Commit Graph

76 Commits

Author SHA1 Message Date
Thomas Bernard 50950a3520
iptcrdr.c: fix a potential double iptc_free(h)
closes 
2021-09-28 22:47:05 +02:00
Thomas Bernard 9239cf28c1
Fix the cleanup of PREROUTING mangle chain
it was changed iby mistake to FORWARD by 82ec7bc3df

see discussion in PR 
2021-02-26 15:15:09 +01:00
Thomas Bernard f50f00b5ea
errno.h not sys/errno.h 2020-11-11 13:24:48 +01:00
Thomas Bernard f9908a788b Move chain name variables to netfilter/* 2020-09-28 22:44:24 +02:00
Chen Minqiang b44e5e7a83 fix update_portmapping() missing target when update filter table 2020-06-27 11:31:08 +08:00
Thomas Bernard e166f541e8 => 2020 2020-05-10 20:00:37 +02:00
Thomas Bernard 4f67061e08
miniupnpd: allow to build in another directory. use .d for depends 2020-05-07 00:34:40 +02:00
Thomas Bernard 1833a538ef
miniupnpd/Makefile.linux: move some compile config to configure script 2020-05-02 18:28:00 +02:00
Chen Minqiang e49d44f700 miniupnpd: set SNAT to support bidirectional mapping
we cannot expect that iport == eport on all the case in firewall.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-21 07:41:58 +08:00
Thomas Bernard 07abee862c miniupnpd: Fix "IGD2 Port Triggering" in update_portmapping() 2020-04-20 23:37:24 +02:00
Chen Minqiang 7662088603 miniupnpd: fix typo
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:13 +08:00
Chen Minqiang 93c89c209c miniupnpd: update snat rules on update_portmapping
We forget to update the snat rule when update the
portmapping.

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2020-04-20 15:05:00 +08:00
HanJong Jang 5eaf3ec0fe Correct typo 2020-03-05 22:46:01 +09:00
Thomas Bernard 6317e73342 iptpinhole.c: fix ressource leak in ip6tc_init_verify_append()
fixes 
2019-08-24 10:55:33 +02:00
Thomas Bernard a77d1ff9d3
iptcrdr.c: memory allocation fix in get_portmappings_in_range()
fixes 
2019-08-24 10:54:46 +02:00
Thomas Bernard 2d873ce908 miniupnpd_functions.sh parsing fix.
both MINIUPNPD and MINIUPNPD-PREROUTING were matched by
/$CHAIN/.
2019-03-22 15:35:23 +01:00
Thomas Bernard 476974ab52 use iptables -I instead of -A to add rules
So the rules are added at the head of the chains, taking
priority over the preloaded rules.

should fix 
2019-03-22 15:33:57 +01:00
Thomas Bernard c3f752db4a
miniupnpd/netfilter: fix iptables_init.sh for postrouting chain
should fix 
2019-03-09 16:16:00 +01:00
Thomas Bernard f7d65cdaad
miniupnpd/netfilter/ipctcrdr.c: conditionnaly use NFC_UNKNOWN as well
fix 
2019-02-03 19:04:44 +01:00
Thomas Bernard 6106111972
miniupnpd/netfilter: build with linux kernel 5.0
should fix 
2019-02-03 13:26:27 +01:00
Thomas Bernard 6e5a88098d fix file headers (=>2018)
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 14:16:49 +02:00
Thomas Bernard 810cb665c2 Merge branch 'pr_307'
see 
2018-07-06 13:40:18 +02:00
Thomas Bernard 72005ce86a add -w option to iptables.
see https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5113

Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-05-29 12:26:33 +02:00
Pali Rohár cd7284785b miniupnpd: Add function delete_filter_rule() also for PF and Linux Netfilter
It is needed for STUN implementation.
2018-05-19 13:31:02 +02:00
Thomas Bernard 5dcd40aece netfilter/iptpinhole.c: remove warning: implicit declaration of function 'upnp_time'
fixes ef94635100
2018-04-22 21:24:30 +02:00
yangfl 82ec7bc3df miniupnpd: Add options for netfilter scripts 2018-03-16 23:57:39 +08:00
Thomas Bernard ef94635100 miniupnpd: time() => upnp_time()
I had forgotten some
see 
2018-03-14 00:09:42 +01:00
Thomas Bernard b4ed41eae8 add -w parameter to iptables for locking
fixes 
2017-03-13 13:07:22 +01:00
Thomas Bernard da64fd85cb pass ext_if_name arg to add_pinhole()
should fix 
2017-03-13 11:47:21 +01:00
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes 
2016-03-08 10:29:47 +01:00
Thomas Bernard 9c28a0745f remove warning 2016-02-12 15:31:21 +01:00
Thomas Bernard ff4b9c5d75 netfilter/iptcrdr.c: improve debug output 2016-02-12 15:02:44 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard 34f80a011f Add light version of iptables_display.sh script 2016-02-12 14:56:10 +01:00
Thomas Bernard 8bad6cd338 netfilter/iptcrdr.c: remove old USE_INDEX_FROM_DESC_LIST code 2016-02-12 14:55:09 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard 06049f1e7d add ENABLE_PORT_TRIGGERING macro in config.h
enabled by default. Will allow people to disable the code :)
2016-02-09 10:09:19 +01:00
Thomas Bernard 3284d113c7 remove ifname arg from addmasqueraderule()
also improve comment and remove useless log :)
2016-01-28 22:16:07 +01:00
Thomas Bernard 141e861c3a remove call to addpeernatrule() ... 2016-01-26 18:17:05 +01:00
Thomas Bernard 9059966122 netfilter/iptcrdr.c: improve comments
give which iptables command is equivalent for adding the rule
2016-01-26 18:16:23 +01:00
Thomas Bernard 1ba4362910 MINIUPNPD-PCP-PEER => MINIUPNPD-POSTROUTING
renamed
miniupnpd_peer_chain = "MINIUPNPD-PCP-PEER"
to
miniupnpd_nat_postrouting_chain = "MINIUPNPD-POSTROUTING";
2016-01-26 16:50:48 +01:00
Thomas Bernard ba91c4ec23 add addmasqueraderule()
see issue 
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820

iptables -t nat -I POSTROUTING -o <extif> -s <iaddr> -p UDP --sport <iport> -j MASQUERADE --to-ports <eport>
2016-01-26 16:38:32 +01:00
Thomas Bernard f4324d45e5 fix netfilter/Makefile dependencies, fix iptables_display.sh 2016-01-26 16:38:32 +01:00
Thomas Bernard 55cf34a101 fix iptc_init_verify_and_append() calls 2016-01-26 16:38:32 +01:00
Thomas Bernard f1ce2301da shutdown_iptpinhole() frees memory 2016-01-19 10:53:14 +01:00
Thomas Bernard 6f8951d40d find_pinhole() return -2 if not found 2016-01-19 10:52:36 +01:00
Thomas Bernard e252acef88 PCP: check pinhole before adding in CreatePCPMap_FW()
fixes 
2016-01-18 20:16:06 +01:00
vvsvic a8ab2149f4 Remove some bugs in DeletePCPPeer and DeletePCPMap 2016-01-13 13:26:20 +03:00
Chocobo1 e405f78b89 Fix output specifier 2016-01-04 12:13:00 +08:00
Tomofumi Hayashi 3b472b59e0 Fix get_portmappings_in_range() in non-expand case.
In get_portmappings_in_range(), array[] is not updated when
realloc() is not called, hence get_portmappings_in_range() is
always null. This fix changes to fill array[].
2015-03-09 17:33:10 +09:00