yangfl
2ff8cb17da
miniupnpd: Add option to match rules with regex
...
Some reports that a certain app is abusing UPnP for exploiting upload
bandwidth. This commit adds support to restrict UPnP rules to a regex.
By matching requester's description string against rule's regex, this
will make some obstacles for that app.
2022-10-21 21:26:39 +02:00
Brian John
87776e8345
Split "NAT" and "TABLE" for consistency
2022-01-01 16:58:55 -06:00
Sven Auhagen
0b3f3e4029
NFTables make tables name configurable
...
Right now the table names are hardcoded and do not integrate with an overall
firewall strategy.
NFTables has restrictions on how packets are evaluated against chains.
For example if multiple forward chains are evaluated with different prioity,
all packets that pass the first one will be reevaluated again in the second chain.
To have an overall firewall concept with miniupnpd it is necessary to use existing
tables and hence to configure them in miniupnpd.
Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
2021-11-27 21:49:21 +01:00
Thomas Bernard
23edb7e5eb
options.c: 2021
2021-08-21 10:24:22 +02:00
Sven Auhagen
74dbad5ab0
IPv6 pinholes lease file
...
This patch adds a lease file for IPv6 pinholes.
The leases are maintained and readded when miniupnpd restarts.
Currently all IPv6 leases are lost on restart.
Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de>
2021-08-18 11:06:12 +01:00
Thomas Bernard
7fcbcd35b9
fix commit 5567e7c7e0
2021-06-18 00:31:27 +02:00
Thomas Bernard
5567e7c7e0
miniupnpd: improves error handling during init.
...
- Fails on config parsing and init errors.
- print errors during init to both syslog and stderr.
fixes #551
2021-06-18 00:21:16 +02:00
Thomas Bernard
a774830fe0
miniupnpd: Option to disable IPv6 at runtime : -4 / ipv6_disable=yes
2020-04-09 21:12:20 +02:00
Thomas Bernard
a1ceec3dba
miniupnpd: Allow to use two different network interfaces for IPv4 and IPv6 internet
...
-i / -I
ext_ifname= / ext_ifname6=
see :
df906367be
/
thanks to "sfstudio"
2019-05-21 10:42:40 +02:00
Thomas Bernard
6e5a88098d
fix file headers (=>2018)
...
Signed-off-by: Thomas Bernard <miniupnp@free.fr>
2018-07-06 14:16:49 +02:00
Pali Rohár
8c97654d70
miniupnpd: When enabled perform STUN to learn external IP address and NAT type
...
Also enable port forwarding when direct (non-NAT) connection or unrestricted NAT 1:1 (without any filtering) is detected.
2018-05-19 13:32:42 +02:00
Thomas Bernard
2b6fa0839f
no more strlen(xxx) == 0.
...
Fixes #292
2018-04-20 17:19:52 +02:00
Nye Liu
c6bf0ba6f3
Allow runtime override of igd to v1 for people running binaries with v2 enabled
...
Towards miniupnp/miniupnp#277
2018-02-19 22:14:05 -08:00
Thomas Bernard
d3635faeed
add upnp_nat_postrouting_chain .conf option
...
fixes #190
MINIUPNPD-PCP-PEER has also been renamed to MINIUPNPD-POSTROUTING
( 1ba4362910
)
2016-01-26 16:59:04 +01:00
Markus Stenberg
c038146cee
Added ipv6_listening_ip option to override it from in6addr_any.
...
This way IPv6 services can be selectively enabled on one IP too.
2014-05-20 15:55:35 +03:00
Markus Stenberg
c8ec092693
Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use).
2014-05-15 12:04:03 +02:00
Markus Stenberg
c801138c63
Added PCP third party option and made it's use an option.
2014-05-06 13:10:09 +02:00
Thomas Bernard
1ff20069a1
miniupnpd/options.c: fix potential end of array access
2014-04-20 18:10:44 +02:00
Thomas Bernard
415d14fbe9
miniupnpd/options.c: Add https_port= option
...
also add http_port= as a synonym to port=
2014-04-20 18:06:00 +02:00
Thomas Bernard
f774a54bac
remove C++ style comments
2013-12-13 17:01:41 +01:00
Thomas Bernard
d19048ef9e
miniupnpd: Make all manufacturer info configurable
2013-12-13 12:03:28 +01:00
Leo Moll
d200fb748f
Made all manufacturer related information configurable:
...
- manufacturer_name, default is "`uname -s`"
- manufacturer_url, default is URL of OS verndor
- model_name, default is "`uname -s` router"
- model_description, default is "`uname -s` router"
- model_url, default is URL of OS verndor
2013-10-20 23:02:19 +02:00
Peter Tatrai
9e1ffd5cd9
Add initial PCP support
2013-07-11 09:38:55 +02:00
Thomas Bernard
0df9f7f62a
miniupnpd: added DISABLE_CONFIG_FILE in options.h to disable miniupnpd.conf parsing
2012-06-29 21:39:34 +02:00
Thomas Bernard
e42dfd3284
Remove Warnings caused by signed/unsigned integer comparaisons
2012-05-01 11:52:21 +02:00
Shawn Landen
5c224accbf
remove trailing whitespace from miniupnpd
2012-02-29 17:48:41 -08:00
Thomas Bernard
65e277883b
options.c: Save a few bytes
...
Use a string repository, instead of a fixed size buffer for each option value.
Also check realloc() error
2012-02-05 01:31:27 +01:00
Thomas Bernard
4e79d6b983
Fixed a minor memory "leak"
...
The upnppermlist was not free'd before exiting...
2012-02-05 00:53:29 +01:00
Thomas Bernard
a0a1e45ac5
Added friendl_name= option to config file
2012-02-05 00:24:13 +01:00
Thomas Bernard
874283b36f
Anchor name (PF) is now configurable through the config file with anchor=
2012-02-03 13:14:10 +01:00
Thomas Bernard
0d96346588
Adding miniupnpd
2011-09-28 21:13:20 +02:00