Como você configura o miniupnpd?

1

Não consigo configurar o miniupnpd corretamente. Fiquei perplexo ......

$ upnpc -r 9999 tcp
upnpc : miniupnpc library test client. (c) 2005-2013 Thomas Bernard
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
 desc: http://192.168.0.1:51115/rootDesc.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

Found valid IGD : http://192.168.0.1:51115/ctl/IPConn
Local LAN ip address : 192.168.0.112
ExternalIPAddress = 123.118.113.117
GetSpecificPortMappingEntry() failed with code 402 (Invalid Args)

No roteador:

Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP connection from [::ffff:192.168.0.112]:38655
Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Jul 14 07:51:45 alarmpi miniupnpd[27357]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress
Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP connection from [::ffff:192.168.0.112]:38656
Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Jul 14 07:51:45 alarmpi miniupnpd[27357]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
Jul 14 07:51:45 alarmpi miniupnpd[27357]: AddPortMapping: ext port 9999 to 192.168.0.112:9999 protocol TCP for: libminiupnpc leaseduration=0 rhost=NULL
Jul 14 07:51:45 alarmpi miniupnpd[27357]: redirecting port 9999 to 192.168.0.112:9999 protocol TCP for: libminiupnpc
Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP connection from [::ffff:192.168.0.112]:38657
Jul 14 07:51:45 alarmpi miniupnpd[27357]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Jul 14 07:51:45 alarmpi miniupnpd[27357]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry
Jul 14 07:51:45 alarmpi miniupnpd[27357]: Returning UPnPError 402: Invalid Args

Meu arquivo de configuração:

# WAN network interface                                                                                                                        
ext_ifname=ppp0                                                                                                                                
#ext_ifname=xl1                                                                                                                                
# if the WAN interface has several IP addresses, you                                                                                           
# can specify the one to use below                                                                                                             
#ext_ip=                                                                                                                                       

# LAN network interfaces IPs / networks                                                                                                        
# there can be multiple listening ips for SSDP traffic.                                                                                        
# should be under the form nnn.nnn.nnn.nnn/nn                                                                                                  
# It can also be the network interface name (ie "eth0")                                                                                        
# It if mandatory to use the network interface name to enable IPv6                                                                             
# HTTP is available on all interfaces.                                                                                                         
# When MULTIPLE_EXTERNAL_IP is enabled, the external ip                                                                                        
# address associated with the subnet follows. for example :                                                                                    
#  listening_ip=192.168.0.1/24 88.22.44.13                                                                                                     
listening_ip=192.168.0.1/24                                                                                                                    
#listening_ip=192.168.10.109/24                                                                                                                
#listening_ip=eth0                                                                                                                             
# port for HTTP (descriptions and SOAP) traffic. set 0 for autoselect.
port=0

# path to the unix socket used to communicate with MiniSSDPd
# If running, MiniSSDPd will manage M-SEARCH answering.
# default is /var/run/minissdpd.sock
#minissdpdsocket=/var/run/minissdpd.sock

# enable NAT-PMP support (default is no)
enable_natpmp=no

# enable UPNP support (default is yes)
enable_upnp=yes

# chain names for netfilter (not used for pf or ipf).
# default is MINIUPNPD for both
#upnp_forward_chain=forwardUPnP
#upnp_nat_chain=UPnP

# lease file location
#lease_file=/var/log/upnp.leases

# name of this service, default is "'uname -s' Router"
#friendly_name=MiniUPnPd router

# bitrates reported by daemon in bits per second
bitrate_up=1000000
bitrate_down=10000000

# "secure" mode : when enabled, UPnP client are allowed to add mappings only
# to their IP.
#secure_mode=yes
secure_mode=no

# default presentation url is http address on port 80
# If set to an empty string, no presentationURL element will appear
# in the XML description of the device, which prevents MS Windows
# from displaying an icon in the "Network Connections" panel.
#presentation_url=http://www.mylan/index.php

# report system uptime instead of daemon uptime
system_uptime=yes

# notify interval in seconds. default is 30 seconds.
#notify_interval=240
notify_interval=60

# unused rules cleaning.
# never remove any rule before this threshold for the number
# of redirections is exceeded. default to 20
#clean_ruleset_threshold=10
# clean process work interval in seconds. default to 0 (disabled).
# a 600 seconds (10 minutes) interval makes sense
clean_ruleset_interval=600

# log packets in pf (default is no)
#packet_log=no

# anchor name in pf (default is miniupnpd)
#anchor=miniupnpd

# ALTQ queue in pf
# filter rules must be used for this to be used.
# compile with PF_ENABLE_FILTER_RULES (see config.h file)
#queue=queue_name1

# tag name in pf
#tag=tag_name1

# make filter rules in pf quick or not. default is yes
# active when compiled with PF_ENABLE_FILTER_RULES (see config.h file)
#quickrules=no

# uuid : generate your own with "uuidgen"
uuid=acd02b30-e784-4591-acb1-911f87562475

# serial and model number the daemon will report to clients
# in its XML description
serial=12345678
model_number=1

# UPnP permission rules
# (allow|deny) (external port range) ip/mask (internal port range)
# A port range is <min port>-<max port> or <port> if there is only
# one port in the range.
# ip/mask format must be nn.nn.nn.nn/nn
# it is advised to only allow redirection of port above 1024
# and to finish the rule set with "deny 0-65535 0.0.0.0/0 0-65535"
allow 1024-65535 192.168.0.0/24 1024-65535
allow 0-65535 0.0.0.0/0 0-65535
#allow 1024-65535 192.168.1.0/24 1024-65535
#allow 1024-65535 192.168.0.0/23 22
#allow 12345 192.168.7.113/32 54321

É um problema de permissão?

    
por 比尔盖子 14.07.2013 / 08:59

1 resposta

1

É a chamada GetSpecificPortMappingEntry() que está falhando, não a AddPortMapping() one. Você pode usar o comando upnpc -l para ver se o mapeamento de portas foi adicionado.

GetSpecificPortMappingEntry() retornará o erro 402 se os argumentos NewExternalPort , NewProtocol ou NewRemoteHost estiverem faltando.

O argumento

NewRemoteHost é verificado apenas se o miniupnpd for compilado no modo STRICT .

Para dar uma resposta mais completa, preciso saber qual é a sua plataforma e quais opções de compilação foram usadas para miniupnpd (no arquivo config.h ).

    
por 21.01.2014 / 15:34

Tags