Commit Graph

243 Commits

Author SHA1 Message Date
Thomas Bernard 1337158fcf miniupnpd & miniupnpc version 2.0 2016-04-19 23:17:29 +02:00
Thomas Bernard 688b13586c netfilter/iptcrdr.c: do not add MASQUERADE rule if iport==eport
fixes #193
2016-03-08 10:29:47 +01:00
Thomas Bernard ee22350d5f Changelog.txt: Update 2016-02-20 20:13:34 +01:00
Thomas Bernard 0f7747496d update Changelog 2016-02-16 13:16:57 +01:00
Thomas Bernard bdac007771 add update_portmapping() / update_portmapping_desc_timestamp() functions 2016-02-12 15:01:30 +01:00
Thomas Bernard cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard 6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard 0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard 21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard 1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard f77d701489 update changelog and year => 2015
see 1cc3d1a5fa
and 6430805381
2015-12-12 10:38:40 +01:00
Thomas Bernard a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard 58f6626179 add --uda-version to usage help + fix
fixes 9e65fbbded
2015-12-12 09:10:54 +01:00
Thomas Bernard 66dceb5e94 Fix get_src_for_route_to() when args are NULL
fixes #160 ???
2015-11-16 20:32:02 +01:00
Thomas Bernard 372ad64bb5 update Changelog.txt files 2015-11-05 12:04:26 +01:00
Thomas Bernard 146613a493 update Changelog.txt 2015-09-22 12:13:32 +02:00
Thomas Bernard a4b97cf105 use name server from query in SOAP responses
to be finished :)
2015-09-15 00:02:56 +02:00
Thomas Bernard a8f80040c9 Randomize URLs to avoid http://www.filet-o-firewall.com/ 2015-09-14 12:10:15 +02:00
Thomas Bernard f8f5f2eb97 miniupnpd: bind to device using SO_BINDTODEVICE 2015-08-26 09:46:05 +02:00
Thomas Bernard 01eb15af3d Adding linux/nftables support 2015-04-30 10:52:11 +02:00
Thomas Bernard c52657f7fb update Changelog.txt 2015-04-26 16:44:57 +02:00
Thomas Bernard 85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard 6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard 99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard 00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard 98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:02:57 +01:00
Thomas Bernard e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings()
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
2014-12-09 11:01:37 +01:00
Thomas Bernard 7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard 3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard 510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard 350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal
fixes #97
2014-10-23 17:57:31 +02:00
Thomas Bernard 88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard 16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
Thomas Bernard c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard 05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard 0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard 93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard 80713ba39a miniupnpd/Changelog.txt: catch up 2014-04-22 10:53:18 +02:00
Thomas Bernard bbe96a15b6 miniupnpd: adding HTTPS support 2014-04-09 15:35:06 +02:00
Thomas Bernard 08127b85d4 Merge branch 'portinuse'
Conflicts:
	miniupnpd/Makefile.linux
2014-03-28 12:52:18 +01:00
Thomas Bernard ad88cc0819 miniupnpd: start work to enable IPv6 PCP operations 2014-03-24 12:07:31 +01:00
Thomas Bernard 76170e5413 miniupnpd/upnphttp.c: Support for multiple URL in Callback: header (SUBSCRIBE) 2014-03-15 10:52:39 +01:00
Thomas Bernard 19261b6fef reject renewal of subscribtion that already timeouted 2014-03-15 10:51:32 +01:00
Thomas Bernard 06764123fb Merge remote branch 'origin/master' into portinuse
Conflicts:
	miniupnpd/Makefile.linux
	miniupnpd/natpmp.c
2014-03-13 14:19:44 +01:00
Thomas Bernard a7d9071c5a miniupnpd/upnpevents.c: fix upnp_event_notify_connect() when ENABLE_IPV6 is set 2014-03-13 11:56:28 +01:00
Thomas Bernard 62d6c860ce catch up Changelog.txt
see commit 3ed3478398
2014-03-13 11:34:34 +01:00
Thomas Bernard 7b13adafbd miniupnpd: reduce number of global variables by using more runtime_flags
change ipv6_enabled/ipv6fc_inbound_pinhole_allowed/ipv6fc_firewall_enabled
global vars to flags in runtime_flags
2014-03-13 11:34:33 +01:00
Thomas Bernard 15682180a5 miniupnpd: Work in IPv6 on system where PF_INET6 are restricted to IPv6 only 2014-03-13 11:34:08 +01:00
Thomas Bernard 2a48074f45 miniupnpd: Enable PCP by default. 2014-03-13 11:24:04 +01:00
Thomas Bernard ecf414e160 miniupnpd/Changelog.txt: Catch up changes... 2014-03-10 00:12:20 +01:00
Thomas Bernard e385db03b9 miniupnpd: improved permission checking for NAT-PMP
NAT-PMP now searches an allowed eport if the one from
request is not, instead of returning an error
2014-03-07 11:48:17 +01:00
Thomas Bernard b71e0c028f Merge branch 'limit_eport_search' 2014-02-28 13:36:28 +01:00
Thomas Bernard 3c90f6a30d miniupnpd/natpmp.c: avoid hang when all external ports in use
reorganize a bit
2014-02-28 13:34:46 +01:00
Thomas Bernard 8fc7f0b5e1 miniupnpd: log message when shutting down 2014-02-28 13:16:22 +01:00
Thomas Bernard 6dff4263bd miniupnpd/Changelog.txt catch up... 2014-02-28 13:16:06 +01:00
Thomas Bernard ec1686f29f miniupnpd/minissdp: Introduce SSDP_RESPOND_SAME_VERSION
changes something when compiled as IGDv2.
2014-02-25 11:45:51 +01:00
Thomas Bernard 16ea0db411 miniupnpd: Fix PCP Map renewal 2014-02-11 10:41:26 +01:00
Thomas Bernard 18f02dccb3 miniupnpd: possibility to disable ipv6 at runtime
fixes #049
2014-02-06 10:57:39 +01:00
Thomas Bernard b7a4f8d696 minixml.c: now handle XML comments 2014-02-03 11:28:31 +01:00
Thomas Bernard 538c002373 miniupnpd: PCP Add support for ANNOUNCE requests 2014-02-03 10:50:29 +01:00
Thomas BERNARD fa87b3aff7 miniupnpd: attempt to compile for OS X/pf 2013-12-16 13:03:54 +01:00
Thomas Bernard 278f6b5e45 update Changelog.txt :) 2013-12-13 16:57:07 +01:00
Thomas Bernard 9b72af6f36 Merge branch 'master' into portinuse 2013-12-13 12:29:01 +01:00
Thomas Bernard d19048ef9e miniupnpd: Make all manufacturer info configurable 2013-12-13 12:03:28 +01:00
Thomas Bernard 50ec2fce4a Have distinct UUID for the 3 devices (IGD, WAN Device, WAN Connection Device) 2013-06-13 16:03:36 +02:00
Thomas Bernard 63ece30b87 update upnpreplyparse to allow larger values (128 chars instead of 64)
also add testcase
2013-06-06 23:41:23 +02:00
Thomas Bernard 74c3c18380 miniupnpd/minissdp.c: Don't advertise WANPPPConnection in UPNP_STRICT mode 2013-06-05 11:19:23 +02:00
Thomas Bernard 4077b0069d miniupnpd/upnpsoap: check Service ID in SetDefaultConnectionService method 2013-06-05 11:11:53 +02:00
Thomas Bernard 58827720da Remove namespace from variable name elements in Events "propertyset" to comply with UDAv1.1
See UPNP Device Architecture v1.1, section 4.3.2 :
<variableName>
REQUIRED. Element is name of a state variable that changed (<name> sub element of
<stateVariable> element in service description). MUST NOT be qualified with any namespace. Value
is the new value for this state variable. Case sensitive. Single data type as specified by UPnP service
description.
2013-05-29 23:29:29 +02:00
Thomas Bernard 50cb93be4a miniupnpd/ipf: Adding support for IP Filter version 5.x 2013-05-20 02:14:04 +02:00
Thomas Bernard 51563f038a miniupnpd/upnpsoap.c: refuses non integer <NewPortMappingIndex> values 2013-05-16 12:43:11 +02:00
Thomas Bernard 0f401fe2d5 Update upnpreplyparse.c to take into account "empty" elements 2013-05-14 23:05:08 +02:00
Thomas Bernard 71dcf3565d miniupnpd: Use pkg-config under linux to find libiptc.
Thanks to Olivier Langlois
2013-05-03 11:33:36 +02:00
Thomas Bernard 47390f48a0 miniupnpd: Add warning message when using IPv4 address for listening_ip with IPv6 enabled 2013-04-29 12:22:24 +02:00
Thomas Bernard 333c28a502 miniupnpd/getifaddr.c: Uses ifr_addr if ifr_netmask is not defined in struct ifreq 2013-04-27 17:51:53 +02:00
Thomas Bernard 18887cb1e4 miniupnpd: Correctly handle truncated snprintf() in SSDP code 2013-04-26 17:18:28 +02:00
Thomas Bernard 8432646a76 miniupnpd/genconfig.sh : to avoid build race conditions, use a temporary file 2013-04-24 19:04:00 +02:00
Thomas Bernard e21e724b81 miniupnpd/upnputils.c: use scope in get_lan_for_peer() for IPv6 addresses
see #032
2013-04-20 11:06:17 +02:00
Thomas Bernard 961e1c35d3 miniupnpd: autodetect LAN interface netmask instead of defaulting to /24
Fix #23
2013-03-23 11:50:57 +01:00
Thomas Bernard 01ec54aec3 Update Changelog.txt files 2013-02-11 11:40:01 +01:00
Thomas Bernard 91f34d6c38 Merge branch 'master' into portinuse
Conflicts:
	README
2013-02-07 16:48:16 +01:00
Thomas Bernard bb1e3b75f0 minissdp.c: Refactored SendSSDPNotifies() and SendSSDPGoodbye()
add missing ssdp:alive and ssdp:byebye messages with NT uuid value.
2013-02-07 13:27:09 +01:00
Thomas Bernard ac1d36d872 upnphttp.c: Added Ext: header to HTTP responses to conform to UDA 2013-02-07 11:26:48 +01:00
Thomas Bernard 6ca8ee1dcf minissdp.c: ignore SSDP packets missing the MX: header in UPNP_STRICT mode 2013-02-07 11:00:15 +01:00
Thomas Bernard 39a1d85f7a minissdp.c: Fix SSDP packets sent with uuid as ST: header to conform to UDA 2013-02-07 10:59:31 +01:00
Thomas Bernard 5217fdc090 minissdp.c: Add DATE: header in SSDP packets 2013-02-07 10:56:38 +01:00
Thomas Bernard f2d54a84aa miniupnpd: prepare for version 1.8 2013-02-06 15:20:48 +01:00
Thomas Bernard c7419a5de6 miniupnpd: filter HTTP and SSDP based on source IP
Check source address of incomining HTTP connections and SSDP
packets in order to filter out WAN SSDP and HTTP trafic.
2013-02-06 15:20:04 +01:00
Thomas Bernard 43d3939602 miniupnpd: Implement get_src_for_route_to() for *BSD
Also modify get_src_for_route_to() to return
the network interface index
2013-02-06 15:08:10 +01:00