Commit Graph

981 Commits

Author SHA1 Message Date
Thomas Bernard c3d71b97ab nftnlrdr_misc.c: malloc/memcpy instead of strndup()
see #466
2020-06-01 17:35:26 +02:00
Thomas Bernard 3b20182c86
miniupnpd/upnpdescgen.c: check string length before memcmp() in genServiceDesc()
see https://github.com/miniupnp/miniupnp/issues/459
2020-05-30 11:06:24 +02:00
Thomas Bernard a711165e6e
miniupnpd: improve AddAnyPortMapping()
try with next port when  -3 permission check failed

see #465
2020-05-30 10:29:24 +02:00
Thomas Bernard a30e3de4ba
miniupnpd/netfilter_nft: add debug messages about lease timestamps/duration
in order to debug issue #466
2020-05-30 10:09:22 +02:00
Thomas Bernard 6cd5ca6e9a
call nftnl_rule_is_set(NFTNL_RULE_USERDATA) before nftnl_rule_get_data(NFTNL_RULE_USERDATA)
see #459 and #461
2020-05-29 18:10:30 +02:00
Thomas Bernard 827fc6f041
miniupnpd: prevent buffer overread of known_devices_types
should fix #459
2020-05-29 18:01:39 +02:00
Thomas Bernard 7be0b48022
fix GetExternalIPAddress()
a bug was introduced by cce19781e6

may fix #460
2020-05-29 08:55:44 +02:00
Thomas Bernard d458f1a222
minor stuff 2020-05-17 23:16:45 +02:00
Thomas Bernard e823722b5d
some cp implementations do not support the -v option 2020-05-11 23:31:53 +02:00
Thomas Bernard 02e41f7346
miniupnpd: BSD: allow to build from another directory
$ cd miniupnpd
$ mkdir build
$ cd build
$ ../configure && make
2020-05-11 23:30:19 +02:00
Thomas Bernard 384f6592a8
miniupnpd: update Changelog 2020-05-10 20:01:30 +02:00
Thomas Bernard f9002bfaa7
https://miniupnp.tuxfamily.org/ 2020-05-10 20:01:24 +02:00
Thomas Bernard a04d6d405d miniupnpd/Makefile.linux_nft: update CFLAGS / LDFLAGS 2020-05-10 20:00:50 +02:00
Thomas Bernard e166f541e8 => 2020 2020-05-10 20:00:37 +02:00
Thomas Bernard 194566a5bd
support for libcap-ng
fixes #405
2020-05-10 15:34:45 +02:00
Thomas Bernard 5abb714d34
drop linux capabilities 2020-05-10 15:34:44 +02:00
Pali Rohár 9e41cad6a8 upnpstun.c: TEST: Require root user
New version of /sbin/iptables binary prints nonsense error message when is
called by ordinary non-root user:

  iptables v1.8.2 (nf_tables): unknown option "--dport"

Under root user it works correctly and understands --dport argument.

/sbin/iptables binary obviously does not work without root user, so rather
print error message as debugging why /sbin/iptables printed that nonsense
error message about unknown option.
2020-05-08 16:32:16 +02:00
Pali Rohár 0cad5296c6 upnpstun.c: TEST: Redirect syslog() call to printf()
When compiling Testing Linux application, replace syslog() call by
printf(). openlog() does not honor LOG_CONS flag, it works only when
application cannot connect to syslog (which is rare). There is way to force
syslog() call to print to stdout, so replace openlog() and syslog() calls
by normal printf() call via preprocessor macro when compiling Testing Linux
application.
2020-05-08 16:29:31 +02:00
Pali Rohár d7f60e3fdf upnpstun.c: Show more debug information 2020-05-08 16:26:39 +02:00
Pali Rohár 92a1ee9a7d upnpstun.c: Parse more fields from STUN packet
These fields are sent by e.g. stun.ekiga.net
2020-05-08 16:25:43 +02:00
Pali Rohár 420cfaf208 upnpstun.c: Do not stop processing STUN packet when XOR-MAPPED-ADDRESS is found 2020-05-08 16:23:58 +02:00
Thomas Bernard 388d93d678 minipnpd: move check target to check.mk 2020-05-07 01:02:48 +02:00
Thomas Bernard 2b4d9f5ee5
miniupnpd: fix build for nftables 2020-05-07 00:47:26 +02:00
Thomas Bernard 44c30b0a4e miniupnpd: fix build for nftables 2020-05-07 00:41:59 +02:00
Thomas Bernard 1cdc352788
miniupnpd/testupnppermissions.sh: do not require bash or ksh anymore 2020-05-07 00:34:44 +02:00
Thomas Bernard ea90d39892
miniupnpd: update linux makefiles 2020-05-07 00:34:44 +02:00
Thomas Bernard 4f67061e08
miniupnpd: allow to build in another directory. use .d for depends 2020-05-07 00:34:40 +02:00
Thomas Bernard 9ffc336b5c linux: detect libcap-ng or libcap 2020-05-04 00:09:42 +02:00
Thomas Bernard ca0a3b30ba miniupnpd: update Changelog.txt 2020-05-04 00:08:50 +02:00
Thomas Bernard 55d2535a6f
miniupnpd: move many scripts from Makefile.linux to configure 2020-05-02 18:28:05 +02:00
Thomas Bernard 1833a538ef
miniupnpd/Makefile.linux: move some compile config to configure script 2020-05-02 18:28:00 +02:00
Thomas Bernard 125030132e
genconfig.sh -> configure 2020-05-02 18:26:45 +02:00
Thomas Bernard 69137442fb
Makefile => Makefile.bsd
copy the right Makefile to "Makefile"

TODO : rename genconfig.sh to configure
2020-05-02 18:26:36 +02:00
Thomas Bernard 2a8368a2de
gitrev.mk: CFLAGS => CPPFLAGS 2020-05-02 18:25:48 +02:00
Thomas Bernard 7800de9429
miniupnpd: fix for bridges
you now can setup :
listening_ip=igb1 bridge0 xxx0 xxx1 ...

miniupnpd will use igd1 address, but will not complain when receiving
packets from either igb1, bridge0, xxx0 or xxx1

fixes #379
see also #408
2020-04-29 00:03:54 +02:00
Thomas Bernard a965520085
fix warning (int promotion)
also add (c) Thomas Bernard
2020-04-29 00:01:44 +02:00
Thomas Bernard fcac8b9690
upnpstun.c: support for more attributes types
0x0009: /* ERROR-CODE */
 0x0020: /* XOR-MAPPED-ADDRESS (RFC 5389) */
 0x802b: /* RESPONSE-ORIGIN (RFC 5780) */
 0x802c: /* OTHER-ADDRESS (RFC 5780) */
2020-04-21 23:25:17 +02:00
Thomas Bernard 78956a97df
upnpstun.c: improve error and debug log 2020-04-21 23:24:58 +02:00
Thomas Bernard 38c3419ea5 miniupnpd/Changelog.txt: update about e49d44f700 2020-04-21 18:38:09 +02:00
Chen Minqiang e49d44f700 miniupnpd: set SNAT to support bidirectional mapping
we cannot expect that iport == eport on all the case in firewall.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-21 07:41:58 +08:00
Thomas Bernard db82286683
genconfig.sh: allow --firewall option on BSD's too 2020-04-21 00:24:11 +02:00
Thomas Bernard 89e63507ac
Remove FW API detecting code from Makefile (BSD)
generate bsdmake.inc
2020-04-21 00:24:07 +02:00
Thomas Bernard 07abee862c miniupnpd: Fix "IGD2 Port Triggering" in update_portmapping() 2020-04-20 23:37:24 +02:00
Chen Minqiang 7662088603 miniupnpd: fix typo
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:13 +08:00
Chen Minqiang 93c89c209c miniupnpd: update snat rules on update_portmapping
We forget to update the snat rule when update the
portmapping.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:00 +08:00
Thomas Bernard c51c5b7d58
miniupnpd: be more explicit about usage of ext_ip= in double nat setups 2020-04-12 19:44:27 +02:00
Thomas Bernard 3f04f7992c
miniupnpd/pf: disabled setting dst address in rule by default
see #433
was introduced by 53e8185725 to fix #231
2020-04-12 19:30:37 +02:00
Thomas Bernard a774830fe0
miniupnpd: Option to disable IPv6 at runtime : -4 / ipv6_disable=yes 2020-04-09 21:12:20 +02:00
Thomas Bernard 040fbc40f8 miniupnpd/Makefile: fix FreeBSD firewall detection
see 5e11ef3245
fixes #431
2020-04-06 12:00:09 +02:00
Thomas Bernard c3fab25f86 update Changelog.txt 2020-03-29 11:08:15 +02:00