have this running on a wrt160n with a broken upnp and it's working great so far.. thanks!!! (btw, I disabled the usual pnp in the dd-wrt tabs so that's correct, right?)
and btw, had to kill the httpd cuz of its cpu load but seems the miniupnp is still running good...
Yes you disable upnp in the webif, this is independent of any other service. As long as miniupnpd is running your ports should be forwarded correctly. But you did give me the idea to make sure and kill the default DD-WRT upnp if its still running. _________________ Eko Builds
no offense, but I've followed both guides for this miniupnpd and now tried what seems to be this stupid easy script, but I have no evidence it runs at all. Shouldn't it at the VERY least have a pid file?
no offense, but I've followed both guides for this miniupnpd and now tried what seems to be this stupid easy script, but I have no evidence it runs at all. Shouldn't it at the VERY least have a pid file?
Instead of setting your firewall script to:
Code:
wget http://hackthecode.googlecode.com/files/miniupnpd.sh | sh
you may want to try this:
Code:
cd /tmp
wget http://hackthecode.googlecode.com/files/miniupnpd.sh
chmod +x /tmp/miniupnpd.sh
/tmp/miniupnpd.sh
See if that works for you.
You may even want to log into your router via telnet or SSH, and do the above manually to ensure that it works (so you can see the script's output).
Either way, once/if it has run correctly, you will find a miniupnpd executable, and a PID file in your /tmp directory.
question, wouldn't it make much more sense that this was a startup script? Honestly when is the "firewall" script run anyhow? I would conclude that that is likely the point of failure for me, I've just been going with the assumption that everyone knows better than me on this, but suddenly I feel stupid for never trying.
I haven't got an internet connection other than my phone, so I have no way to test this fully. I say save it as a firewall script so it will get rerun when the firewall reloads and removes the MINIUPNPD rules. If you don't it won't function when the firewall reloads because the rule will be gone. I will change the script a little but like I said I can't debug it as I don't have net.
Thanks for helping out edrikk. _________________ Eko Builds
question, wouldn't it make much more sense that this was a startup script? Honestly when is the "firewall" script run anyhow?
I don't know how many time I need to explain this... The firewall script is run whenever the WAN interface changes to an UP state and many parts of the GUI will run it too. If you use it as a startup script then all your iptables stuff that does the real work of forwarding ports will be wiped out when the firewall runs. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
glad I was able to give you ideas on improving your script; my nephew's xbox is loving the miniupnp...
autobot wrote:
jugstah wrote:
have this running on a wrt160n with a broken upnp and it's working great so far.. thanks!!! (btw, I disabled the usual pnp in the dd-wrt tabs so that's correct, right?)
and btw, had to kill the httpd cuz of its cpu load but seems the miniupnp is still running good...
Yes you disable upnp in the webif, this is independent of any other service. As long as miniupnpd is running your ports should be forwarded correctly. But you did give me the idea to make sure and kill the default DD-WRT upnp if its still running.
I have been testing this script manually via SSH and am not convinced the iptables are being fully cleared.
If I run the script multiple times, miniupnpd seems to get confused about what ports are already open. The command "iptables -L MINIUPNPD" shows nothing but both Windows and a debug output shows ports left around from the last run.
The source code for miniupnpd has a shutdown script called iptables_removeall.sh so I modifed the "delete" part of yout script to look like this:
That seems to have fixed the problem. I can now run the script multiple times and everything seems to be in sync.
I am no iptables expert and I have no idea what the difference is between the above and your version. The iptables_removeall.sh script actually does a few other commands which again I don't know if they are needed.
I tested my iptables method thoroughly and it worked good for me, I wonder what causes your problem. I haven't looked at the source since I compiled this, I will look at the mentioned files and try and come up with something if I can find time. Thanks for reporting your results, I will test your method for the iptables rule and integrate it if it works consistently. _________________ Eko Builds
Thanks, maybe its because I am testing standalone from the SSH prompt rather than as part of the firewall startup.
I did notice that this command from your script:
Code:
$IPT -F
seems to be wiping out the entire firewall rules, not just those belonging to miniupnpd. Is that intentional? I only noticed when I did a ShieldsUp port scan and found every low numbered port closed instead of stealth (and a few open).
The solution in the last post is to use "miniupnpdctl".
Looking at the source, this appears to be a binary built along with miniupnpd. Autobot, I don't suppose you have a copy from your compiled build, please?