NFtables uses the INET table for NAT which combines IPv4 and IPv6.
Older systems might not have this option and use the ip table instead.
This adds a flag to fall back to the ip table style.
Signed-Off-By: Sven Auhagen <sven.auhagen@voleatech.de>
Some reports that a certain app is abusing UPnP for exploiting upload
bandwidth. This commit adds support to restrict UPnP rules to a regex.
By matching requester's description string against rule's regex, this
will make some obstacles for that app.
Right now the table names are hardcoded and do not integrate with an overall
firewall strategy.
NFTables has restrictions on how packets are evaluated against chains.
For example if multiple forward chains are evaluated with different prioity,
all packets that pass the first one will be reevaluated again in the second chain.
To have an overall firewall concept with miniupnpd it is necessary to use existing
tables and hence to configure them in miniupnpd.
Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
This patch adds a lease file for IPv6 pinholes.
The leases are maintained and readded when miniupnpd restarts.
Currently all IPv6 leases are lost on restart.
Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
- manufacturer_name, default is "`uname -s`"
- manufacturer_url, default is URL of OS verndor
- model_name, default is "`uname -s` router"
- model_description, default is "`uname -s` router"
- model_url, default is URL of OS verndor