9fe747894c
Drop log severity level to reduce verbosity
...
Dropping syslog message severity from WARNING to INFO.
Tomato makes this change each update, to reduce verbosity. This change will allow for easier merging of upstream changes back into Tomato.
2015-06-05 22:31:28 -04:00
bc69cece0e
Add client address to syslog message
...
Align with Tomato, to ease merges back downstream.
Adds client address to syslog message, corrects typo "inexpectedly" -> "unexpectedly"
2015-06-05 22:27:20 -04:00
2c8e3c1fc2
Align with active Tomato builds genconfig.sh entry
...
The current active Tomato builds do not incorporate these two lines. Removing to ease merging upstream changes.
Toastman:
http://repo.or.cz/w/tomato.git/blob/refs/heads/Toastman-RT-N:/release/src/router/miniupnpd/genconfig.sh#l249
Shibby:
f799186a9d/release/src-rt-6.x.4708/router/miniupnpd/genconfig.sh
2015-06-05 22:14:47 -04:00
a43beeccf1
fix minor typo
2015-05-27 15:31:49 +02:00
01eb15af3d
Adding linux/nftables support
2015-04-30 10:52:11 +02:00
42a5e2ae22
Merge remote-tracking branch 's1061123/nft_support' into nft_support
...
Conflicts:
miniupnpd/Makefile.linux_nft
miniupnpd/netfilter_nft/README.md
miniupnpd/netfilter_nft/nftnlrdr.c
miniupnpd/netfilter_nft/nftnlrdr_misc.c
2015-04-30 10:49:11 +02:00
8fedfdc4ae
Fix compiler warning.
2015-04-28 17:23:09 +09:00
a39365279c
Fix d_printf() compile error.
2015-04-28 17:22:46 +09:00
af3ac20395
Change printf to d_printf (only valid in case of -DDEBUG)
2015-04-28 17:13:09 +09:00
79d4028a93
Change message.
2015-04-28 17:13:08 +09:00
7948b7d754
Fix SEGV issue (due to invalid memory alloc case).
2015-04-28 17:13:08 +09:00
101c443192
Update README.md
...
Fix format.
2015-04-28 17:13:08 +09:00
73f02afca9
Remove .travis.yml and rename README.md
2015-04-28 17:13:08 +09:00
e167cc1675
Move travisCI to top.
2015-04-28 17:13:07 +09:00
1e97b408f1
First commit for travisCI.
2015-04-28 17:13:07 +09:00
cc0a6eecbb
Add libmnl flags in Makefile.linux_nft.
2015-04-28 17:13:07 +09:00
050845156a
Fix to remove rule with correct handle.
2015-04-28 17:13:07 +09:00
9e10d91347
Skip to parse rules not in miniupnpd chain.
2015-04-28 17:13:07 +09:00
e54c5ff773
Fix to get NAT port as uint16_t.
2015-04-28 17:13:07 +09:00
26a5c9a3aa
In case of remove filter, just remove one rule.
2015-04-28 17:13:07 +09:00
c2af2650d9
Add expr_set_reg_val_u16 for network port num.
2015-04-28 17:13:07 +09:00
7f57e686d0
Fix NAT issue (cannot snat/dnat actually).
...
Port number endian is failed.
2015-04-28 17:13:06 +09:00
01ecb49d0e
Add egress if index val and rename ifidx to ingress_ifidx.
2015-04-28 17:13:06 +09:00
ad1e380d10
Changes init script (only add chains).
2015-04-28 17:13:06 +09:00
12f6bdb274
Fix init script.
2015-04-28 17:13:06 +09:00
55fba2b6c4
Add README.
2015-04-28 17:13:06 +09:00
b2b6f025fb
Initial commit to support nftables.
2015-04-28 17:13:06 +09:00
2a08805783
minissdp.c: Dont try to close sockets with fd=-1
...
fixes #112
2015-04-28 09:08:35 +02:00
c52657f7fb
update Changelog.txt
2015-04-26 16:44:57 +02:00
a224264194
Merge remote-tracking branch 'Chocobo1/typo'
2015-04-26 16:29:08 +02:00
940909890e
remove dependency on libnfnetlink
...
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
2015-04-26 16:18:39 +02:00
f8c122034c
remove dependency on libnfnetlink
...
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
2015-04-26 16:15:41 +02:00
3fcd2b5117
miniupnpd.conf: Fix typos, capitalize each sentence.
2015-04-25 16:10:15 +08:00
60db6230ab
minor README edit
2015-04-24 23:02:38 +02:00
0df3555a8c
Update README.md
...
Fix format.
2015-04-24 16:57:40 +09:00
c70e3a4637
Remove .travis.yml and rename README.md
2015-04-24 16:54:23 +09:00
8cd268dd9d
Move travisCI to top.
2015-03-18 15:56:42 +09:00
4199ce46ca
First commit for travisCI.
2015-03-18 15:52:22 +09:00
40871bb4cc
Add libmnl flags in Makefile.linux_nft.
2015-03-18 15:27:57 +09:00
c6ebb70f35
Fix to remove rule with correct handle.
2015-03-16 19:58:02 +09:00
841b2fb1f3
Skip to parse rules not in miniupnpd chain.
2015-03-16 19:39:06 +09:00
af780b8255
Fix to get NAT port as uint16_t.
2015-03-16 19:38:28 +09:00
d2bc556733
In case of remove filter, just remove one rule.
2015-03-16 19:35:23 +09:00
939b3262c3
Add expr_set_reg_val_u16 for network port num.
2015-03-16 18:02:07 +09:00
75fd37e958
Fix NAT issue (cannot snat/dnat actually).
...
Port number endian is failed.
2015-03-16 17:29:20 +09:00
c19b87ee07
Add egress if index val and rename ifidx to ingress_ifidx.
2015-03-16 17:28:03 +09:00
3e635dbe17
Changes init script (only add chains).
2015-03-16 17:24:31 +09:00
f7288efb5e
Fix init script.
2015-03-12 15:17:33 +09:00
7065b0040f
Add README.
2015-03-11 22:18:26 +09:00
dcf218c452
Initial commit to support nftables.
2015-03-11 21:10:25 +09:00
b137df30d9
Merge remote-tracking branch 's1061123/fix_range1'
2015-03-09 10:59:49 +01:00
3b472b59e0
Fix get_portmappings_in_range() in non-expand case.
...
In get_portmappings_in_range(), array[] is not updated when
realloc() is not called, hence get_portmappings_in_range() is
always null. This fix changes to fill array[].
2015-03-09 17:33:10 +09:00
85841abd5f
miniupnpd/Changelog.txt: eb72ab5330
2015-03-07 16:57:40 +01:00
eb72ab5330
miniupnpd.c: don't die when IPv6 is enabled and interface has no IPv4 address
2015-02-20 18:31:55 +01:00
e896e298f3
miniupnpd: remove warnings
2015-02-16 22:41:40 +01:00
e13525c3e7
miniupnpd: UPnP/1.1 => UPnP/2.0
2015-02-16 11:23:05 +01:00
d5ccd5e86e
Merge pull request #101 from pyzhu/master
...
avoid compile warning
2015-02-11 23:33:47 +01:00
6e5d8ce954
miniupnpd: Allow wildcard (empty string) remote host for AddPinhole()
2015-02-10 16:04:10 +01:00
5df35db6ab
fix c7d7efd230
2015-02-08 10:46:13 +01:00
7c1a04ab30
upnpsoap.c: 2014 => 2015
2015-02-08 10:23:54 +01:00
c7d7efd230
fix realloc failure issues detected thanks to cppcheck
2015-02-08 10:23:22 +01:00
241ede9ddf
miniupnpd: improve (some) logs
2015-01-20 14:13:18 +01:00
f795af5f54
2014 => 2015
2015-01-20 14:12:10 +01:00
bbb6df523d
miniupnpd/natpmp.c: #if IPV6_PKTINFO => #ifdef IPV6_PKTINFO
2014-12-31 01:38:15 +01:00
c336b23706
miniupnpd/upnpglobalvars.c: documentation about CONFIGID.UPNP.ORG
2014-12-15 12:02:42 +01:00
c4b167537f
miniupnpd/Makefile.linux: fix clean (testporinuse.o)
2014-12-15 11:59:17 +01:00
22bc695f91
remove unused bsdqueue.h
2014-12-15 11:58:57 +01:00
2d89a05982
miniupnpd/miniupnpd.c: minor fixes in usage output
2014-12-10 10:44:32 +01:00
99a1bafc1f
miniupnpd: use time for BOOTID.UPNP.ORG value
2014-12-10 10:41:10 +01:00
00d878eba3
miniupnpd: configurable BOOTID.UPNP.ORG SSDP header
2014-12-10 10:40:41 +01:00
2d52890608
miniupnpd/upnpglobalvars.c: document BOOTID.UPNP.ORG and CONFIGID.UPNP.ORG
2014-12-10 10:03:13 +01:00
e283270274
miniupnpd/pf/pfpinhole.c: reduce log verbosity
...
also remove a "argument not used" warning
2014-12-10 09:46:57 +01:00
e013870cca
miniupnpd/upnpsoap.c: remove an unneeded \n in log
2014-12-09 18:32:31 +01:00
181850ad1f
miniupnpd/upnphttp.c: check ':' in HTTP header names
2014-12-09 18:28:23 +01:00
98cc73a372
miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack
2014-12-09 17:49:02 +01:00
31986d8190
miniupnpd/upnphttp.c: fix 526e1dcd40
2014-12-09 17:48:14 +01:00
9e30117cac
miniupnpd/upnphttp.c: fix ec94c5663f
...
thanks to Stephen Röttger
2014-12-09 11:44:28 +01:00
526e1dcd40
miniupnpd/upnphttp.c: skip only spaces and tab (stop on CR and LF)
2014-12-09 11:38:50 +01:00
064c78730c
miniupnpd/upnphttp.c: cosmetical changes
2014-12-09 11:04:38 +01:00
ec94c5663f
miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory
2014-12-09 11:04:15 +01:00
dd39ecaa93
miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
...
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
e6bc04aa06
miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
...
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
7c91c4e933
miniupnpd/upnpredirect.c: check inet_aton() return
2014-12-09 10:53:52 +01:00
d00b75782e
miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return
2014-12-09 10:52:26 +01:00
3b71766493
miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX
2014-12-04 11:23:56 +01:00
c14788a13a
miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction
2014-11-28 14:29:24 +01:00
33a5ebf367
miniupnpd/upnpsoap.c: make WANAccessType easier to configure
2014-11-27 13:25:45 +01:00
eef94da7e0
miniupnpd/upnpreplyparse.c: fix DisplayNameValueList()
2014-11-12 17:05:15 +01:00
bfab1e2094
miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses
2014-11-07 12:54:33 +01:00
27d4d10a3e
miniupnpd/miniupnpd.c: fix PCP third party mode (in IPv4)
...
fixes problem introduced in commit 16389fda3c
2014-10-30 20:37:35 +01:00
50f7611227
miniupnpd/TODO: updated TODO (a bit)
2014-10-30 20:35:36 +01:00
510bff06ba
miniupnpd: VERSION 1.9
2014-10-27 17:39:28 +01:00
067aa01856
miniupnpd/pcpserver.c: remove unused argument warning
2014-10-27 17:39:01 +01:00
a80c87fb8d
remove need of sys/queue.h or bsdqueue.h in upnpreplyparse.c/.h
2014-10-27 17:38:26 +01:00
fb1aba3c9a
miniupnpd/natpmp.c: fix walktrough of mapping "list" for NATPMP removal
2014-10-23 18:00:24 +02:00
350ca199c4
miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
...
fixes #97
2014-10-23 17:57:31 +02:00
8baf8d351a
miniupnpd/minissdp.c: Remove warning (caused by double const)
2014-10-22 13:57:24 +02:00
88b6386f55
miniupnpd/Changelog.txt: catch up (mcast_ssdp)
2014-10-22 13:41:35 +02:00
447bad32c9
miniupnpd/minissdp.c: Add documentation to SSDPNotify* functions
2014-10-22 12:11:34 +02:00
aef2c0a3b4
miniupnpd/minissdp.c: fix 50e370abcd
...
while() => for() / reindent/etc
2014-10-22 12:10:30 +02:00
ac816e91f9
Merge branch 'master' into mcast_ssdp
2014-10-22 11:47:46 +02:00
9194b02071
miniupnpd/minissdp.c: comments about binding "notify" sockets
...
Explain why bind() is called in functions
OpenAndConfSSDPNotifySocket and OpenAndConfSSDPNotifySocketIPV6
2014-10-22 11:43:42 +02:00
e810903443
miniupnpd/upnputils.c: do something in case inet_ntop() fails
2014-10-22 11:14:48 +02:00
bedbf88fc6
miniupnpd/upnputils.c: compile some debug output only when needed
2014-10-22 11:13:48 +02:00
16389fda3c
miniupnpd: Discard NAT-PMP packets coming from the WAN
2014-10-22 10:54:07 +02:00
f183e2b436
miniupnpd/Changelog.txt: catch up
2014-10-22 10:53:30 +02:00
4cbcdc34d2
UPNP pinholing: add missing sys/types.h include
...
sys/types.h is necessary to declare u_int64_t for some c libraries, so include it.
Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 15:54:02 +02:00
47b77fabb6
Remove unnecessary sysctl.h include for linux
...
miniupnpd on Linux unnecessarily includes sys/sysctl.h which breaks builds with musl-libc.
Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-10-21 10:56:34 +02:00
82604ec5d0
miniupnpd/miniupnpd.conf: add comments regarding security
...
comment values, to force people to configure themselves
2014-10-13 18:03:53 +02:00
17dabcc708
Use -f with gzip, to prevent interactive promots when running make install multiple times.
2014-10-08 14:24:01 +03:00
97c001d464
add use(less ?)ful comments
2014-10-06 14:44:45 +02:00
55c959247b
miniupnpd/minissdp.c: remove warning if ipv6 is disabled
2014-10-06 14:44:23 +02:00
c79c17115c
miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode
2014-09-25 11:47:16 +02:00
9885060d5c
miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3
...
see commit 7f6cf3680e
2014-09-15 17:12:31 +02:00
7f6cf3680e
Use BSD libc API to fetch data about interface statistics instead
...
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.
This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.
Tested by: Daniel Engberg <daniel.engberg.lists pyret.net>
2014-09-14 13:41:49 +04:00
05cc5daf14
update Changelog.txt files
2014-09-06 10:37:08 +02:00
1961868cd5
miniupnpd/minissdp.c: add a default delay before SSDP response
...
fixes #084
2014-08-01 12:30:55 +02:00
ef408d0857
Fix typo in byte conversion & writing in NAT-PMP
...
This fixes https://github.com/miniupnp/miniupnp/issues/89 .
Signed-off-by: Steven Barth <cyrus@openwrt.org>
2014-07-31 08:43:48 +02:00
dcf658c55e
miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD
2014-06-20 23:23:16 -07:00
78d32ba012
Merge remote branch 'mikedld/remove-macosx-macro'
2014-06-16 10:54:03 +02:00
c08833f9e8
Use _WIN32 instead of WIN32 to check for Windows
...
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
2014-06-15 09:37:13 +03:00
920845b107
Use built-in __APPLE__ macro instead of MACOSX
...
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
2014-06-15 04:14:43 +03:00
5aaac2c6f5
miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port.
2014-06-02 19:39:06 +03:00
3eb71223b4
For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh)
2014-05-29 17:56:48 +03:00
50e370abcd
miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses
2014-05-23 17:05:15 +02:00
4069d9633c
miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket
2014-05-23 17:03:56 +02:00
6bf84dc834
miniupnpd/minissdp.c: clean SendSSDPbyebye()
2014-05-23 12:07:39 +02:00
c4c2f79c12
miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces
2014-05-22 10:22:04 +02:00
00fbdb70cf
miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface
2014-05-22 10:17:06 +02:00
165aeef129
miniupnpd/minissdp.c: clean SendSSDPNotify() code
2014-05-22 10:12:26 +02:00
0d32445f57
miniupnpd/Changelog.txt: catch up :)
2014-05-22 09:57:59 +02:00
d916ce286a
miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names
2014-05-22 09:42:05 +02:00
72463253dc
miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT
2014-05-22 01:38:18 +02:00
9f78015a5b
miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
...
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
c038146cee
Added ipv6_listening_ip option to override it from in6addr_any.
...
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
93d7bb6ae2
miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO)
2014-05-19 16:27:55 +02:00
d851ad4c25
miniupnpd: Retreive PCP packed IPV6 destination address
2014-05-19 15:27:34 +02:00
83c103bc3f
Internal address check is mandatory even if third party option is set.
2014-05-19 13:23:21 +03:00
b9c20cecab
miniupnpd/pf/pfpinhole.c: use label to store pinhole description
2014-05-15 23:27:51 +02:00
7154d30adc
miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable
2014-05-15 12:29:10 +02:00
653bc79292
miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info()
2014-05-15 12:11:42 +02:00
c8ec092693
Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use).
2014-05-15 12:04:03 +02:00
6b3ff0242d
Made failed pinhole request actually fail in terms of return value too.
2014-05-15 12:03:18 +02:00
924b6d1613
Checking lan only in non-thirdparty mode.
2014-05-15 12:02:46 +02:00
28b3afbb8f
Added TODO about IPv6 permission handling.
2014-05-15 12:02:12 +02:00
3a457092ce
Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
...
+ fixes
2014-05-15 12:01:22 +02:00
be6db5995d
miniupnpd: work in progress on PCP pinhole support
2014-05-15 11:58:17 +02:00
7c7407099e
Added Linux get_pinhole_uid_by_index.
2014-05-15 11:45:37 +02:00
e907d7bba6
miniupnpd: Some initial effort at actually adding pinhole support to PCP code.
2014-05-15 11:45:33 +02:00
c000a00508
Fixed PEER supporting PCP to compile too.
2014-05-15 11:29:01 +02:00
edrikk
Thomas Bernard
Tomofumi Hayashi
Chocobo1
sbyx
Markus Stenberg
Gleb Smirnoff
Daniel Becker
Mike Gelfand