pfSense Support Subscription

Author Topic: UPnP support  (Read 115889 times)

0 Members and 1 Guest are viewing this topic.

Offline rsw686

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 520
    • View Profile
    • The Reptile File
Re: UPnP support
« Reply #315 on: November 24, 2006, 01:37:55 pm »
I committed version 20061123. This addresses the address in use error, which can happen if other services are using the interface assigned to miniupnpd. Full installs just reinstall the package. Embeddeds you can update via the usual instructions.

Offline Superman

  • Full Member
  • ***
  • Posts: 136
    • View Profile
Re: UPnP support
« Reply #316 on: November 28, 2006, 06:52:20 pm »
Just a note, this package is working EXCELLENT now!! No more 100% CPU problems, no address in use problems in the case of a service restart, really no problems!!

Thanks for all your hard work everyone involved!!

Offline sullrich

  • Hero Member
  • *****
  • Posts: 5110
    • View Profile
    • pfSense
Re: UPnP support
« Reply #317 on: November 28, 2006, 06:54:50 pm »
Excellent.  This package indeed has turned out to be a first class package.

We will be merging this into -BASE for future versions due to it working so well.

So all you embedded users, rejoice.

Offline Skud

  • Jr. Member
  • **
  • Posts: 54
    • View Profile
Re: UPnP support
« Reply #318 on: November 28, 2006, 09:47:20 pm »
Agreed...

This has come such a long way... Congratulations for making this such a first class package and helping to make pfsense even better..

Riley

Offline bradenmcg

  • Jr. Member
  • **
  • Posts: 97
  • AS13697
    • View Profile
Re: UPnP support
« Reply #319 on: November 28, 2006, 10:04:35 pm »
Yay for putting it in -BASE!

All your -BASE are belong to us?   ;D

Again, it is really great that pfSense is now the only free firewall implementation to properly handle UPnP.  I have a feeling that once it goes into -BASE we might get more XBox owners looking for a good firewall system...  :)

Offline Phobia

  • Jr. Member
  • **
  • Posts: 98
    • View Profile
Re: UPnP support
« Reply #320 on: November 29, 2006, 12:22:23 pm »
Nice looking package.  I have a question - I appologise if it has already been answered.

Is this package able to handle Multi/Dual WAN setups, or does it simply route traffic through one of the two links? (is it possible to choose which?)

Thanks!

-- Phob

Offline sullrich

  • Hero Member
  • *****
  • Posts: 5110
    • View Profile
    • pfSense
Re: UPnP support
« Reply #321 on: November 29, 2006, 12:24:05 pm »
Single WAN only ATM.

Offline rsw686

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 520
    • View Profile
    • The Reptile File
Re: UPnP support
« Reply #322 on: November 29, 2006, 04:54:16 pm »
Single WAN only ATM.

I could be wrong on this but can't they just use the external address field to specify which wan to use? This would require have a static ip or a dynamic one that rarely changes.

Offline sullrich

  • Hero Member
  • *****
  • Posts: 5110
    • View Profile
    • pfSense
Re: UPnP support
« Reply #323 on: November 29, 2006, 09:25:17 pm »
Single WAN only ATM.

I could be wrong on this but can't they just use the external address field to specify which wan to use? This would require have a static ip or a dynamic one that rarely changes.

It needs to also add reply-to against the firewall rules to make this work properly iirc.

Offline tmetz

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: UPnP support
« Reply #324 on: December 02, 2006, 10:53:08 am »
Outstanding work all!

I haven't seen anyone else bring this up but I don't see the port mappings on the status page. I know the daemon is working.

If I type:

# pfctl -aminiupnpd -sn
rdr log on vr1 inet proto tcp from any to any port = 6881 label "utorrent" -> 192.168.10.149 port 6881
# pfctl -aminiupnpd -sr
pass in log quick on vr1 inet proto tcp from any to any port = 6881 keep state label "utorrent"
#

I see my mappings but they never show up on https://pfsense/status_upnp.php. In Firefox 2.0 I do see a table with blank rows, if there is one mapping I see one blank row, if there are 4 mappings I see 4 blank rows. In IE6 I see no table at all.

Thx,

Tim

Offline rsw686

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 520
    • View Profile
    • The Reptile File
Re: UPnP support
« Reply #325 on: December 02, 2006, 11:51:20 am »
Outstanding work all!

I haven't seen anyone else bring this up but I don't see the port mappings on the status page. I know the daemon is working.

If I type:

# pfctl -aminiupnpd -sn
rdr log on vr1 inet proto tcp from any to any port = 6881 label "utorrent" -> 192.168.10.149 port 6881
# pfctl -aminiupnpd -sr
pass in log quick on vr1 inet proto tcp from any to any port = 6881 keep state label "utorrent"
#

I see my mappings but they never show up on https://pfsense/status_upnp.php. In Firefox 2.0 I do see a table with blank rows, if there is one mapping I see one blank row, if there are 4 mappings I see 4 blank rows. In IE6 I see no table at all.

Thx,

Tim

Thats really weird. I just tested on both Firefox 2.0 and IE6. Mine shows the mappings. Remove and reinstall the package and see if that fixes it.
« Last Edit: December 02, 2006, 11:53:13 am by rsw686 »

Offline tmetz

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: UPnP support
« Reply #326 on: December 02, 2006, 04:29:55 pm »
Outstanding work all!

I haven't seen anyone else bring this up but I don't see the port mappings on the status page. I know the daemon is working.

If I type:

# pfctl -aminiupnpd -sn
rdr log on vr1 inet proto tcp from any to any port = 6881 label "utorrent" -> 192.168.10.149 port 6881
# pfctl -aminiupnpd -sr
pass in log quick on vr1 inet proto tcp from any to any port = 6881 keep state label "utorrent"
#

I see my mappings but they never show up on https://pfsense/status_upnp.php. In Firefox 2.0 I do see a table with blank rows, if there is one mapping I see one blank row, if there are 4 mappings I see 4 blank rows. In IE6 I see no table at all.

Thx,

Tim

Thats really weird. I just tested on both Firefox 2.0 and IE6. Mine shows the mappings. Remove and reinstall the package and see if that fixes it.

I went so far as to remove all my packages, rename the admin account back to admin (I had changed it), then re-installed. Same behavior.
Tried multiple PC's and even one at work via a port forward on the wan interface. Same behavior.
I then turned off SSL and went back to http. Same behavior.
Went to upnp settings and unchecked both Log packets handled by miniupnpd rules? and Use system uptime instead of miniupnpd uptime? and now it's working!
checked both boxes again, NOT working
uncheck both boxes, working.
check log packets, not working
uncheck log packets, working
check uptime box, not working

in between all these checks, I would restart utorrent and run pfctl -aminiupnpd -sn ensuring there was data to display.

My current state is SSL back on, both upnp boxes unchecked and I can see my current mappings.

I'm baffled but happy to see my mappings.

Tim




Offline rsw686

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 520
    • View Profile
    • The Reptile File
Re: UPnP support
« Reply #327 on: December 03, 2006, 08:10:25 am »
Thanks for figuring that out. I have verified this behavior and will try and fix it. It only happens on my box if log packets is checked. This is what you found right?

EDIT: I found the issue. I wll commit this in a few and you can either reinstall the package again or in the web gui goto diagnostics -> edit file.

Open /usr/local/www/status_upnp.php

Find the following line

if (preg_match("/rdr on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches))

and remove "rdr ". It should look like the below

if (preg_match("/on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches))
« Last Edit: December 03, 2006, 08:42:20 am by rsw686 »

Offline tmetz

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: UPnP support
« Reply #328 on: December 03, 2006, 08:49:04 am »
Thanks for figuring that out. I have verified this behavior and will try and fix it. It only happens on my box if log packets is checked. This is what you found right?

EDIT: I found the issue. I wll commit this in a few and you can either reinstall the package again or in the web gui goto diagnostics -> edit file.

Open /usr/local/www/status_upnp.php

Find the following line

if (preg_match("/rdr on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches))

and remove "rdr ". It should look like the below

if (preg_match("/on (.*) inet proto (.*) from any to any port = (.*) label \"(.*)\" -> (.*) port (.*)/", $rdr_entry, $matches))

Great, thx! Yes, I just retested and the problem was only with log packets and not the time option.

Tim

Offline charincol

  • Jr. Member
  • **
  • Posts: 28
    • View Profile
Re: UPnP support
« Reply #329 on: December 04, 2006, 07:41:10 pm »
Just want to say thanks to all who made this package work so well.  I was able to remove the forwarded port mappings for uTorrent and eMule and both are opening and closing the needed ports perfectly.  I tested this with Windows SSDP and UPnP services disabled and both still work.  uTorrent has UPnP built into it, but you have to use the eMule MorphXT version of eMule to get UPnP built in.