townforge/miniupnpc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,906 Commits 1 Branch 0 Tags 3.7 MiB
cc
Commit Graph

1071 Commits

Author SHA1 Message Date
Thomas Bernard
34f80a011f Add light version of iptables_display.sh script 2016-02-12 14:56:10 +01:00
Thomas Bernard
8bad6cd338 netfilter/iptcrdr.c: remove old USE_INDEX_FROM_DESC_LIST code 2016-02-12 14:55:09 +01:00
Thomas Bernard
cc35c1d450 AddPortMapping return error 729 - ConflictWithOtherMechanisms if IGD v2 is enabled 2016-02-12 14:54:13 +01:00
Thomas Bernard
dd9bf47c68 iptcrdr.c: add iptc_init() check in init_redirect() 2016-02-12 14:51:59 +01:00
Thomas Bernard
c4f2397d5c upnpevents.c: quick syntax fix... 2016-02-11 11:42:59 +01:00
Thomas Bernard
6059f000f7 use Linux libuuid uuid_generate() / BSD uuid_create() API 2016-02-11 11:39:28 +01:00
Thomas Bernard
19211d20d1 add debug log in remove_unused_rules() 2016-02-11 10:31:49 +01:00
Thomas Bernard
cac8668a7d miniupnpd/Makefile: linking uses LDFLAGS, not CFLAGS 2016-02-10 21:37:00 +01:00
Thomas Bernard
42c7bf935c ClearOS specifics 2016-02-10 20:44:46 +01:00
Thomas Bernard
81e0ca10df upnphttp.c: fix when compiling with UPNP_STRICT 2016-02-09 10:17:58 +01:00
Thomas Bernard
d23bb8d670 improve config.h comment :) 2016-02-09 10:16:45 +01:00
Thomas Bernard
06049f1e7d add ENABLE_PORT_TRIGGERING macro in config.h 
enabled by default. Will allow people to disable the code :)
 2016-02-09 10:09:19 +01:00
Thomas Bernard
5f74a08dd6 update README and INSTALL 2016-01-28 23:10:25 +01:00
Thomas Bernard
0deaf32796 update Changelog.txt about port triggering 2016-01-28 23:09:45 +01:00
Thomas Bernard
3284d113c7 remove ifname arg from addmasqueraderule() 
also improve comment and remove useless log :)
 2016-01-28 22:16:07 +01:00
Thomas Bernard
40aa39679f improve comments 2016-01-26 19:51:07 +01:00
Thomas Bernard
141e861c3a remove call to addpeernatrule() ... 2016-01-26 18:17:05 +01:00
Thomas Bernard
9059966122 netfilter/iptcrdr.c: improve comments 
give which iptables command is equivalent for adding the rule
 2016-01-26 18:16:23 +01:00
Thomas Bernard
d3635faeed add upnp_nat_postrouting_chain .conf option 
fixes #190

MINIUPNPD-PCP-PEER has also been renamed to MINIUPNPD-POSTROUTING
( 1ba4362910 )
 2016-01-26 16:59:04 +01:00
Thomas Bernard
1ba4362910 MINIUPNPD-PCP-PEER => MINIUPNPD-POSTROUTING 
renamed
miniupnpd_peer_chain = "MINIUPNPD-PCP-PEER"
to
miniupnpd_nat_postrouting_chain = "MINIUPNPD-POSTROUTING";
 2016-01-26 16:50:48 +01:00
Thomas Bernard
ba91c4ec23 add addmasqueraderule() 
see issue #166
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820

iptables -t nat -I POSTROUTING -o <extif> -s <iaddr> -p UDP --sport <iport> -j MASQUERADE --to-ports <eport>
 2016-01-26 16:38:32 +01:00
Thomas Bernard
f4324d45e5 fix netfilter/Makefile dependencies, fix iptables_display.sh 2016-01-26 16:38:32 +01:00
Thomas Bernard
55cf34a101 fix iptc_init_verify_and_append() calls 2016-01-26 16:38:32 +01:00
Thomas Bernard
aa4e0a4549 add netfilter/test_nfct_get 2016-01-26 16:38:31 +01:00
Thomas Bernard
21a98adc5d update Changelog.txt 2016-01-19 11:06:06 +01:00
Thomas Bernard
f1ce2301da shutdown_iptpinhole() frees memory 2016-01-19 10:53:14 +01:00
Thomas Bernard
6f8951d40d find_pinhole() return -2 if not found 2016-01-19 10:52:36 +01:00
Thomas Bernard
f16b291cfa add pf/BSD files to .gitignore 2016-01-18 22:48:18 +01:00
Thomas Bernard
be124b6508 add find_pinhole() to pf/ code also 
see #188
 2016-01-18 22:46:30 +01:00
Thomas Bernard
e252acef88 PCP: check pinhole before adding in CreatePCPMap_FW() 
fixes #188
 2016-01-18 20:16:06 +01:00
vvsvic
a8ab2149f4 Remove some bugs in DeletePCPPeer and DeletePCPMap 2016-01-13 13:26:20 +03:00
Chocobo1
e405f78b89 Fix output specifier 2016-01-04 12:13:00 +08:00
Chocobo1
948b883966 Fix memory leak when realloc fails 2016-01-04 11:51:49 +08:00
Thomas Bernard
e076899a37 buffer overflow fix 
in MULTIPLE_EXTERNAL_IP code which is not used normally...
 2015-12-31 00:41:24 +01:00
Thomas Bernard
58b130116b revert to UPnP/1.1 (UDA v1.1) as default. 
see https://github.com/miniupnp/miniupnp/issues/167
fixes #167
 2015-12-19 11:52:38 +01:00
Thomas Bernard
fb1c29f732 cleanup 2015-12-16 11:26:40 +01:00
Thomas Bernard
1ab8cf0a22 improve syslog message for incoming HTTP requests 2015-12-16 11:26:03 +01:00
Thomas Bernard
6f89608a2c ExecuteSoapAction() : add namespace to log messages 2015-12-15 12:14:05 +01:00
Thomas Bernard
ba1c9239c0 update Changelog.txt 2015-12-15 12:13:45 +01:00
Thomas Bernard
9d8a988b82 add comments in upnpdescgen.c 2015-12-15 11:17:15 +01:00
Thomas Bernard
0139addbda Merge branch 'desc_test' 2015-12-15 10:57:14 +01:00
Thomas Bernard
9e31ceb630 add --disable-pppconn genconfig.sh option to disable WANPPPConnection 
fixes #176
 2015-12-13 15:57:49 +01:00
Thomas BERNARD
66b087b9b1 Merge pull request #174 from razzfazz/new_subscriber_uuid_cleanup 
use sizeof() instead of hard-coded UUID length in newSubscriber()
 2015-12-13 00:32:01 +01:00
Thomas Bernard
f076f368bd fix DeviceProtection#GetSupportedProtocols response 
add CDATA to escape XML document in response :
ProtocolList content is an XML document that should be escaped
See  section 2.4.3.1 of the DeviceProtection spec
http://upnp.org/specs/gw/UPnP-gw-DeviceProtection-v1-Service.pdf

see PR #178
 2015-12-13 00:24:05 +01:00
Thomas Bernard
e76dd788c4 Merge remote-tracking branch 'razzfazz/fix_dp_setup_ready_notify' 
PR #182
 2015-12-12 12:02:36 +01:00
Daniel Becker
04b344b6f8 actually return a value in SetupReady notifications 2015-12-12 02:42:13 -08:00
Daniel Becker
db0ef3022e fix parsing of input arguments in SendSetupMessage() 2015-12-12 02:33:30 -08:00
Thomas Bernard
f77d701489 update changelog and year => 2015 
see 1cc3d1a5fa
and 6430805381
 2015-12-12 10:38:40 +01:00
Thomas Bernard
a4a3e5a3f8 add comments. see 0298b66365 2015-12-12 09:31:22 +01:00
Thomas Bernard
9f32a1de1d add "uname -a" result to config.h 2015-12-12 09:13:05 +01:00
Thomas Bernard
58f6626179 add --uda-version to usage help + fix 
fixes 9e65fbbded
 2015-12-12 09:10:54 +01:00
Thomas BERNARD
128bbee806 Merge pull request #180 from razzfazz/fix_dp_action_args 
fix action arguments for DeviceProtection service (IGDv2)
 2015-12-12 08:58:25 +01:00
Thomas Bernard
aa34dd2e45 Merge branch 'fix_advertised_versions' 2015-12-12 08:47:32 +01:00
Thomas Bernard
e97be7f37f add comments to previous commit 2015-12-12 08:47:06 +01:00
Daniel Becker
ce3d66a3ee fix tags for DeviceProtection action responses 2015-12-11 23:36:19 -08:00
Thomas Bernard
2a654e0ef4 Merge remote-tracking branch 'razzfazz/renew_cleanup' 2015-12-12 08:28:48 +01:00
Daniel Becker
0298b66365 fix argument names for DeviceProtection actions 2015-12-11 23:12:11 -08:00
Daniel Becker
7774c24daa add missing parameters for DeviceProtection service actions 2015-12-11 22:56:20 -08:00
Daniel Becker
1cc3d1a5fa advertise correct service and device versions when IGDv2 is enabled 2015-12-11 18:08:18 -08:00
Daniel Becker
6430805381 return SID in renew response 2015-12-11 16:29:32 -08:00
Daniel Becker
5fd754c4e2 use sizeof() instead of hard-coded UUID length in newSubscriber() 2015-12-11 16:21:32 -08:00
Thomas Bernard
0d0728e2d1 name WANIPv6FirewallControl:1 service WANUPv6Firewall1 
done according to http://upnp.org/specs/gw/UPnP-gw-InternetGatewayDevice-v2-Device.pdf
2.2 (page 9)
 2015-12-11 14:40:13 +01:00
Thomas Bernard
9e65fbbded allow to set UPnP Device architecture version using commandline 
--uda-version=x.x
 2015-12-11 14:37:59 +01:00
Daniel Becker
d89e4aaf70 fix Layer3Forwarding serviceId to be consistent with IGDv2 spec 2015-12-11 02:13:42 -08:00
Thomas Bernard
76a5f9930b Changes to WANIPCn.xml 
Add default values for :
RSIPAvailable
NATEnabled
LastConnectionError
ConnectionStatus

follow the Specification regarding ConnectionType / PossibleConnectionTypes
allowed values
 2015-12-11 10:57:25 +01:00
Thomas Bernard
24d54ba13a SA_SIZE() is >= sizeof(long) 2015-11-19 12:55:44 +01:00
Thomas Bernard
834a7f5db9 use bash or ksh to execute ./testupnppermissions.sh 2015-11-19 12:54:56 +01:00
Thomas Bernard
3d50adc170 bsd/getroute.c: check message length. Avoid buffer overread 2015-11-18 09:53:58 +01:00
Thomas Bernard
35aae6debb bsd/getroute.c: fix parsing of address with SA_LEN() = 0 
at least with OpenBSD 4.3, the minimum is 4 bytes
 2015-11-18 09:52:54 +01:00
Daniel Becker
e5d30a1f4b explicitly request interface name as well 2015-11-17 17:29:09 -08:00
Daniel Becker
eb5f179c9f make get_src_for_route_to() actually return the source address on *BSD 2015-11-17 17:06:05 -08:00
Thomas BERNARD
7d19326ef9 get_src_for_route_to() is tested with Mac OS X 10.4 2015-11-17 11:25:10 +01:00
Thomas Bernard
191940467f define SA_SIZE if needed 2015-11-17 10:55:17 +01:00
Daniel Becker
7ab525700d fix parsing of sockaddr entries returned by routing socket on BSD 2015-11-17 10:16:51 +01:00
Thomas Bernard
5cfa875477 fill sa_len in address for rt_msg 2015-11-17 10:15:36 +01:00
Thomas Bernard
84b609849a fix get_src_for_route_to() with IPv6 
fixes #160
 2015-11-16 23:01:44 +01:00
Thomas Bernard
66dceb5e94 Fix get_src_for_route_to() when args are NULL 
fixes #160 ???
 2015-11-16 20:32:02 +01:00
Thomas Bernard
5856fb0f7d test get_src_for_route_to() with NULL args 2015-11-16 20:19:00 +01:00
Thomas Bernard
372ad64bb5 update Changelog.txt files 2015-11-05 12:04:26 +01:00
Thomas Bernard
f5f3ad1631 clarify multiple LAN interfaces / listening_ip= 2015-11-05 11:51:02 +01:00
Thomas Bernard
be70a04c66 use LOG_INFO instead of LOG_ERR for PCP PEER and MAP success 
fixes #158
 2015-11-02 23:30:28 +01:00
Thomas Bernard
92cc93f6f8 use name server from query in SOAP responses (continued) 
see a4b97cf105
and 1e7b2342fa
 2015-10-30 19:53:08 +01:00
Thomas Bernard
4ed5bc6fee remove a warning :) 2015-10-30 19:52:41 +01:00
Thomas Bernard
4afc6fcf7f fix : properly call find_ipv6_addr() with the 1st LAN interface 2015-10-30 19:36:42 +01:00
Thomas BERNARD
d4ee1ee7e6 Add "make check" to BSD Makefile. 
Also make sure files are removed properly when using "make clean"
 2015-10-25 16:33:24 +01:00
Thomas BERNARD
f4b730af9b clean up UTF-8 chars 2015-10-25 16:19:21 +01:00
Thomas Bernard
359c5d8805 add a validation of SSDP packet generation 
checks it doesn't overflow  SSDP_PACKET_MAX_LEN
 2015-10-24 17:02:11 +02:00
Thomas Bernard
3bd1886d2a move SSDP_PACKET_MAX_LEN to config.h 
also set it to 1024 by default. See #129
 2015-10-24 13:11:31 +02:00
Thomas Bernard
8fde9568cc make it work with Darwin (Mac OS X) 2015-10-08 14:03:15 +02:00
Thomas Bernard
6c46d285aa fix testupnppermissions.sh for non DEBUG builds 
cleanup tests also
 2015-09-22 17:13:26 +02:00
Thomas Bernard
6837787f1c validategetifaddr 2015-09-22 16:51:56 +02:00
Thomas Bernard
aa1e24acf8 bash is needed for arrays 2015-09-22 16:19:24 +02:00
Thomas Bernard
71a7846479 add "make check" to miniupnpd 2015-09-22 16:02:19 +02:00
Thomas Bernard
146613a493 update Changelog.txt 2015-09-22 12:13:32 +02:00
Thomas Bernard
3b12b8fb4e copy ext_ip in response only if needed 2015-09-22 11:52:24 +02:00
Thomas Bernard
68b3cab718 add a warning syslog() in parsePCPOptions 2015-09-22 11:36:09 +02:00
Thomas Bernard
c87809a608 remove redundant test about ports 2015-09-22 11:35:24 +02:00
Thomas Bernard
c3660a5aa7 add include guard 2015-09-22 10:24:47 +02:00
Thomas Bernard
13aeb88feb remove #pragma directive 2015-09-22 10:24:38 +02:00
Thomas Bernard
3d8986b646 Dont read/write PCP messages as C struct to remove dependency to the "pack" feature. 
structs are left (commented out) in pcp_msg_struct.h for information
 2015-09-22 10:22:06 +02:00
Thomas Bernard
a6b947e0ca move READNUxx/WRITENUxx macros to macros.h 2015-09-21 23:58:00 +02:00
Thomas Bernard
2372d7bdd9 Merge branch 'uda_20' 2015-09-21 22:40:16 +02:00
Thomas Bernard
7ae5783d85 UPNP_VERSION_MAJOR / UPNP_VERSION_MINOR macros defined in config.h 2015-09-21 22:39:30 +02:00
Thomas Bernard
50c68a9f03 rename macro UPNP_VERSION to MINIUPNPD_DATE 
(a more meaningful name)
 2015-09-21 22:37:50 +02:00
Thomas Bernard
861c5f5796 add comments with usual namespace 
see a4b97cf105
 2015-09-21 17:10:15 +02:00
Thomas Bernard
7b3cda0f9a add testdescs to .gitignore 2015-09-15 16:17:29 +02:00
Thomas Bernard
1e7b2342fa use name server from query in SOAP responses (continued) 
see a4b97cf105
 2015-09-15 09:39:50 +02:00
Thomas Bernard
a4b97cf105 use name server from query in SOAP responses 
to be finished :)
 2015-09-15 00:02:56 +02:00
Thomas Bernard
fde90d221b fix typo in "urn" (url) 2015-09-14 23:35:14 +02:00
Thomas Bernard
a8f80040c9 Randomize URLs to avoid http://www.filet-o-firewall.com/ 2015-09-14 12:10:15 +02:00
Thomas Bernard
32f1981520 ipfwrdr.c: remove unused argument warnings 2015-09-10 16:01:26 +02:00
Thomas Bernard
8ecb5fcd92 fix includes for old Mac OS X 2015-09-04 18:50:54 +02:00
Thomas Bernard
5873c5a6b4 miniupnpd: improve warning log 2015-08-26 10:04:23 +02:00
Thomas Bernard
f8f5f2eb97 miniupnpd: bind to device using SO_BINDTODEVICE 2015-08-26 09:46:05 +02:00
Thomas Bernard
0cf182e51e miniupnpd: remove int_if_name, use ip_mreqn if available 2015-08-25 20:33:47 +02:00
Timothy Redaelli
138ec9e972 miniupnpd: Bind to device 
This is needed when you have two interfaces with the same IP address
(for example using tinc)
 2015-08-21 16:05:26 +02:00
Thomas Bernard
6db99a1a40 use mktemp properly ? 
-t option to put in /tmp dir
 2015-07-16 17:16:52 +02:00
Thomas Bernard
904399cd62 => (c) 2015 2015-07-16 17:16:09 +02:00
Thomas Bernard
d02b1d4ec3 genconfig.sh: 2014 => 2015 2015-07-15 18:13:01 +02:00
Thomas Bernard
81d03ad41d DECODELENGTH_READ 2015-07-15 18:11:27 +02:00
Thomas Bernard
a3179fb284 Check malloc/calloc return values 2015-07-15 18:10:10 +02:00
Thomas Bernard
769f4d4708 pcpserver.c: correctly return NOT_AUTHORIZED PCP error 
When trying to remove PCP Map when nonce is bad

fixes #132
 2015-07-09 12:46:51 +02:00
Thomas Bernard
8d08346c60 pcpserver.c: Don't overwrite lifetime. 
fix #131
 2015-07-09 12:28:05 +02:00
Chocobo1
24307d2951 Comparing array address with 0 is not useful, use strlen() instead 2015-06-24 16:24:01 +08:00
Chocobo1
61289d42fb Correctly terminate the string 2015-06-24 16:24:01 +08:00
Chocobo1
7e088a9039 Fix memory leak 2015-06-24 13:14:14 +08:00
Thomas Bernard
6400a13a50 miniupnpd/pcpserver.c: fix for compilation with PCP_FLOWP defined 2015-06-22 11:51:23 +02:00
Thomas Bernard
8a180b1cac Merge remote-tracking branch 'edrikk/master' 2015-06-16 09:49:02 +02:00
edrikk
d002502e68 Make Tomato's OS_VERSION shorter to stop SendSSDPNotify log messages 
As discussed in this thread:
http://www.linksysinfo.org/index.php?threads/tomato-shibbys-releases.33858/page-53#post-262636

It appears that the Tomato OS_VERSION has gotten long enough, that it's causing SSDP_PACKET_MAX_LEN being larger than 512 by a few characters.

This change reduces unnecessary "verbiage" at the end of the Tomato OS_VERSION string.

In short, what was previously (as example):
     Tomato 1.28.0000 MIPSR2-130 K26AC USB AIO-64K
 will become
     Tomato MIPSR2-130 K26AC
 2015-06-15 12:47:34 -04:00
edrikk
70a2eee3e2 Define "TOMATO" in Tomato portion of config file creation 
Define "TOMATO" in Tomato portion of config file creation
 2015-06-09 15:53:11 -04:00
Thomas Bernard
df85522c73 miniupnpd/miniupnpd.c: commenting #endif + minor cleaning 2015-06-09 15:13:25 +02:00
edrikk
ec0707d559 Add Tomato modifications exactly as is, wrapped by ifdef TOMATO 
Add Tomato modifications exactly as is in Tomato firmware, wrapped by #ifdef TOMATO so that it is dormant in base miniupnpd.
This will ease merging upstream changes back to Tomato.
 2015-06-05 23:19:52 -04:00
edrikk
9fe747894c Drop log severity level to reduce verbosity 
Dropping syslog message severity from WARNING to INFO.  
Tomato makes this change each update, to reduce verbosity.  This change will allow for easier merging of upstream changes back into Tomato.
 2015-06-05 22:31:28 -04:00
edrikk
bc69cece0e Add client address to syslog message 
Align with Tomato, to ease merges back downstream.
Adds client address to syslog message, corrects typo "inexpectedly" -> "unexpectedly"
 2015-06-05 22:27:20 -04:00
edrikk
2c8e3c1fc2 Align with active Tomato builds genconfig.sh entry 
The current active Tomato builds do not incorporate these two lines.  Removing to ease merging upstream changes.

Toastman:
http://repo.or.cz/w/tomato.git/blob/refs/heads/Toastman-RT-N:/release/src/router/miniupnpd/genconfig.sh#l249

Shibby:
f799186a9d/release/src-rt-6.x.4708/router/miniupnpd/genconfig.sh (cl-265)
 2015-06-05 22:14:47 -04:00
Thomas Bernard
a43beeccf1 fix minor typo 2015-05-27 15:31:49 +02:00
Thomas Bernard
01eb15af3d Adding linux/nftables support 2015-04-30 10:52:11 +02:00
Thomas Bernard
42a5e2ae22 Merge remote-tracking branch 's1061123/nft_support' into nft_support 
Conflicts:
	miniupnpd/Makefile.linux_nft
	miniupnpd/netfilter_nft/README.md
	miniupnpd/netfilter_nft/nftnlrdr.c
	miniupnpd/netfilter_nft/nftnlrdr_misc.c
 2015-04-30 10:49:11 +02:00
Tomofumi Hayashi
8fedfdc4ae Fix compiler warning. 2015-04-28 17:23:09 +09:00
Tomofumi Hayashi
a39365279c Fix d_printf() compile error. 2015-04-28 17:22:46 +09:00
Tomofumi Hayashi
af3ac20395 Change printf to d_printf (only valid in case of -DDEBUG) 2015-04-28 17:13:09 +09:00
Tomofumi Hayashi
79d4028a93 Change message. 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi
7948b7d754 Fix SEGV issue (due to invalid memory alloc case). 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi
101c443192 Update README.md 
Fix format.
 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi
73f02afca9 Remove .travis.yml and rename README.md 2015-04-28 17:13:08 +09:00
Tomofumi Hayashi
e167cc1675 Move travisCI to top. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
1e97b408f1 First commit for travisCI. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
cc0a6eecbb Add libmnl flags in Makefile.linux_nft. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
050845156a Fix to remove rule with correct handle. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
9e10d91347 Skip to parse rules not in miniupnpd chain. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
e54c5ff773 Fix to get NAT port as uint16_t. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
26a5c9a3aa In case of remove filter, just remove one rule. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
c2af2650d9 Add expr_set_reg_val_u16 for network port num. 2015-04-28 17:13:07 +09:00
Tomofumi Hayashi
7f57e686d0 Fix NAT issue (cannot snat/dnat actually). 
Port number endian is failed.
 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi
01ecb49d0e Add egress if index val and rename ifidx to ingress_ifidx. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi
ad1e380d10 Changes init script (only add chains). 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi
12f6bdb274 Fix init script. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi
55fba2b6c4 Add README. 2015-04-28 17:13:06 +09:00
Tomofumi Hayashi
b2b6f025fb Initial commit to support nftables. 2015-04-28 17:13:06 +09:00
Thomas Bernard
2a08805783 minissdp.c: Dont try to close sockets with fd=-1 
fixes #112
 2015-04-28 09:08:35 +02:00
Thomas Bernard
c52657f7fb update Changelog.txt 2015-04-26 16:44:57 +02:00
Thomas Bernard
a224264194 Merge remote-tracking branch 'Chocobo1/typo' 2015-04-26 16:29:08 +02:00
Thomas Bernard
940909890e remove dependency on libnfnetlink 
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
 2015-04-26 16:18:39 +02:00
Thomas Bernard
f8c122034c remove dependency on libnfnetlink 
fixes #110
still allow to use libnfnetlink by defining USE_LIBNFNETLINK
if you really want/need to
 2015-04-26 16:15:41 +02:00
Chocobo1
3fcd2b5117 miniupnpd.conf: Fix typos, capitalize each sentence. 2015-04-25 16:10:15 +08:00
Thomas Bernard
60db6230ab minor README edit 2015-04-24 23:02:38 +02:00
Tomofumi Hayashi
0df3555a8c Update README.md 
Fix format.
 2015-04-24 16:57:40 +09:00
Tomofumi Hayashi
c70e3a4637 Remove .travis.yml and rename README.md 2015-04-24 16:54:23 +09:00
Tomofumi Hayashi
8cd268dd9d Move travisCI to top. 2015-03-18 15:56:42 +09:00
Tomofumi Hayashi
4199ce46ca First commit for travisCI. 2015-03-18 15:52:22 +09:00
Tomofumi Hayashi
40871bb4cc Add libmnl flags in Makefile.linux_nft. 2015-03-18 15:27:57 +09:00
Tomofumi Hayashi
c6ebb70f35 Fix to remove rule with correct handle. 2015-03-16 19:58:02 +09:00
Tomofumi Hayashi
841b2fb1f3 Skip to parse rules not in miniupnpd chain. 2015-03-16 19:39:06 +09:00
Tomofumi Hayashi
af780b8255 Fix to get NAT port as uint16_t. 2015-03-16 19:38:28 +09:00
Tomofumi Hayashi
d2bc556733 In case of remove filter, just remove one rule. 2015-03-16 19:35:23 +09:00
Tomofumi Hayashi
939b3262c3 Add expr_set_reg_val_u16 for network port num. 2015-03-16 18:02:07 +09:00
Tomofumi Hayashi
75fd37e958 Fix NAT issue (cannot snat/dnat actually). 
Port number endian is failed.
 2015-03-16 17:29:20 +09:00
Tomofumi Hayashi
c19b87ee07 Add egress if index val and rename ifidx to ingress_ifidx. 2015-03-16 17:28:03 +09:00
Tomofumi Hayashi
3e635dbe17 Changes init script (only add chains). 2015-03-16 17:24:31 +09:00
Tomofumi Hayashi
f7288efb5e Fix init script. 2015-03-12 15:17:33 +09:00
Tomofumi Hayashi
7065b0040f Add README. 2015-03-11 22:18:26 +09:00
Tomofumi Hayashi
dcf218c452 Initial commit to support nftables. 2015-03-11 21:10:25 +09:00
Thomas Bernard
b137df30d9 Merge remote-tracking branch 's1061123/fix_range1' 2015-03-09 10:59:49 +01:00
Tomofumi Hayashi
3b472b59e0 Fix get_portmappings_in_range() in non-expand case. 
In get_portmappings_in_range(), array[] is not updated when
realloc() is not called, hence get_portmappings_in_range() is
always null. This fix changes to fill array[].
 2015-03-09 17:33:10 +09:00
Thomas Bernard
85841abd5f miniupnpd/Changelog.txt: eb72ab5330 2015-03-07 16:57:40 +01:00
Thomas Bernard
eb72ab5330 miniupnpd.c: don't die when IPv6 is enabled and interface has no IPv4 address 2015-02-20 18:31:55 +01:00
Thomas Bernard
e896e298f3 miniupnpd: remove warnings 2015-02-16 22:41:40 +01:00
Thomas Bernard
e13525c3e7 miniupnpd: UPnP/1.1 => UPnP/2.0 2015-02-16 11:23:05 +01:00
Thomas BERNARD
d5ccd5e86e Merge pull request #101 from pyzhu/master 
avoid compile warning
 2015-02-11 23:33:47 +01:00
Thomas Bernard
6e5d8ce954 miniupnpd: Allow wildcard (empty string) remote host for AddPinhole() 2015-02-10 16:04:10 +01:00
Thomas Bernard
5df35db6ab fix c7d7efd230 2015-02-08 10:46:13 +01:00
Thomas Bernard
7c1a04ab30 upnpsoap.c: 2014 => 2015 2015-02-08 10:23:54 +01:00
Thomas Bernard
c7d7efd230 fix realloc failure issues detected thanks to cppcheck 2015-02-08 10:23:22 +01:00
Thomas Bernard
241ede9ddf miniupnpd: improve (some) logs 2015-01-20 14:13:18 +01:00
Thomas Bernard
f795af5f54 2014 => 2015 2015-01-20 14:12:10 +01:00
Thomas Bernard
bbb6df523d miniupnpd/natpmp.c: #if IPV6_PKTINFO => #ifdef IPV6_PKTINFO 2014-12-31 01:38:15 +01:00
Thomas Bernard
c336b23706 miniupnpd/upnpglobalvars.c: documentation about CONFIGID.UPNP.ORG 2014-12-15 12:02:42 +01:00
Thomas Bernard
c4b167537f miniupnpd/Makefile.linux: fix clean (testporinuse.o) 2014-12-15 11:59:17 +01:00
Thomas Bernard
22bc695f91 remove unused bsdqueue.h 2014-12-15 11:58:57 +01:00
Thomas Bernard
2d89a05982 miniupnpd/miniupnpd.c: minor fixes in usage output 2014-12-10 10:44:32 +01:00
Thomas Bernard
99a1bafc1f miniupnpd: use time for BOOTID.UPNP.ORG value 2014-12-10 10:41:10 +01:00
Thomas Bernard
00d878eba3 miniupnpd: configurable BOOTID.UPNP.ORG SSDP header 2014-12-10 10:40:41 +01:00
Thomas Bernard
2d52890608 miniupnpd/upnpglobalvars.c: document BOOTID.UPNP.ORG and CONFIGID.UPNP.ORG 2014-12-10 10:03:13 +01:00
Thomas Bernard
e283270274 miniupnpd/pf/pfpinhole.c: reduce log verbosity 
also remove a "argument not used" warning
 2014-12-10 09:46:57 +01:00
Thomas Bernard
e013870cca miniupnpd/upnpsoap.c: remove an unneeded \n in log 2014-12-09 18:32:31 +01:00
Thomas Bernard
181850ad1f miniupnpd/upnphttp.c: check ':' in HTTP header names 2014-12-09 18:28:23 +01:00
Thomas Bernard
98cc73a372 miniupnpd/upnphttp: Checking Host: HTTP request header to prevent DNS rebinding attack 2014-12-09 17:49:02 +01:00
Thomas Bernard
31986d8190 miniupnpd/upnphttp.c: fix 526e1dcd40 2014-12-09 17:48:14 +01:00
Thomas Bernard
9e30117cac miniupnpd/upnphttp.c: fix ec94c5663f 
thanks to Stephen Röttger
 2014-12-09 11:44:28 +01:00
Thomas Bernard
526e1dcd40 miniupnpd/upnphttp.c: skip only spaces and tab (stop on CR and LF) 2014-12-09 11:38:50 +01:00
Thomas Bernard
064c78730c miniupnpd/upnphttp.c: cosmetical changes 2014-12-09 11:04:38 +01:00
Thomas Bernard
ec94c5663f miniupnpd: check if BuildHeader_upnphttp() failed to allocate memory 2014-12-09 11:04:15 +01:00
Thomas Bernard
dd39ecaa93 miniupnpd/upnphttp.c: fix buffer overrun in ParseHttpHeaders() if Content-Length doesn't contain any digit 
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
 2014-12-09 11:02:57 +01:00
Thomas Bernard
e6bc04aa06 miniupnpd/upnpsoap.c: fix potential memory corruption in upnpsoap.c/GetListOfPortMappings() 
Credits goes to Stephen Röttger of the Google Security Team for identifying
the vulnerabilities
 2014-12-09 11:01:37 +01:00
Thomas Bernard
7c91c4e933 miniupnpd/upnpredirect.c: check inet_aton() return 2014-12-09 10:53:52 +01:00
Thomas Bernard
d00b75782e miniupnpd/upnppinhole.c: fix upnp_add_inboundpinhole() : check inet_pton() return 2014-12-09 10:52:26 +01:00
Thomas Bernard
3b71766493 miniupnpd/genconfig.sh: check net.ipv6.bindv6only under LINUX 2014-12-04 11:23:56 +01:00
Thomas Bernard
c14788a13a miniupnpd: fixes ExecuteSoapAction() for missing " around SOAPAction 2014-11-28 14:29:24 +01:00
Thomas Bernard
33a5ebf367 miniupnpd/upnpsoap.c: make WANAccessType easier to configure 2014-11-27 13:25:45 +01:00
Thomas Bernard
eef94da7e0 miniupnpd/upnpreplyparse.c: fix DisplayNameValueList() 2014-11-12 17:05:15 +01:00
Thomas Bernard
bfab1e2094 miniupnpd/upnputils.c: sockaddr_to_string() includes scope in IPv6 addresses 2014-11-07 12:54:33 +01:00
Thomas Bernard
27d4d10a3e miniupnpd/miniupnpd.c: fix PCP third party mode (in IPv4) 
fixes problem introduced in commit 16389fda3c
 2014-10-30 20:37:35 +01:00
Thomas Bernard
50f7611227 miniupnpd/TODO: updated TODO (a bit) 2014-10-30 20:35:36 +01:00
Thomas Bernard
510bff06ba miniupnpd: VERSION 1.9 2014-10-27 17:39:28 +01:00
Thomas Bernard
067aa01856 miniupnpd/pcpserver.c: remove unused argument warning 2014-10-27 17:39:01 +01:00
Thomas Bernard
a80c87fb8d remove need of sys/queue.h or bsdqueue.h in upnpreplyparse.c/.h 2014-10-27 17:38:26 +01:00
Thomas Bernard
fb1aba3c9a miniupnpd/natpmp.c: fix walktrough of mapping "list" for NATPMP removal 2014-10-23 18:00:24 +02:00
Thomas Bernard
350ca199c4 miniupnpd/natpmp.c: Properly implements NAT-PMP mapping removal 
fixes #97
 2014-10-23 17:57:31 +02:00
Thomas Bernard
8baf8d351a miniupnpd/minissdp.c: Remove warning (caused by double const) 2014-10-22 13:57:24 +02:00
Thomas Bernard
88b6386f55 miniupnpd/Changelog.txt: catch up (mcast_ssdp) 2014-10-22 13:41:35 +02:00
Thomas Bernard
447bad32c9 miniupnpd/minissdp.c: Add documentation to SSDPNotify* functions 2014-10-22 12:11:34 +02:00
Thomas Bernard
aef2c0a3b4 miniupnpd/minissdp.c: fix 50e370abcd 
while() => for() / reindent/etc
 2014-10-22 12:10:30 +02:00
Thomas Bernard
ac816e91f9 Merge branch 'master' into mcast_ssdp 2014-10-22 11:47:46 +02:00
Thomas Bernard
9194b02071 miniupnpd/minissdp.c: comments about binding "notify" sockets 
Explain why bind() is called in functions
OpenAndConfSSDPNotifySocket and OpenAndConfSSDPNotifySocketIPV6
 2014-10-22 11:43:42 +02:00
Thomas Bernard
e810903443 miniupnpd/upnputils.c: do something in case inet_ntop() fails 2014-10-22 11:14:48 +02:00
Thomas Bernard
bedbf88fc6 miniupnpd/upnputils.c: compile some debug output only when needed 2014-10-22 11:13:48 +02:00
Thomas Bernard
16389fda3c miniupnpd: Discard NAT-PMP packets coming from the WAN 2014-10-22 10:54:07 +02:00
Thomas Bernard
f183e2b436 miniupnpd/Changelog.txt: catch up 2014-10-22 10:53:30 +02:00
sbyx
4cbcdc34d2 UPNP pinholing: add missing sys/types.h include 
sys/types.h is necessary to declare u_int64_t for some c libraries, so include it.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
 2014-10-21 15:54:02 +02:00
sbyx
47b77fabb6 Remove unnecessary sysctl.h include for linux 
miniupnpd on Linux unnecessarily includes sys/sysctl.h which breaks builds with musl-libc.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
 2014-10-21 10:56:34 +02:00
Thomas Bernard
82604ec5d0 miniupnpd/miniupnpd.conf: add comments regarding security 
comment values, to force people to configure themselves
 2014-10-13 18:03:53 +02:00
Markus Stenberg
17dabcc708 Use -f with gzip, to prevent interactive promots when running make install multiple times. 2014-10-08 14:24:01 +03:00
Thomas Bernard
97c001d464 add use(less ?)ful comments 2014-10-06 14:44:45 +02:00
Thomas Bernard
55c959247b miniupnpd/minissdp.c: remove warning if ipv6 is disabled 2014-10-06 14:44:23 +02:00
Thomas Bernard
c79c17115c miniupnpd/upnpsoap.c: DeletePortMapping now checks for client IP in Securemode 2014-09-25 11:47:16 +02:00
Thomas Bernard
9885060d5c miniupnpd/bsd/getifstats.c: make it compile with OpenBSD 4.3 
see commit 7f6cf3680e
 2014-09-15 17:12:31 +02:00
Gleb Smirnoff
7f6cf3680e Use BSD libc API to fetch data about interface statistics instead 
of nosing in kernel memory. This API should work on all versions
of FreeBSD/NetBSD/OpenBSD/Dragonfly.

This fixes compilation on FreeBSD 11, where kernel structures
have changed and protects against future breakages. It also
make the file much simplier.

Tested by:	Daniel Engberg <daniel.engberg.lists pyret.net>
 2014-09-14 13:41:49 +04:00
Thomas Bernard
05cc5daf14 update Changelog.txt files 2014-09-06 10:37:08 +02:00
Thomas Bernard
1961868cd5 miniupnpd/minissdp.c: add a default delay before SSDP response 
fixes #084
 2014-08-01 12:30:55 +02:00
sbyx
ef408d0857 Fix typo in byte conversion & writing in NAT-PMP 
This fixes https://github.com/miniupnp/miniupnp/issues/89.

Signed-off-by: Steven Barth <cyrus@openwrt.org>
 2014-07-31 08:43:48 +02:00
Daniel Becker
dcf658c55e miniupnpd/Makefile: make firewall detection consistent with genconfig.sh; assume PF if /etc/rc.subr and/or /etc/rc.conf not found on *BSD 2014-06-20 23:23:16 -07:00
Thomas Bernard
78d32ba012 Merge remote branch 'mikedld/remove-macosx-macro' 2014-06-16 10:54:03 +02:00
Mike Gelfand
c08833f9e8 Use _WIN32 instead of WIN32 to check for Windows 
MinGW defines both _WIN32 and WIN32 (and may even be the only compiler
doing so). Microsoft and Intel compilers only define _WIN32. Use the
common one to eliminate the need in defining WIN32 explicitly.
 2014-06-15 09:37:13 +03:00
Mike Gelfand
920845b107 Use built-in __APPLE__ macro instead of MACOSX 
GCC and Clang on Mac OS have a built-in __APPLE__ macro. Use it instead of
manually-defined MACOSX.
 2014-06-15 04:14:43 +03:00
Markus Stenberg
5aaac2c6f5 miniupnpd/pcpserver.c: ext_port field was not set in the (IPv6) firewall reply packet. Now setting it to int_port. 2014-06-02 19:39:06 +03:00
Markus Stenberg
3eb71223b4 For some reason, rules without ipv6.flags set (and proto set?) do not match at all at least on Linux 3.10. So with this patch, they do (and it took me a while to find out, sigh) 2014-05-29 17:56:48 +03:00
Thomas Bernard
50e370abcd miniupnpd/minissdp.c: Send SSDP announces to IPv6 link-local, site-local and global multicast addresses 2014-05-23 17:05:15 +02:00
Thomas Bernard
4069d9633c miniupnpd/minissdp.c: bind the SSDP IPv6 sending socket 2014-05-23 17:03:56 +02:00
Thomas Bernard
6bf84dc834 miniupnpd/minissdp.c: clean SendSSDPbyebye() 2014-05-23 12:07:39 +02:00
Thomas Bernard
c4c2f79c12 miniupnpd/minissdp.c: Add IPV6 multicast membership only on selected "LAN" interfaces 2014-05-22 10:22:04 +02:00
Thomas Bernard
00fbdb70cf miniupnpd/minissdp.c: AddMulticastMembershipIPv6() targets specific interface 2014-05-22 10:17:06 +02:00
Thomas Bernard
165aeef129 miniupnpd/minissdp.c: clean SendSSDPNotify() code 2014-05-22 10:12:26 +02:00
Thomas Bernard
0d32445f57 miniupnpd/Changelog.txt: catch up :) 2014-05-22 09:57:59 +02:00
Thomas Bernard
d916ce286a miniupnpd/miniupnpd.c: be more strict when parsing LAN addresses / interface names 2014-05-22 09:42:05 +02:00
Thomas Bernard
72463253dc miniupnpd: disable IPV6 if socket(PF_INET6) returns EAFNOSUPPORT 2014-05-22 01:38:18 +02:00
Thomas Bernard
9f78015a5b miniupnpd/minissdp.c: also listen on global SSDP multicast address FF0E::C 
Add comments about also sending the NOTIFY to this address
 2014-05-22 01:12:06 +02:00
Markus Stenberg
c038146cee Added ipv6_listening_ip option to override it from in6addr_any. 
This way IPv6 services can be selectively enabled on one IP too.
 2014-05-20 15:55:35 +03:00
Thomas Bernard
93d7bb6ae2 miniupnpd/asyncsendto.c: allow setting of source address (IPV6_PKTINFO) 2014-05-19 16:27:55 +02:00
Thomas Bernard
d851ad4c25 miniupnpd: Retreive PCP packed IPV6 destination address 2014-05-19 15:27:34 +02:00
Markus Stenberg
83c103bc3f Internal address check is mandatory even if third party option is set. 2014-05-19 13:23:21 +03:00
Thomas Bernard
b9c20cecab miniupnpd/pf/pfpinhole.c: use label to store pinhole description 2014-05-15 23:27:51 +02:00
Thomas Bernard
7154d30adc miniupnpd/pcpserver.c: prevent compiling with PCP_PEER on if not applicable 2014-05-15 12:29:10 +02:00
Thomas Bernard
653bc79292 miniupnpd/upnpsoap.c: Follow change in upnp_get_pinhole_info() 2014-05-15 12:11:42 +02:00
Markus Stenberg
c8ec092693 Added pcp_ prefix to allow_thirdparty option (options parsing reserved allow for it's own use). 2014-05-15 12:04:03 +02:00
Markus Stenberg
6b3ff0242d Made failed pinhole request actually fail in terms of return value too. 2014-05-15 12:03:18 +02:00
Markus Stenberg
924b6d1613 Checking lan only in non-thirdparty mode. 2014-05-15 12:02:46 +02:00
Markus Stenberg
28b3afbb8f Added TODO about IPv6 permission handling. 2014-05-15 12:02:12 +02:00
Markus Stenberg
3a457092ce Split Peer/Map logic to NAT- and FW specific parts. Updated TODO to include proxying. 
+ fixes
 2014-05-15 12:01:22 +02:00
Markus Stenberg
be6db5995d miniupnpd: work in progress on PCP pinhole support 2014-05-15 11:58:17 +02:00
Markus Stenberg
7c7407099e Added Linux get_pinhole_uid_by_index. 2014-05-15 11:45:37 +02:00
Markus Stenberg
e907d7bba6 miniupnpd: Some initial effort at actually adding pinhole support to PCP code. 2014-05-15 11:45:33 +02:00
Markus Stenberg
c000a00508 Fixed PEER supporting PCP to compile too. 2014-05-15 11:29:01 +02:00
Markus Stenberg
3e03562b77 miniupnpd: Added ENABLE_UPNPPINHOLE macro 
using ENABLE_UPNPPINHOLE to compile in the support for IPv6 Firewall pinholes.
It is enabled by either ENABLE_6CF_SERVICE or ENABLE_PCP + ENABLE_IPV6.
 2014-05-15 11:26:54 +02:00
Thomas Bernard
ba97c9b238 miniupnpd/pcpserver.c: fix ProcessPCPRequest() 
fix commit 620af3737c8beffe87e08b7e0c34ab1661251695
 2014-05-15 10:57:10 +02:00
Markus Stenberg
3f9000db76 Added unified description production, and also enforcing that desc matches in MAP/PEER delete (=> following RFC6887). Yay. 2014-05-15 10:51:00 +02:00
Thomas Bernard
de96dd47d5 update Changelog.txt files 2014-05-15 10:42:08 +02:00
Thomas Bernard
4dbbf34032 miniupnpd/upnpsoap.c: improve ExecuteSoapAction() 
improve commit 20f1e070a1
 2014-05-15 10:35:27 +02:00
Arran Cudbard-Bell
f27dd45973 Return 730 error where appropriate, and output helpful debug 2014-05-13 21:50:16 +01:00
Arran Cudbard-Bell
20f1e070a1 Don't call deletePortMapping method for deletePortMappingRange 
Length of strings needs to match before doing comparison, else we can stop early on a substring of the one were trying to match.
 2014-05-13 21:50:16 +01:00
Thomas Bernard
98109ea92e miniupnpd/getifaddr.c: fix when IPV6 is not enabled 2014-05-06 15:15:07 +02:00
Markus Stenberg
338a533a09 miniupnpd/pcpserver.c: Preliminary work for PCP fw control 
Added preliminary is_fw flag, and added af to getifaddr_in6. Made
option parsing follow the RFC and also made it bit more paranoid
(there were some security problems with length checks not being done
at right place all the time; simplified flow, should be easier to
verify now that it does nothing untoward).
 2014-05-06 15:12:42 +02:00
Markus Stenberg
d058fd3f36 miniupnpd/pcpserver.c: Added checks for third-party allowed for it to be used. 
If allowed, checking it against source address,
with inverse logic from that of non-thirdparty case.
 2014-05-06 13:30:04 +02:00
Markus Stenberg
5e5a9d39eb Added missing check for int_ip. 2014-05-06 13:27:42 +02:00
Markus Stenberg
2f5c3ce959 miniupnpd/pcpserver.c: Some IPv6 related work on PCP. 2014-05-06 13:26:06 +02:00
Thomas Bernard
0e49fe7e94 miniupnpd: change "allow_thirdparty" PCP option to a bit flag 2014-05-06 13:15:24 +02:00
Markus Stenberg
c801138c63 Added PCP third party option and made it's use an option. 2014-05-06 13:10:09 +02:00
Mike Frysinger
9f687cef9c use CPPFLAGS for -D/-I flags 
The standard variable for preprocessor flags (e.g. -I and -D) is
CPPFLAGS.  The default Makefile rules already use this variable
when compiling code, so we only need to convert the name.
 2014-04-29 16:56:24 -04:00
Mike Frysinger
30e510ac79 convert to LDLIBS 
The standard variable for adding -l flags is LDLIBS, not LIBS.
The default Makefile rules (which this code already relies on)
will use that when linking.

This also fixes a problem where we do not want to list -l flags
in the dependency of make targets.  When you do that, make will
do a file search in /lib and /usr/lib (hardcoded) and expand the
path to those absolute files.  This breaks when you try to cross-
compile miniupnpd for other platforms.
 2014-04-29 16:53:29 -04:00
Mike Frysinger
77a2ce69b6 respect standard $PKG_CONFIG env var 
Rather than hardcode `pkg-config`, allow people to set PKG_CONFIG to
point to a version customized for their build.
 2014-04-29 16:47:01 -04:00
Thomas Bernard
13037e57b7 miniupnpd/miniupnpd.conf: add a comment 2014-04-22 10:53:58 +02:00
Thomas Bernard
80713ba39a miniupnpd/Changelog.txt: catch up 2014-04-22 10:53:18 +02:00
Thomas Bernard
7a2bafd071 miniupnpd/miniupnpd.conf: add https_port option and rename port to http_port 2014-04-22 00:44:37 +02:00
Thomas Bernard
d31badae7d miniupnpd/natpmp.c: replace macros by functions 
see commit 67c28e7f8b (and comments)
 2014-04-21 21:36:45 +02:00
Thomas Bernard
ca9b8217b4 miniupnpd/pcpserver.c: Fix CheckExternalAddress() for working with 0 IPv4 mapped address 
fixes #69
 2014-04-21 19:32:09 +02:00
Thomas Bernard
8be1cc55c2 miniupnpd/pcpserver.c: Add comments to CheckExternalAddress() 2014-04-21 19:31:32 +02:00
Thomas Bernard
743dfef265 miniupnpd/miniupnpd.c: display HTTP / HTTPS in logs 2014-04-20 18:40:26 +02:00
Thomas Bernard
589b792873 miniupnpd/minissdp.c: comment about WFA. 2014-04-20 18:39:40 +02:00
Thomas Bernard
1dd48971b9 Merge branch 'https' 
Conflicts:
	miniupnpd/Makefile
	miniupnpd/pf/obsdrdr.c
 2014-04-20 18:12:04 +02:00
Thomas Bernard
1ff20069a1 miniupnpd/options.c: fix potential end of array access 2014-04-20 18:10:44 +02:00
Thomas Bernard
415d14fbe9 miniupnpd/options.c: Add https_port= option 
also add http_port= as a synonym to port=
 2014-04-20 18:06:00 +02:00
Thomas Bernard
7f85648277 miniupnpd/minissdp.c: clean up : port => http_port 2014-04-20 18:05:22 +02:00
Thomas Bernard
a310b3a0dc miniupnpd/bsd/ifacewatcher.c: RTM_ADD RTM_DELETE RTM_CHANGE 2014-04-18 10:26:58 +02:00
Thomas Bernard
848218fe2d miniupnpd/Makefile: fix for OpenBSD 2014-04-18 10:26:09 +02:00
Thomas Bernard
dee1fbe394 miniupnpd/bsd/ifacewatcher.c: add case RTM_GET 2014-04-18 10:12:31 +02:00
Thomas Bernard
a75719677a miniupnpd/Makefile: comment out crappy pf/ipf detection 2014-04-17 12:54:14 +02:00
Thomas Bernard
ed962213e8 miniupnpd/pf/obsdrdr.c: check that USE_PF is defined 
also fix a warning
 2014-04-16 09:59:49 +02:00
Thomas Bernard
204a3db655 miniupnpd/Makefile: link testportinuse with $LIBS 2014-04-16 01:20:34 +02:00
Thomas Bernard
1b8ed0b59d miniupnpd/upnpsoap.c: DeviceProtection has to check peer certificate 2014-04-15 15:40:03 +02:00
Dmitry Mostovenko
9e3547cdec miniupnpd/netfilter/iptables_*.sh: less usage of deprecated net-tools. Use iproute2 instead. 2014-04-15 15:57:10 +04:00
Thomas Bernard
67c28e7f8b miniupnpd/natpmp.c: Remove pointer casting, avoid possibility of unaligned memory access 2014-04-14 22:50:11 +02:00
Thomas BERNARD
db6de93f34 Merge pull request #65 from razzfazz/pcp_portinuse 
miniupnpd/pcpserver.c: add PCP support for CHECK_PORTINUSE
 2014-04-14 09:20:49 +02:00
Thomas Bernard
1140e1bddb miniupnpd/portinuse.c: minor cosmetic changes 2014-04-14 09:17:10 +02:00
Daniel Becker
eea9188eef miniupnpd/portinuse.c: whitespace cleanup 2014-04-13 04:28:47 -07:00
Daniel Becker
90cc5ad3e7 miniupnpd/portinuse.c: add FreeBSD support for CHECK_PORTINUSE 2014-04-13 04:15:58 -07:00
Daniel Becker
b4e00165a0 miniupnpd/pcpserver.c: add PCP support for CHECK_PORTINUSE 2014-04-12 23:14:11 -07:00
Thomas BERNARD
974692e7ac miniupnpd/Makefile.macosx: fix a typo 2014-04-12 09:37:06 +02:00
Thomas Bernard
11e71207c8 miniupnpd/upnphttp.c: log OpenSSL version used 2014-04-11 09:48:50 +02:00
Thomas Bernard
e8aca7a943 miniupnpd/genconfig.sh: adding HTTPS_CERTFILE / HTTPS_KEYFILE 2014-04-11 09:48:41 +02:00
Thomas Bernard
4f230c809b miniupnpd/asyncsendto.c: improve error handling in try_sendto() 
to help investigate issue #64
 2014-04-11 09:31:02 +02:00
Thomas Bernard
f789a3bab7 miniupnpd/getifaddr.c: check if interface is up 2014-04-11 00:03:13 +02:00
Thomas Bernard
947be5aafc upnphttp.c: Configure OpenSSL client cert verification 2014-04-10 23:28:41 +02:00
Thomas Bernard
e26174d05d miniupnpd: free OpenSSL memory 2014-04-09 16:09:31 +02:00
Thomas Bernard
e91bda48d7 upnpsoap.c: fix GetAssignedRoles() 2014-04-09 15:43:39 +02:00
Thomas Bernard
b4be392156 miniupnpd/portinuse.c: fix display in case of error 2014-04-09 15:38:54 +02:00
Thomas Bernard
e5757cdc45 miniupnpd.c: nothing important :) 2014-04-09 15:37:37 +02:00
Thomas Bernard
974c05c7be miniupnpd/pf/obsdrdr.c: remove compilation warning 2014-04-09 15:37:16 +02:00
Thomas Bernard
123eca279c upnpd/minissdp.c: enlarge SSDP packet buffer for sending 2014-04-09 15:36:38 +02:00
Thomas Bernard
6794650f5a miniupnpd/upnpsoap.c: Adding skeleton of DeviceProtection:1 implementation 2014-04-09 15:35:55 +02:00
Thomas Bernard
bbe96a15b6 miniupnpd: adding HTTPS support 2014-04-09 15:35:06 +02:00
Thomas Bernard
29e951c1e5 miniupnpd/Makefile: improve ipfw detection 2014-04-07 12:39:05 +02:00
Thomas Bernard
c4d99670e7 miniupnpd: Use SA_LEN consistently 2014-04-01 11:44:39 +02:00
Thomas Bernard
3491535854 miniupnpd/Makefile: Link test programs with LIBS 2014-04-01 11:44:08 +02:00
Thomas Bernard
3bd2388d4f miniupnpd/Makefile: remove -ansi flag 2014-04-01 11:43:31 +02:00
Thomas Bernard
6a194ffcfb miniupnpd/testportinuse.c: fix compilation with CHECK_PORTINUSE undefined 2014-03-28 13:15:09 +01:00
Thomas Bernard
08127b85d4 Merge branch 'portinuse' 
Conflicts:
	miniupnpd/Makefile.linux
 2014-03-28 12:52:18 +01:00
Thomas Bernard
f6f4e56bdf miniupnpd/portinuse: cleanup 2014-03-28 12:50:42 +01:00
Thomas Bernard
0decb351e9 miniupnpd/pcpserver.c: check source address of PCP request 2014-03-24 15:03:12 +01:00
Thomas Bernard
d233655630 miniupnpd/pcpserver.c: fix for IPv6 2014-03-24 12:15:50 +01:00
Thomas Bernard
ad88cc0819 miniupnpd: start work to enable IPv6 PCP operations 2014-03-24 12:07:31 +01:00
Thomas Bernard
f70484f27f miniupnpd/minissdp.c: reduce syslog() verbosity 
LOG_INFO => LOG_DEBUG
 2014-03-24 10:33:52 +01:00
Thomas Bernard
ba1875b52c miniupnpd/pcpserver.c: add comments 2014-03-24 10:24:41 +01:00
Thomas Bernard
7137665101 miniupnpd/pcpserver.c: prepare code to be able to manage more than just TCP and UDP 2014-03-24 10:24:19 +01:00
Thomas Bernard
814a6b253a miniupnpd/pcpserver.c: use const where useful 2014-03-24 10:23:07 +01:00
Thomas Bernard
b1fb9cfdc4 miniupnpd/pcpserver.c: take care of "nonce" value 2014-03-24 10:21:26 +01:00
Thomas Bernard
4a7f97c7f3 miniupnpd/pcp_msg_struct.h: comments 2014-03-22 13:12:10 +01:00
Thomas Bernard
6eab849b2e miniupnpd/portinuse.c: Improve error handling in DragonFly BSD code 2014-03-20 14:07:52 +01:00
Thomas Bernard
6419602e14 miniupnpd/portinuse: port_in_use() returns -1 in case of error 2014-03-20 13:49:10 +01:00
Thomas Bernard
aea062a7ba miniupnpd/portinuse.c: Add DragonFly BSD implementation 
Thanks to YONETANI Tomokazu.
 2014-03-20 13:40:53 +01:00
Thomas Bernard
5a3a670e89 miniupnpd/bsd/getifstats.c: fix for DragonFly BSD 
struct ifnet is private to kernel code and is hidden from the userland
code unless you define a macro _KERNEL_STRUCTURES.  Although other people
argue that it should be exposed as it is on other BSDs, that's the way
it is on DragonFly BSD.

Thanks to YONETANI Tomokazu for DragonFly BSD patches
 2014-03-19 12:25:52 +01:00
Thomas Bernard
75cb38edda miniupnpd/Makefile: allow to override FWNAME 2014-03-19 12:23:48 +01:00
Thomas Bernard
601bd2618b miniupnpd/Makefile: fix for DragonFly BSD 
TYPE : chechyesno => checkyesno
 2014-03-18 10:17:19 +01:00
Thomas Bernard
f7b6b1ec19 miniupnpd/Makefile: Mac OS X switched from ipfw to pf 
OS X 10.7 Lion switched to pf
 2014-03-18 09:34:25 +01:00
Thomas Bernard
708c83d873 miniupnpd/Makefile: fix for DragonFly BSD 2014-03-18 09:33:33 +01:00
Thomas BERNARD
e657211157 miniupnpd/Makefile.macosx: update for testasyncsendto and testportinuse 2014-03-17 15:36:10 +01:00
Thomas BERNARD
ba448fd7dd miniupnpd/testasyncsendto.c: remove warning if struct timeval fields are not long int 2014-03-17 15:35:18 +01:00
Thomas Bernard
a959e9e7de miniupnpd/upnpevents.c: comments/logs/etc. 2014-03-15 10:54:23 +01:00
Thomas Bernard
76170e5413 miniupnpd/upnphttp.c: Support for multiple URL in Callback: header (SUBSCRIBE) 2014-03-15 10:52:39 +01:00
Thomas Bernard
19261b6fef reject renewal of subscribtion that already timeouted 2014-03-15 10:51:32 +01:00
Thomas Bernard
3629b10ff5 miniupnpd: add port_in_use() implementation for OpenBSD 2014-03-14 12:08:13 +01:00
Thomas Bernard
dcce22647d miniupnpd: add testportinuse test program 2014-03-14 12:07:03 +01:00
Thomas Bernard
7cb493919f miniupnpd/getifaddr.c: don't use getifaddrs() in IPv4 only 
should fix #62 :
Don't use getifaddrs() in IPv4 only
so we avoid problems if getifaddrs() implementation is buggy
 2014-03-14 10:04:49 +01:00
Thomas Bernard
09bbaac63a miniupnpd/portinuse.c: add #ifdef __linux__ 
TODO : BSD Code
 2014-03-13 14:58:36 +01:00
Thomas Bernard
15a2320c86 miniupnpd/portinuse.c/iptcrdr.c: cosmetic changes 2014-03-13 14:49:05 +01:00
Thomas Bernard
c4e63048c4 miniupnpd: add CHECK_PORTINUSE to enable/disable port_in_use() 2014-03-13 14:48:52 +01:00
Thomas Bernard
06764123fb Merge remote branch 'origin/master' into portinuse 
Conflicts:
	miniupnpd/Makefile.linux
	miniupnpd/natpmp.c
 2014-03-13 14:19:44 +01:00
Thomas Bernard
a7d9071c5a miniupnpd/upnpevents.c: fix upnp_event_notify_connect() when ENABLE_IPV6 is set 2014-03-13 11:56:28 +01:00
Thomas Bernard
8d93ddb076 miniupnpd: change IP change msg from LOG_DEBUG to LOG_INFO 2014-03-13 11:34:34 +01:00
Thomas Bernard
9f665b572f miniupnpd: fix BSD Makefile 2014-03-13 11:34:34 +01:00
Thomas Bernard
62d6c860ce catch up Changelog.txt 
see commit 3ed3478398
 2014-03-13 11:34:34 +01:00
Thomas Bernard
7b13adafbd miniupnpd: reduce number of global variables by using more runtime_flags 
change ipv6_enabled/ipv6fc_inbound_pinhole_allowed/ipv6fc_firewall_enabled
global vars to flags in runtime_flags
 2014-03-13 11:34:33 +01:00
Thomas Bernard
15682180a5 miniupnpd: Work in IPv6 on system where PF_INET6 are restricted to IPv6 only 2014-03-13 11:34:08 +01:00
Thomas Bernard
2a48074f45 miniupnpd: Enable PCP by default. 2014-03-13 11:24:04 +01:00
Thomas Bernard
3ed3478398 miniupnpd/getifaddr.c: clean up and fix getifaddr_in6() 2014-03-13 10:42:07 +01:00
Thomas Bernard
81fa1bcd57 miniupnpd/getifaddr.c: getifaddr_in6() only return IPv4 address when IPV6 disabled 
see if it can help for issue #62
pcp/CheckAddress() is likely to need more changes.
 2014-03-13 10:00:42 +01:00
Thomas Bernard
d397d73628 miniupnpd/getifaddr.c: fix getifaddr_in6() 
-1 is returned if no address is found
 2014-03-13 09:56:34 +01:00
Thomas Bernard
081c46338c miniupnpd/upnppermissions.c: disable match_permission_internal() 2014-03-13 09:53:44 +01:00
Daniel Becker
408a0b55f6 miniupnpd/pcpserver.c: return error code if PCP mapping fails 
This change causes CreatePCPMap to return a PCP_ERR_NO_RESOURCES
response when upnp_redirect_internal does not succeed;
previously, no error code was returned in this case.
 2014-03-11 02:06:38 -07:00
Daniel Becker
efbb95aa10 miniupnpd/pcpserver.c: port NAT-PMP updates to PCP 
This change ports the recent updates to the permissions checking
and eport selection code for NAT-PMP to the PCP MAP handler.
 2014-03-11 01:54:10 -07:00
Thomas Bernard
210876f2a7 miniupnpd/natpmp.c: make indentation consistant and add a comment 2014-03-11 09:47:09 +01:00
Daniel Becker
4f160366bd miniupnpd/natpmp.c: remove obsolete assignment 
The eport_first variable now gets initialized in the first
iteration of the while loop; the assignment right before the
loop should have been removed in the previous commit.
 2014-03-10 11:14:49 -07:00
Daniel Becker
f4f4573f53 miniupnpd: fix eport selection and error handling 
The find_available_eport function that was intended to check if
at least one eport is allowed for a given iaddr/iport does not
work as intended; for example, it does not properly handle rule
precedence (i.e., it considers allow rules even if they are
effectively masked by earlier deny rules), and it also does not
handle the case where no rules are specified at all (which
should default to accept in order to be consistent with
check_upnp_rule_against_permissions). The present change removes
this function and instead integrates the check into the existing
while loop that iterates over all eports.
 2014-03-10 00:32:23 -07:00
Thomas Bernard
ecf414e160 miniupnpd/Changelog.txt: Catch up changes... 2014-03-10 00:12:20 +01:00
Thomas Bernard
a27979afde Merge branch 'fix_pf_redirect' 
Conflicts:
	miniupnpd/pf/testobsdrdr.c
 2014-03-10 00:03:06 +01:00
Thomas BERNARD
0ff8e67c26 Merge pull request #57 from razzfazz/natpmp_avoid_port_zero 
miniupnpd/natpmp.c: skip port zero when finding free eport
 2014-03-08 01:03:43 +01:00
Daniel Becker
1db670d6ff miniupnpd/natpmp.c: skip port zero when finding free eport 
When skipping ports that are in use or not allowed, the existing
NAT-PMP code will consider port zero as a candidate eport after
wraparound occurs. Since this is not a legal port, we skip over it.

port zero as an eport value.
 2014-03-07 11:02:04 -08:00
Daniel Becker
ba04327bb0 miniupnpd/natpmp.c: remove redundant break statements 
These two break statements are redundant: The subsequent continue
statement will cause the loop condition to be re-evaluated, at which
point the loop will terminate if resp[3] != 0.
 2014-03-07 07:42:40 -08:00
Thomas Bernard
e385db03b9 miniupnpd: improved permission checking for NAT-PMP 
NAT-PMP now searches an allowed eport if the one from
request is not, instead of returning an error
 2014-03-07 11:48:17 +01:00
Thomas Bernard
b7ee469980 miniupnpd/pf: update testobsdrdr.c 2014-03-06 14:24:58 +01:00
Thomas Bernard
60e129d131 miniupnpd/pf: delete_redirect_and_filter_rules() now take internal address into account 2014-03-06 14:24:10 +01:00
Thomas Bernard
acc149ee99 miniupnpd/pf: fix add_filter_rule2() by adding internal address 2014-03-06 14:23:13 +01:00
Thomas Bernard
65b776f1ed miniupnpd/pf: add clear_filter_rules() for testing 
also add a --clear / -c argument to testobsdrdr programm
 2014-03-06 14:21:39 +01:00
Thomas Bernard
f49a70aab0 miniupnpd/testgetifaddr.c: also test find_ipv6_addr() 2014-03-03 12:37:01 +01:00
Thomas Bernard
e5146cdf24 miniupnpd/Makefile.linux: fixes for testasyncsendto 
also update dependencies
 2014-03-03 12:35:12 +01:00
Daniel Becker
edd501f59c miniupnpd/natpmp.c: return correct error code when all external ports in use 
Instead of returning code 3 ("Network Failure"), we should the
more appropriate code 4 ("Out of resources") when no external
port is available for a mapping.
 2014-02-28 14:47:53 -08:00
Thomas Bernard
5512d022ac miniupnpd/pf/obsdrdr.c: add UNUSED() when necessary 2014-02-28 21:28:12 +01:00
Thomas Bernard
9d23b88cef miniupnpd/pf: replace delete_filter_rule() 
now use delete_redirect_and_filter_rules()
 2014-02-28 21:26:52 +01:00
Thomas Bernard
37208eecae miniupnpd/pf/obsdrdr.c: improve documentation 2014-02-28 21:22:52 +01:00
Thomas Bernard
9c7df04b13 miniupnpd/pcpserver.c: fix defines 
with OpenBSD,  <netinet/in.h> must be included before <arpa/inet.h>
 2014-02-28 20:26:02 +01:00
Thomas Bernard
56aca98164 miniupnpd/pf: catch up test programs 2014-02-28 20:20:51 +01:00
Thomas Bernard
802ad22f4d miniupnpd: minor stuff (remove warning, add debug log) 2014-02-28 16:40:20 +01:00
Thomas Bernard
dbdad6a79b miniupnpd: improve finalize_sendto() 2014-02-28 16:39:59 +01:00
Thomas Bernard
b71e0c028f Merge branch 'limit_eport_search' 2014-02-28 13:36:28 +01:00
Thomas Bernard
3c90f6a30d miniupnpd/natpmp.c: avoid hang when all external ports in use 
reorganize a bit
 2014-02-28 13:34:46 +01:00
Thomas Bernard
8fc7f0b5e1 miniupnpd: log message when shutting down 2014-02-28 13:16:22 +01:00
Thomas Bernard
6dff4263bd miniupnpd/Changelog.txt catch up... 2014-02-28 13:16:06 +01:00
Daniel Becker
c6a8879c87 miniupnpd/natpmp.c: avoid hang when all external ports in use 
The NAT-PMP code attempts to find a different eport if the
requested one is already in use. If all eports are in use, that
would previously cause the code to iterate through the range of
eports forever. To avoid this case, we keep track of the first
eport we attempted to use and abort the loop once we've cycled
through all possible values exactly once (which takes us back
to the initial eport).
 2014-02-28 00:00:26 -08:00
hashiz
1efb4cc03c * fix incorrect filter port in pf redirect. 2014-02-28 11:28:07 +09:00
Thomas Bernard
c492b6f56f minissdp.c: try again write after EINTR in SubmitServicesToMiniSSDPD() 2014-02-26 02:02:34 +01:00
Thomas Bernard
34d0954718 Merge branch 'sendto_schedule' 2014-02-25 11:47:30 +01:00
Thomas Bernard
ec1686f29f miniupnpd/minissdp: Introduce SSDP_RESPOND_SAME_VERSION 
changes something when compiled as IGDv2.
 2014-02-25 11:45:51 +01:00
Thomas Bernard
9832adc456 miniupnpd/minissdp.c: send ssdp:alive packets more than once 
fixes #35
 2014-02-25 11:37:36 +01:00
Thomas Bernard
a06c695fe3 miniupnpd/asyncsendto: finalize_sendto() 2014-02-25 11:36:58 +01:00
Thomas Bernard
02165b70dc minissdp.c: wait for a delay before answering M-SEARCH 2014-02-25 11:16:34 +01:00
Thomas Bernard
c1e624ecd4 miniupnpd: use asyncsendto 2014-02-25 11:15:30 +01:00
Thomas Bernard
cbc1a3c96a miniupnpd: add sendto() queuing 2014-02-25 11:10:05 +01:00
Thomas Bernard
1985cbf3ef asyncsendto: remove failed sendto() from queue 2014-02-25 11:08:27 +01:00
Thomas Bernard
d20d959920 miniupnpd/asyncsendto.h: improve comments/doc 2014-02-25 11:07:47 +01:00
Thomas Bernard
e00c1bc6e9 miniupnpd.c: init random number generator in init() 2014-02-25 10:24:22 +01:00
Thomas Bernard
8691c9c0e0 miniupnpd.c: improve comment for init() 2014-02-25 10:23:59 +01:00
Thomas Bernard
06d9d36e99 miniupnpd/asyncsendto: make sendto_schedule work 2014-02-20 16:08:20 +01:00
Thomas Bernard
b2143eff94 implementation of queuing of messages to send. 2014-02-18 09:34:42 +01:00
Christopher Meng
86d3e7c053 Corrent the binary permission from 555 to 755 2014-02-14 16:56:10 +08:00
Thomas Bernard
16ea0db411 miniupnpd: Fix PCP Map renewal 2014-02-11 10:41:26 +01:00
Thomas Bernard
50f8f6c76f miniupnpd/pcpserver.c: add info message for Mapping renewal 2014-02-11 10:40:46 +01:00
Thomas Bernard
32b6e8c0fa miniupnpd/commonrdr.h: improve comments 2014-02-11 10:38:50 +01:00
Thomas Bernard
bc67a7133b miniupnpd/upnputils.c: improve log in get_lan_for_peer() 2014-02-06 10:57:51 +01:00
Thomas Bernard
18f02dccb3 miniupnpd: possibility to disable ipv6 at runtime 
fixes #049
 2014-02-06 10:57:39 +01:00
Thomas Bernard
b7a4f8d696 minixml.c: now handle XML comments 2014-02-03 11:28:31 +01:00
Thomas Bernard
538c002373 miniupnpd: PCP Add support for ANNOUNCE requests 2014-02-03 10:50:29 +01:00
Thomas Bernard
46905418ca miniupnpd: various PCP fixes 2014-02-03 10:49:59 +01:00
Thomas Bernard
f6b5408e87 miniupnpd: define min/max_lifetime only when needed 2014-02-03 10:47:47 +01:00
Thomas Bernard
3712118bc4 miniupnpd: removed unused code 
ScanNATPMPforExpiration() CleanExpiredNATPMP() are not used anymore
 2014-02-03 10:45:59 +01:00
Thomas Bernard
18db1145ea miniupnpd.c: comments in parselanaddr() 2014-02-03 10:44:24 +01:00
Thomas Bernard
49780a99ea miniupnpd/minissdp.c: check return value of AddMulticastMembershipIPv6() 2014-02-03 10:42:38 +01:00
Thomas Bernard
064fcd2739 miniupnpd/pcpserver.c: Removed IPV6_ADDR_COPY and other simplifications 
modifications that were forgotten in commit e23c589972
 2014-01-27 12:07:54 +01:00
Thomas Bernard
0734265092 Makefile.linux: update dependencies 2014-01-27 11:09:30 +01:00
Thomas Bernard
401c624bcf miniupnpd/INSTALL: update infos 
rdr-anchor lines should be removed in OpenBSD since 4.7
rephrased a bit the part about permissions
 2014-01-14 09:26:24 +01:00
Thomas Bernard
a93393df44 update README's to include PCP 2014-01-14 09:25:19 +01:00
Thomas Bernard
3b0055f1a5 Merge remote branch 'origin/config_manufacturer' 2013-12-24 15:38:19 +01:00
Thomas Bernard
4fe0fb1809 miniupnpd/pcpserver.c: minor syntax fixes 2013-12-16 17:04:45 +01:00