Commit Graph

12 Commits

Author SHA1 Message Date
yangfl 2ff8cb17da miniupnpd: Add option to match rules with regex
Some reports that a certain app is abusing UPnP for exploiting upload
bandwidth. This commit adds support to restrict UPnP rules to a regex.
By matching requester's description string against rule's regex, this
will make some obstacles for that app.
2022-10-21 21:26:39 +02:00
Thomas Bernard 72ec9e1943
update changelog / comments 2020-10-30 22:44:02 +01:00
Thomas Bernard 92ff8a6a7e
in_addr_t instead of struct in_addr 2020-10-22 23:20:50 +02:00
Thomas Bernard 6b2070c6e9
fix 18a6ab0201 2020-10-22 23:19:59 +02:00
Thomas Bernard 18a6ab0201
AddAnyPortMapping(): Only try allowed ports
build an array of all allowed ports.
should fix #465
2020-10-18 00:20:24 +02:00
Thomas Bernard 081c46338c miniupnpd/upnppermissions.c: disable match_permission_internal() 2014-03-13 09:53:44 +01:00
Daniel Becker f4f4573f53 miniupnpd: fix eport selection and error handling
The find_available_eport function that was intended to check if
at least one eport is allowed for a given iaddr/iport does not
work as intended; for example, it does not properly handle rule
precedence (i.e., it considers allow rules even if they are
effectively masked by earlier deny rules), and it also does not
handle the case where no rules are specified at all (which
should default to accept in order to be consistent with
check_upnp_rule_against_permissions). The present change removes
this function and instead integrates the check into the existing
while loop that iterates over all eports.
2014-03-10 00:32:23 -07:00
Thomas Bernard e385db03b9 miniupnpd: improved permission checking for NAT-PMP
NAT-PMP now searches an allowed eport if the one from
request is not, instead of returning an error
2014-03-07 11:48:17 +01:00
Thomas Bernard b1cc7aad36 upnppermissions.c: allow 192.168.1.1/255.255.255.0 as ip/mask
Change read_permission_line() to allow 192.168.1.1/255.255.255.0 in
addition to 192.168.1.1/24 in permission line (in configuration file).
2012-02-15 23:49:56 +01:00
Thomas Bernard 0cc68c47b6 More syntax checks in upnppermissions.c 2012-02-12 14:03:42 +01:00
Thomas Bernard c07408ef1f Always #include <netinet/in.h> before #include <arpa/inet.h> (for OpenBSD) 2012-01-20 22:55:43 +01:00
Thomas Bernard 0d96346588 Adding miniupnpd 2011-09-28 21:13:20 +02:00