Commit Graph

748 Commits

Author SHA1 Message Date
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes #193
2016-03-08 10:29:47 +01:00
Thomas Bernard 6532b02cab Fix tomato_load() leaseduration
fixes #192
2016-03-04 19:33:18 +01:00
Thomas Bernard ee22350d5f Changelog.txt: Update 2016-02-20 20:13:34 +01:00
Thomas Bernard 36c4c0ded4 do not use multicast global scope 2016-02-19 14:20:45 +01:00
Thomas Bernard 984a6f144e set IPv6 Hop limit to 10 2016-02-19 14:20:31 +01:00
Thomas Bernard fd82e4c2d9 upnpevents.c: properly enclose IPv6 address in []
in the HOST: header of NOTIFY http requests
2016-02-19 12:38:32 +01:00
Thomas Bernard 19ee0577e3 fix compliance issue on 64bit machines
ui4 values should wrap to 0 after overflowing (2^32 - 1)
2016-02-19 11:59:52 +01:00
Thomas Bernard 0f7747496d update Changelog 2016-02-16 13:16:57 +01:00
Thomas Bernard be733d5f62 more checks on argument value 2016-02-16 12:07:22 +01:00
Thomas Bernard 527dd946ef check invalid values for ExternalPort 2016-02-16 10:58:11 +01:00
Thomas Bernard a712218af8 Second-infinite is deprecated 2016-02-16 10:57:22 +01:00
Thomas Bernard 92e6173a97 with UDA 1.1 content-type should include charset 2016-02-16 10:56:32 +01:00
Thomas Bernard 22f7836816 reorder elements in XML descriptions to follow UDA 1.1 2016-02-16 10:55:48 +01:00
Thomas Bernard 13a6a38241 add configId attribute to <root> element (UDA 1.1) 2016-02-16 10:55:03 +01:00
Thomas Bernard 8c5e90db3a do not delete/re-add pf rule if the desc/label is unchanged 2016-02-15 18:48:23 +01:00
Thomas Bernard 0d6d6afc32 try to support better IPPROTO_UDPLITE :) 2016-02-15 13:36:30 +01:00
Thomas Bernard 34883b7113 use a proto_itoa() function 2016-02-15 13:34:22 +01:00
Thomas Bernard 430dcc7b22 update leasefile 2016-02-12 16:57:22 +01:00
Thomas Bernard 680862915a accept udp in lowercase 2016-02-12 16:55:13 +01:00
Thomas Bernard 7112203428 pf/obsdrdr.c: add_timestamp_entry() 2016-02-12 16:35:46 +01:00
Thomas Bernard 4eda8234c2 reject mappings with wildcard ExternalPort 2016-02-12 15:58:19 +01:00
Thomas Bernard 9c28a0745f remove warning 2016-02-12 15:31:21 +01:00
Thomas Bernard b439bd7791 check uuid-dev / libuuid 2016-02-12 15:29:49 +01:00
Thomas Bernard 68dd51559c minimal support for ipf 2016-02-12 15:13:59 +01:00
Thomas Bernard ff4b9c5d75 netfilter/iptcrdr.c: improve debug output 2016-02-12 15:02:44 +01:00
Thomas Bernard db6f272bba miniupnpd: update some TODO 2016-02-12 15:02:06 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard 34f80a011f Add light version of iptables_display.sh script 2016-02-12 14:56:10 +01:00
Thomas Bernard 8bad6cd338 netfilter/iptcrdr.c: remove old USE_INDEX_FROM_DESC_LIST code 2016-02-12 14:55:09 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard c4f2397d5c upnpevents.c: quick syntax fix... 2016-02-11 11:42:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 19211d20d1 add debug log in remove_unused_rules() 2016-02-11 10:31:49 +01:00
Thomas Bernard cac8668a7d miniupnpd/Makefile: linking uses LDFLAGS, not CFLAGS 2016-02-10 21:37:00 +01:00
Thomas Bernard 42c7bf935c ClearOS specifics 2016-02-10 20:44:46 +01:00
Thomas Bernard 81e0ca10df upnphttp.c: fix when compiling with UPNP_STRICT 2016-02-09 10:17:58 +01:00
Thomas Bernard d23bb8d670 improve config.h comment :) 2016-02-09 10:16:45 +01:00
Thomas Bernard 06049f1e7d add ENABLE_PORT_TRIGGERING macro in config.h
enabled by default. Will allow people to disable the code :)
2016-02-09 10:09:19 +01:00
Thomas Bernard 5f74a08dd6 update README and INSTALL 2016-01-28 23:10:25 +01:00
Thomas Bernard 0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard 3284d113c7 remove ifname arg from addmasqueraderule()
also improve comment and remove useless log :)
2016-01-28 22:16:07 +01:00
Thomas Bernard 40aa39679f improve comments 2016-01-26 19:51:07 +01:00
Thomas Bernard 141e861c3a remove call to addpeernatrule() ... 2016-01-26 18:17:05 +01:00
Thomas Bernard 9059966122 netfilter/iptcrdr.c: improve comments
give which iptables command is equivalent for adding the rule
2016-01-26 18:16:23 +01:00
Thomas Bernard d3635faeed add upnp_nat_postrouting_chain .conf option
fixes #190

MINIUPNPD-PCP-PEER has also been renamed to MINIUPNPD-POSTROUTING
( 1ba4362910 )
2016-01-26 16:59:04 +01:00
Thomas Bernard 1ba4362910 MINIUPNPD-PCP-PEER => MINIUPNPD-POSTROUTING
renamed
miniupnpd_peer_chain = "MINIUPNPD-PCP-PEER"
to
miniupnpd_nat_postrouting_chain = "MINIUPNPD-POSTROUTING";
2016-01-26 16:50:48 +01:00
Thomas Bernard ba91c4ec23 add addmasqueraderule()
see issue #166
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820

iptables -t nat -I POSTROUTING -o <extif> -s <iaddr> -p UDP --sport <iport> -j MASQUERADE --to-ports <eport>
2016-01-26 16:38:32 +01:00
Thomas Bernard f4324d45e5 fix netfilter/Makefile dependencies, fix iptables_display.sh 2016-01-26 16:38:32 +01:00
Thomas Bernard 55cf34a101 fix iptc_init_verify_and_append() calls 2016-01-26 16:38:32 +01:00
Thomas Bernard aa4e0a4549 add netfilter/test_nfct_get 2016-01-26 16:38:31 +01:00
Thomas Bernard 21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard f1ce2301da shutdown_iptpinhole() frees memory 2016-01-19 10:53:14 +01:00
Thomas Bernard 6f8951d40d find_pinhole() return -2 if not found 2016-01-19 10:52:36 +01:00
Thomas Bernard f16b291cfa add pf/BSD files to .gitignore 2016-01-18 22:48:18 +01:00
Thomas Bernard be124b6508 add find_pinhole() to pf/ code also
see #188
2016-01-18 22:46:30 +01:00
Thomas Bernard e252acef88 PCP: check pinhole before adding in CreatePCPMap_FW()
fixes #188
2016-01-18 20:16:06 +01:00
vvsvic a8ab2149f4 Remove some bugs in DeletePCPPeer and DeletePCPMap 2016-01-13 13:26:20 +03:00
Chocobo1 e405f78b89 Fix output specifier 2016-01-04 12:13:00 +08:00
Chocobo1 948b883966 Fix memory leak when realloc fails 2016-01-04 11:51:49 +08:00
Thomas Bernard e076899a37 buffer overflow fix
in MULTIPLE_EXTERNAL_IP code which is not used normally...
2015-12-31 00:41:24 +01:00
Thomas Bernard 58b130116b revert to UPnP/1.1 (UDA v1.1) as default.
see https://github.com/miniupnp/miniupnp/issues/167
fixes #167
2015-12-19 11:52:38 +01:00
Thomas Bernard fb1c29f732 cleanup 2015-12-16 11:26:40 +01:00
Thomas Bernard 1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard 6f89608a2c ExecuteSoapAction() : add namespace to log messages 2015-12-15 12:14:05 +01:00
Thomas Bernard ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard 9d8a988b82 add comments in upnpdescgen.c 2015-12-15 11:17:15 +01:00
Thomas Bernard 0139addbda Merge branch 'desc_test' 2015-12-15 10:57:14 +01:00
Thomas Bernard 9e31ceb630 add --disable-pppconn genconfig.sh option to disable WANPPPConnection
fixes #176
2015-12-13 15:57:49 +01:00
Thomas BERNARD 66b087b9b1 Merge pull request #174 from razzfazz/new_subscriber_uuid_cleanup
use sizeof() instead of hard-coded UUID length in newSubscriber()
2015-12-13 00:32:01 +01:00
Thomas Bernard f076f368bd fix DeviceProtection#GetSupportedProtocols response
add CDATA to escape XML document in response :
ProtocolList content is an XML document that should be escaped
See  section 2.4.3.1 of the DeviceProtection spec
http://upnp.org/specs/gw/UPnP-gw-DeviceProtection-v1-Service.pdf

see PR #178
2015-12-13 00:24:05 +01:00
Thomas Bernard e76dd788c4 Merge remote-tracking branch 'razzfazz/fix_dp_setup_ready_notify'
PR #182
2015-12-12 12:02:36 +01:00
Daniel Becker 04b344b6f8 actually return a value in SetupReady notifications 2015-12-12 02:42:13 -08:00
Daniel Becker db0ef3022e fix parsing of input arguments in SendSetupMessage() 2015-12-12 02:33:30 -08:00
Thomas Bernard f77d701489 update changelog and year => 2015
see 1cc3d1a5fa
and 6430805381
2015-12-12 10:38:40 +01:00
Thomas Bernard a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard 9f32a1de1d add "uname -a" result to config.h 2015-12-12 09:13:05 +01:00
Thomas Bernard 58f6626179 add --uda-version to usage help + fix
fixes 9e65fbbded
2015-12-12 09:10:54 +01:00
Thomas BERNARD 128bbee806 Merge pull request #180 from razzfazz/fix_dp_action_args
fix action arguments for DeviceProtection service (IGDv2)
2015-12-12 08:58:25 +01:00
Thomas Bernard aa34dd2e45 Merge branch 'fix_advertised_versions' 2015-12-12 08:47:32 +01:00
Thomas Bernard e97be7f37f add comments to previous commit 2015-12-12 08:47:06 +01:00
Daniel Becker ce3d66a3ee fix tags for DeviceProtection action responses 2015-12-11 23:36:19 -08:00
Thomas Bernard 2a654e0ef4 Merge remote-tracking branch 'razzfazz/renew_cleanup' 2015-12-12 08:28:48 +01:00
Daniel Becker 0298b66365 fix argument names for DeviceProtection actions 2015-12-11 23:12:11 -08:00
Daniel Becker 7774c24daa add missing parameters for DeviceProtection service actions 2015-12-11 22:56:20 -08:00
Daniel Becker 1cc3d1a5fa advertise correct service and device versions when IGDv2 is enabled 2015-12-11 18:08:18 -08:00
Daniel Becker 6430805381 return SID in renew response 2015-12-11 16:29:32 -08:00
Daniel Becker 5fd754c4e2 use sizeof() instead of hard-coded UUID length in newSubscriber() 2015-12-11 16:21:32 -08:00
Thomas Bernard 0d0728e2d1 name WANIPv6FirewallControl:1 service WANUPv6Firewall1
done according to http://upnp.org/specs/gw/UPnP-gw-InternetGatewayDevice-v2-Device.pdf
2.2 (page 9)
2015-12-11 14:40:13 +01:00
Thomas Bernard 9e65fbbded allow to set UPnP Device architecture version using commandline
--uda-version=x.x
2015-12-11 14:37:59 +01:00
Daniel Becker d89e4aaf70 fix Layer3Forwarding serviceId to be consistent with IGDv2 spec 2015-12-11 02:13:42 -08:00
Thomas Bernard 76a5f9930b Changes to WANIPCn.xml
Add default values for :
RSIPAvailable
NATEnabled
LastConnectionError
ConnectionStatus

follow the Specification regarding ConnectionType / PossibleConnectionTypes
allowed values
2015-12-11 10:57:25 +01:00
Thomas Bernard 24d54ba13a SA_SIZE() is >= sizeof(long) 2015-11-19 12:55:44 +01:00
Thomas Bernard 834a7f5db9 use bash or ksh to execute ./testupnppermissions.sh 2015-11-19 12:54:56 +01:00
Thomas Bernard 3d50adc170 bsd/getroute.c: check message length. Avoid buffer overread 2015-11-18 09:53:58 +01:00
Thomas Bernard 35aae6debb bsd/getroute.c: fix parsing of address with SA_LEN() = 0
at least with OpenBSD 4.3, the minimum is 4 bytes
2015-11-18 09:52:54 +01:00
Daniel Becker e5d30a1f4b explicitly request interface name as well 2015-11-17 17:29:09 -08:00
Daniel Becker eb5f179c9f make get_src_for_route_to() actually return the source address on *BSD 2015-11-17 17:06:05 -08:00
Thomas BERNARD 7d19326ef9 get_src_for_route_to() is tested with Mac OS X 10.4 2015-11-17 11:25:10 +01:00
Thomas Bernard 191940467f define SA_SIZE if needed 2015-11-17 10:55:17 +01:00