 17:56:48 +03:00
Thomas Bernard
6bf84dc834
miniupnpd/minissdp.c: clean SendSSDPbyebye()
2014-05-23 12:07:39 +02:00
Thomas Bernard
c4c2f79c12
miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces
2014-05-22 10:22:04 +02:00
Thomas Bernard
00fbdb70cf
miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface
2014-05-22 10:17:06 +02:00
Thomas Bernard
165aeef129
miniupnpd/minissdp.c: clean SendSSDPNotify() code
2014-05-22 10:12:26 +02:00
Thomas Bernard
0d32445f57
miniupnpd/Changelog.txt: catch up :)
2014-05-22 09:57:59 +02:00
Thomas Bernard
d916ce286a
miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names
2014-05-22 09:42:05 +02:00
Thomas Bernard
72463253dc
miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT
2014-05-22 01:38:18 +02:00
Thomas Bernard
9f78015a5b
miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
...
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Markus Stenberg
c038146cee
Added ipv6_listening_ip option to override it from in6addr_any.
...
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard
93d7bb6ae2
miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO)
2014-05-19 16:27:55 +02:00
Thomas Bernard
d851ad4c25
miniupnpd: Retreive PCP packed IPV6 destination address
2014-05-19 15:27:34 +02:00
Markus Stenberg
83c103bc3f
Internal address check is mandatory even if third party option is set.
2014-05-19 13:23:21 +03:00
Thomas Bernard
b9c20cecab
miniupnpd/pf/pfpinhole.c: use label to store pinhole description
2014-05-15 23:27:51 +02:00
Thomas Bernard
7154d30adc
miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable
2014-05-15 12:29:10 +02:00
Thomas Bernard
653bc79292
miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info()
2014-05-15 12:11:42 +02:00
Markus Stenberg
c8ec092693
Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use).
2014-05-15 12:04:03 +02:00
Markus Stenberg
6b3ff0242d
Made failed pinhole request actually fail in terms of return value too.
2014-05-15 12:03:18 +02:00
Markus Stenberg
924b6d1613
Checking lan only in non-thirdparty mode.
2014-05-15 12:02:46 +02:00
Markus Stenberg
28b3afbb8f
Added TODO about IPv6 permission handling.
2014-05-15 12:02:12 +02:00
Markus Stenberg
3a457092ce
Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
...
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg
be6db5995d
miniupnpd: work in progress on PCP pinhole support
2014-05-15 11:58:17 +02:00
Markus Stenberg
7c7407099e
Added Linux get_pinhole_uid_by_index.
2014-05-15 11:45:37 +02:00
Markus Stenberg
e907d7bba6
miniupnpd: Some initial effort at actually adding pinhole support to PCP code.
2014-05-15 11:45:33 +02:00
Markus Stenberg
c000a00508
Fixed PEER supporting PCP to compile too.
2014-05-15 11:29:01 +02:00
Markus Stenberg
3e03562b77
miniupnpd: Added ENABLE_UPNPPINHOLE macro
...
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard
ba97c9b238
miniupnpd/pcpserver.c: fix ProcessPCPRequest()
...
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg
3f9000db76
Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay.
2014-05-15 10:51:00 +02:00
Thomas Bernard
de96dd47d5
update Changelog.txt files
2014-05-15 10:42:08 +02:00
Thomas Bernard
4dbbf34032
miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
...
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell
f27dd45973
Return 730 error where appropriate, and output helpful debug
2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
20f1e070a1
Don't call deletePortMapping method for deletePortMappingRange
...
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Thomas Bernard
98109ea92e
miniupnpd/getifaddr.c: fix when IPV6 is not enabled
2014-05-06 15:15:07 +02:00
Markus Stenberg
338a533a09
miniupnpd/pcpserver.c: Preliminary work for PCP fw control
...
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg
d058fd3f36
miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
...
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00