Thomas BERNARD
f841aa9e56
Merge pull request #75 from fingon/fix-linux3.10-ipv6-pinhole
...
netfilter: Linux 3.10(?) IPv6 firewall pinhole fix
2014-05-30 13:05:06 +02:00
Markus Stenberg
3eb71223b4
For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh)
2014-05-29 17:56:48 +03:00
Thomas Bernard
6bf84dc834
miniupnpd/minissdp.c: clean SendSSDPbyebye()
2014-05-23 12:07:39 +02:00
Thomas Bernard
c4c2f79c12
miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces
2014-05-22 10:22:04 +02:00
Thomas Bernard
00fbdb70cf
miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface
2014-05-22 10:17:06 +02:00
Thomas Bernard
165aeef129
miniupnpd/minissdp.c: clean SendSSDPNotify() code
2014-05-22 10:12:26 +02:00
Thomas Bernard
0d32445f57
miniupnpd/Changelog.txt: catch up :)
2014-05-22 09:57:59 +02:00
Thomas Bernard
d916ce286a
miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names
2014-05-22 09:42:05 +02:00
Thomas Bernard
72463253dc
miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT
2014-05-22 01:38:18 +02:00
Thomas Bernard
9f78015a5b
miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C
...
Add comments about also sending the NOTIFY to this address
2014-05-22 01:12:06 +02:00
Thomas BERNARD
a2effc1535
Merge pull request #74 from fingon/ipv6-listening-ip
...
Added ipv6_listening_ip option to override it from in6addr_any.
2014-05-20 15:09:51 +02:00
Markus Stenberg
c038146cee
Added ipv6_listening_ip option to override it from in6addr_any.
...
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Thomas Bernard
1213033912
=> 2014
2014-05-20 00:25:35 +02:00
Thomas Bernard
126bf58d23
miniupnpc: add more info to python packages
2014-05-20 00:24:59 +02:00
Thomas Bernard
93d7bb6ae2
miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO)
2014-05-19 16:27:55 +02:00
Thomas Bernard
d851ad4c25
miniupnpd: Retreive PCP packed IPV6 destination address
2014-05-19 15:27:34 +02:00
Thomas BERNARD
5f288bf804
Merge pull request #73 from fingon/pcp-int-check-mandatory-always
...
Internal address check is mandatory even if third party option is set.
2014-05-19 12:28:29 +02:00
Markus Stenberg
83c103bc3f
Internal address check is mandatory even if third party option is set.
2014-05-19 13:23:21 +03:00
Thomas Bernard
b9c20cecab
miniupnpd/pf/pfpinhole.c: use label to store pinhole description
2014-05-15 23:27:51 +02:00
Thomas Bernard
7154d30adc
miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable
2014-05-15 12:29:10 +02:00
Thomas Bernard
653bc79292
miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info()
2014-05-15 12:11:42 +02:00
Markus Stenberg
c8ec092693
Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use).
2014-05-15 12:04:03 +02:00
Markus Stenberg
6b3ff0242d
Made failed pinhole request actually fail in terms of return value too.
2014-05-15 12:03:18 +02:00
Markus Stenberg
924b6d1613
Checking lan only in non-thirdparty mode.
2014-05-15 12:02:46 +02:00
Markus Stenberg
28b3afbb8f
Added TODO about IPv6 permission handling.
2014-05-15 12:02:12 +02:00
Markus Stenberg
3a457092ce
Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying.
...
+ fixes
2014-05-15 12:01:22 +02:00
Markus Stenberg
be6db5995d
miniupnpd: work in progress on PCP pinhole support
2014-05-15 11:58:17 +02:00
Markus Stenberg
7c7407099e
Added Linux get_pinhole_uid_by_index.
2014-05-15 11:45:37 +02:00
Markus Stenberg
e907d7bba6
miniupnpd: Some initial effort at actually adding pinhole support to PCP code.
2014-05-15 11:45:33 +02:00
Markus Stenberg
c000a00508
Fixed PEER supporting PCP to compile too.
2014-05-15 11:29:01 +02:00
Markus Stenberg
3e03562b77
miniupnpd: Added ENABLE_UPNPPINHOLE macro
...
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
2014-05-15 11:26:54 +02:00
Thomas Bernard
ba97c9b238
miniupnpd/pcpserver.c: fix ProcessPCPRequest()
...
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
2014-05-15 10:57:10 +02:00
Markus Stenberg
3f9000db76
Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay.
2014-05-15 10:51:00 +02:00
Thomas Bernard
de96dd47d5
update Changelog.txt files
2014-05-15 10:42:08 +02:00
Thomas Bernard
4dbbf34032
miniupnpd/upnpsoap.c: improve ExecuteSoapAction()
...
improve commit 20f1e070a1
2014-05-15 10:35:27 +02:00
Thomas BERNARD
8fa9446d65
Merge pull request #71 from arr2036/master
...
Add support for IGD2 AddAnyPortMapping DeletePortMappingRange
2014-05-15 10:32:17 +02:00
Arran Cudbard-Bell
f27dd45973
Return 730 error where appropriate, and output helpful debug
2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
20f1e070a1
Don't call deletePortMapping method for deletePortMappingRange
...
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
0490d16221
Don't print garbage values on failure
2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
b9362f32a7
Add support for IGD2 AddAnyPortMapping and DeletePortMappingRange
...
Added python bindings for both AddAnyPortMapping and DeletePortMappingRange
2014-05-13 21:50:07 +01:00
Arran Cudbard-Bell
be9584d156
Fix formatting in areas the next commit will touch
2014-05-13 21:49:51 +01:00
Thomas Bernard
5724b6b8b5
add Markus Stenberg
2014-05-06 15:17:15 +02:00
Thomas Bernard
98109ea92e
miniupnpd/getifaddr.c: fix when IPV6 is not enabled
2014-05-06 15:15:07 +02:00
Markus Stenberg
338a533a09
miniupnpd/pcpserver.c: Preliminary work for PCP fw control
...
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
2014-05-06 15:12:42 +02:00
Markus Stenberg
d058fd3f36
miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used.
...
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
2014-05-06 13:30:04 +02:00
Markus Stenberg
5e5a9d39eb
Added missing check for int_ip.
2014-05-06 13:27:42 +02:00
Markus Stenberg
2f5c3ce959
miniupnpd/pcpserver.c: Some IPv6 related work on PCP.
2014-05-06 13:26:06 +02:00
Thomas Bernard
0e49fe7e94
miniupnpd: change "allow_thirdparty" PCP option to a bit flag
2014-05-06 13:15:24 +02:00
Markus Stenberg
c801138c63
Added PCP third party option and made it's use an option.
2014-05-06 13:10:09 +02:00
Thomas Bernard
6d379d54f5
minissdpd/openssdpsocket.c: listen on only 1 IPv4 if only 1 interface is specified
2014-05-02 09:52:43 +02:00