Commit Graph

2272 Commits

Author SHA1 Message Date
Thomas Bernard ef5a1e1abc
testnftnlrdr.c: comments + debug output 2024-03-13 00:14:27 +01:00
Thomas Bernard 1bde68cc9e
nftpinhole.c: fix get_pinhole_info() to return the description
see #663
2024-03-13 00:14:27 +01:00
Thomas Bernard 358f430924
nftpinhole.c: update_pinhole() uses strchr() instead of strsep 2024-03-13 00:14:27 +01:00
Thomas Bernard c3f1a2cb30
always nul terminate string after strncpy()
see #663
2024-03-13 00:14:27 +01:00
Thomas Bernard 215091b546
nftpinhole.c: fix get_pinhole_info() and log inet_ntop() errors 2024-03-13 00:14:26 +01:00
Thomas Bernard 90fb7801eb
netfilter_nft: rule_t: have src/dst/nat addresses and ports
instead of guessing if it is remote host / external or internal address...
2024-03-13 00:14:20 +01:00
Thomas Bernard 25206a7a3f
testnftpinhole: call init_redirect() / shutdown_redirect() 2024-03-13 00:12:52 +01:00
Thomas Bernard b3b5dd16d2
more tests in testnftpinhole.c 2024-03-13 00:12:52 +01:00
Thomas Bernard 80d628fa59
netfilter_nft: improve testnftpinhole.c to test find_pinhole() 2024-03-13 00:12:51 +01:00
Thomas Bernard 2e7bfb1e31
netfilter_nft: change debug output for add_pinhole() 2024-03-13 00:12:51 +01:00
Thomas Bernard e2be9e1571
add comments to rule_set_filter6() and rule_set_filter_common() 2024-03-13 00:12:51 +01:00
Thomas Bernard 4c68985304
netfilter_nft/nftnlrdr_misc.c: comments and warning in parse_rule_payload() 2024-03-13 00:12:51 +01:00
Thomas Bernard 424f5c259f
fix find_pinhole()
see #663
2024-03-13 00:12:51 +01:00
Thomas Bernard 025f0f502b
NFT: check inet_pton() errors in find_pinhole() 2024-03-13 00:12:50 +01:00
Thomas Bernard 4dda6d8820
update (c) lines 2024-03-12 00:37:21 +01:00
Thomas Bernard 0648118563
build for python 3.11 as well 2024-03-06 00:37:10 +01:00
Thomas Bernard e086a24c88
Do not upload .egg to PyPI anymore
https://blog.pypi.org/posts/2023-06-26-deprecate-egg-uploads/
2024-03-05 22:53:36 +01:00
Thomas Bernard 9292d251ac
Changelog for https://github.com/miniupnp/miniupnp/pull/711
NFTables: add upnp_nftables_family_split option to use NFPROTO_IPV4/IPV6
instead of the generic NFPROTO_INET

thank you @svenauhagen
2024-03-05 22:52:20 +01:00
Thomas Bernard ba68624f55
Merge remote-tracking branch 'svenauhagen/feature/nftablesinit'
fixes #710

https://github.com/miniupnp/miniupnp/issues/710
https://github.com/miniupnp/miniupnp/pull/711
2024-03-05 00:33:12 +01:00
Sven Auhagen 2c9a645b10 NFTables: Add backwards compatibility for IPv4 NAT
NFtables uses the INET table for NAT which combines IPv4 and IPv6.
Older systems might not have this option and use the ip table instead.

This adds a flag to fall back to the ip table style.

Signed-Off-By: Sven Auhagen <sven.auhagen@voleatech.de>
2024-03-04 06:18:41 +01:00
Thomas Bernard cd7cbb59a3
miniupnpd version 2.3.5 2024-03-02 12:09:11 +01:00
Thomas Bernard 65a6cdb92e
miniupnpd: add miniupnpd version in XML descriptions
closes #709
2024-03-02 11:51:52 +01:00
Thomas Bernard 55e650b125
fix IGDv2 WANIPConnection XML service description for AddAnyPortMapping
out argument is NewReservedPort, not NewExternalPort.

Changelog + check precisely lenth of 12
2024-02-25 01:40:25 +01:00
Thomas Bernard f79e20d17d
miniupnpd: fix IGDv2 WANIPConnection XML service description
was :

<argument>
  <name>NewExternalPort</name>
  <direction>out</direction>
  <relatedStateVariable>ExternalPort</relatedStateVariable>
</argument>

Should be:

<argument>
  <name>NewReservedPort</name>
  <direction>out</direction>
  <relatedStateVariable>ExternalPort</relatedStateVariable>
</argument>

ExternalPort is 12 characters long !
fixes #708
2024-02-25 01:29:54 +01:00
Thomas Bernard 417ddcc3d3
miniupnpcstrings.h.cmake: use PROJECT_VERSION
that change was forgotten in ac5e908881

fixes #704
2024-02-03 12:10:26 +01:00
Thomas Bernard 420bd685cf make it more clear that clean_ruleset_interval=0 disables the check
see #699
2024-01-31 05:24:57 +01:00
Thomas Bernard 1a49233fe7
fix typo 2024-01-27 00:35:56 +01:00
Thomas Bernard 85c95a463b
upnpc.c: move usage printing to a specific function
to stderr when there is an argument error.
to stdout with --help/-h
2024-01-27 00:35:03 +01:00
Thomas BERNARD c42892f387
Merge pull request #690 from Self-Hosting-Group/upnpc_fix_and_complete_check_of_the_number_of_options_required
upnpc: Fix and complete check of the number of options required
2024-01-26 01:41:25 +01:00
Thomas Bernard 0306f6974b
configure: reformat --help 2024-01-26 01:30:16 +01:00
Thomas Bernard 3c02d79b40 configure: DeviceProtection service implementation is incomplete 2024-01-26 01:24:15 +01:00
Thomas Bernard 2355c108db
configure: Fix Caps/spaces... 2024-01-26 01:23:21 +01:00
Thomas BERNARD 3195ca7a71
Merge pull request #701 from Self-Hosting-Group/miniupnpc_exit_with_1_if_no_upnp_devices_found_with_upnp-listdevices
miniupnpc: Exit with 1 if no UPnP devices found with upnp-listdevices
2024-01-22 01:18:19 +01:00
Self-Hosting-Group b44ab26b28 upnpc: Fix and complete check of the number of options required 2024-01-21 21:16:01 +01:00
Self-Hosting-Group 39543ed3ca miniupnpc: Exit with 1 if no UPnP devices found with upnp-listdevices 2024-01-21 21:10:59 +01:00
Thomas Bernard 4b0ff229d8
default to /etc/miniupnpd/miniupnpd.conf under linux
it is still /etc/miniupnpd.conf under BSD.

closes #695
2024-01-17 00:49:32 +01:00
Thomas Bernard 604ca0b82a Changelog.txt: update (2024/01/15) 2024-01-15 01:02:08 +01:00
Thomas Bernard bbe7d1355e minissdp.c: 2024 2024-01-15 01:01:16 +01:00
Thomas Bernard b8d9f66890 miniupnpd.c: 2024 2024-01-15 00:59:33 +01:00
Thomas Bernard 8f53b12f81 upnphttp.c: 2024 2024-01-15 00:54:13 +01:00
Thomas Bernard bfd51459fe pfpinhole.c: 2024 2024-01-15 00:50:55 +01:00
Thomas Bernard b334253fa6
setup*.py: 2024 2024-01-15 00:30:01 +01:00
Thomas Bernard 53d4cdd2da
CACHE-CONTROL: max-age=1800 in M-SEARCH response
to be compliant with UPnP UDA 1.0, 1.1 and 2.0

fixes #698

UDA 1.0 1.2.3 Discovery: Search: Response (p21) :
CACHE-CONTROL
Required. Must have max-age directive that specifies number of seconds
the advertisement is valid. After this duration, control points should
assume the device (or service) is no longer available. Should be greater
than or equal to 1800 seconds (30 minutes), although exceptions are defined
in the text above. Specified by UPnP vendor. Integer.

UDA 1.1 1.3.3 Search response (p34) :
CACHE-CONTROL
REQUIRED. Field value MUST have the max-age directive (“max-age=”) followed
by an integer that specifies the number of seconds the advertisement
is valid. After this duration, control points SHOULD assume the device
(or service) is no longer available; as long as a control point has
received at least one advertisement that is still valid from a root
device, any of its embedded devices or any of its services, then the
control point can assume that all are available. The number of seconds
SHOULD be greater than or equal to 1800 seconds (30 minutes), although
exceptions are defined in the text above. Specified by UPnP vendor.
Other directives MUST NOT be sent and MUST be ignored when received.

UDA 2.0 1.3.3 Search response (p40) :
CACHE-CONTROL
Required. Field value shall have the max-age directive (“max-age=”) followed
by an integer that specifies the number of seconds the advertisement
is valid. After this duration, control points should assume the device
(or service) is no longer available; as long as a control point has
received at least one advertisement that is still valid from a root
device, any of its embedded devices or any of its services, then the
control point can assume that all are available. The number of seconds
should be greater than or equal to 1800 seconds (30 minutes), although
exceptions are defined in the text above. Specified by UPnP vendor.
Other directives shall not be sent and shall be ignored when received.
2024-01-15 00:15:32 +01:00
Thomas BERNARD ac693ff933
Merge pull request #691 from Self-Hosting-Group/upnpc_show_hint_to_use_ipv6_(option_-6)_for_pinhole_commands
upnpc: Show hint to use IPv6 (option -6) for pinhole commands
2024-01-14 23:03:33 +01:00
Thomas Bernard 468b12dd43 Merge remote-tracking branch 'self-hosting-group/miniupnpc_fix_upnp_uda_1.1_content-type_charset_compliance'
see #688
2024-01-14 22:54:39 +01:00
Self-Hosting-Group 30baf316b4
miniupnpd: Fix UPnP UDA 1.1 subscribe timeout compliance
SHOULD be greater than or equal to 1800 seconds (30 minutes).
http://upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf
4.1.2 p91.

see https://github.com/miniupnp/miniupnp/pull/686
2024-01-14 17:49:50 +01:00
Self-Hosting-Group e165af32ae upnpc: Show hint to use IPv6 (option -6) for pinhole commands
Control points that have not been authenticated and authorized as defined in IGDv2 SHOULD use their IPv6 GUA when calling this action.
http://upnp.org/specs/gw/UPnP-gw-WANIPv6FirewallControl-v1-Service.pdf
2024-01-13 10:10:13 +01:00
Self-Hosting-Group 4fbe3ce431 miniupnpc: Fix UPnP UDA 1.1 content-type charset compliance
and user-agent also in asynchronous sample code. The commits a6aa371166 and b557fdf4db were incomplete.

Field value MUST be "text/xml; charset="utf-8"".
Field value MUST be "text/xml; charset="utf-8"" for description documents.
https://openconnectivity.org/upnp-specs/UPnP-arch-DeviceArchitecture-v1.1.pdf
2024-01-08 20:32:51 +01:00
Thomas Bernard e98515ac5e
miniupnpd.conf: document pcp_allow_thirdparty option
this option was introduced by c801138c63

fixes #679
2024-01-08 00:27:00 +01:00
Thomas Bernard aefebb18cb
miniupnpd.c: fix enforcing min_lifetime minimum of 120secs 2024-01-08 00:24:07 +01:00