MiniUPnPd Web Installer - Available For Testing

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next
Author Message
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Fri Dec 18, 2009 3:46    Post subject: Reply with quote
jugstah wrote:
have this running on a wrt160n with a broken upnp and it's working great so far.. thanks!!! (btw, I disabled the usual pnp in the dd-wrt tabs so that's correct, right?)

and btw, had to kill the httpd cuz of its cpu load but seems the miniupnp is still running good...


Yes you disable upnp in the webif, this is independent of any other service. As long as miniupnpd is running your ports should be forwarded correctly. But you did give me the idea to make sure and kill the default DD-WRT upnp if its still running.

_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed
Sponsor
bkaler
DD-WRT Novice


Joined: 29 Sep 2006
Posts: 30

PostPosted: Fri Dec 18, 2009 16:10    Post subject: Reply with quote
no offense, but I've followed both guides for this miniupnpd and now tried what seems to be this stupid easy script, but I have no evidence it runs at all. Shouldn't it at the VERY least have a pid file?
edrikk
DD-WRT User


Joined: 31 Oct 2009
Posts: 186
Location: Canada

PostPosted: Fri Dec 18, 2009 16:34    Post subject: Reply with quote
bkaler wrote:
no offense, but I've followed both guides for this miniupnpd and now tried what seems to be this stupid easy script, but I have no evidence it runs at all. Shouldn't it at the VERY least have a pid file?


Instead of setting your firewall script to:

Code:
wget http://hackthecode.googlecode.com/files/miniupnpd.sh | sh


you may want to try this:


Code:

cd /tmp
wget http://hackthecode.googlecode.com/files/miniupnpd.sh
chmod +x /tmp/miniupnpd.sh
/tmp/miniupnpd.sh


See if that works for you.

You may even want to log into your router via telnet or SSH, and do the above manually to ensure that it works (so you can see the script's output).



Either way, once/if it has run correctly, you will find a miniupnpd executable, and a PID file in your /tmp directory.
bkaler
DD-WRT Novice


Joined: 29 Sep 2006
Posts: 30

PostPosted: Fri Dec 18, 2009 17:32    Post subject: Reply with quote
that seems to work!

question, wouldn't it make much more sense that this was a startup script? Honestly when is the "firewall" script run anyhow? I would conclude that that is likely the point of failure for me, I've just been going with the assumption that everyone knows better than me on this, but suddenly I feel stupid for never trying.
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Fri Dec 18, 2009 18:06    Post subject: Reply with quote
I haven't got an internet connection other than my phone, so I have no way to test this fully. I say save it as a firewall script so it will get rerun when the firewall reloads and removes the MINIUPNPD rules. If you don't it won't function when the firewall reloads because the rule will be gone. I will change the script a little but like I said I can't debug it as I don't have net.

Thanks for helping out edrikk.

_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141

PostPosted: Fri Dec 18, 2009 18:54    Post subject: Reply with quote
bkaler wrote:
question, wouldn't it make much more sense that this was a startup script? Honestly when is the "firewall" script run anyhow?

I don't know how many time I need to explain this... The firewall script is run whenever the WAN interface changes to an UP state and many parts of the GUI will run it too. If you use it as a startup script then all your iptables stuff that does the real work of forwarding ports will be wiped out when the firewall runs.

_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
jugstah
DD-WRT Novice


Joined: 22 Apr 2008
Posts: 24

PostPosted: Fri Dec 18, 2009 20:57    Post subject: Reply with quote
glad I was able to give you ideas on improving your script; my nephew's xbox is loving the miniupnp...





autobot wrote:
jugstah wrote:
have this running on a wrt160n with a broken upnp and it's working great so far.. thanks!!! (btw, I disabled the usual pnp in the dd-wrt tabs so that's correct, right?)

and btw, had to kill the httpd cuz of its cpu load but seems the miniupnp is still running good...


Yes you disable upnp in the webif, this is independent of any other service. As long as miniupnpd is running your ports should be forwarded correctly. But you did give me the idea to make sure and kill the default DD-WRT upnp if its still running.
MikeMcr
DD-WRT User


Joined: 28 Aug 2009
Posts: 54

PostPosted: Fri Dec 18, 2009 22:14    Post subject: Reply with quote
Thanks autobot for providing this.

I have been testing this script manually via SSH and am not convinced the iptables are being fully cleared.

If I run the script multiple times, miniupnpd seems to get confused about what ports are already open. The command "iptables -L MINIUPNPD" shows nothing but both Windows and a debug output shows ports left around from the last run.

The source code for miniupnpd has a shutdown script called iptables_removeall.sh so I modifed the "delete" part of yout script to look like this:

Code:
$IPT -t nat -F MINIUPNPD
$IPT -t nat -X MINIUPNPD
$IPT -t filter -F MINIUPNPD
$IPT -t filter -X MINIUPNPD


That seems to have fixed the problem. I can now run the script multiple times and everything seems to be in sync.

I am no iptables expert and I have no idea what the difference is between the above and your version. The iptables_removeall.sh script actually does a few other commands which again I don't know if they are needed.

Anyway, thought I would let you know.
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Fri Dec 18, 2009 22:41    Post subject: Reply with quote
I tested my iptables method thoroughly and it worked good for me, I wonder what causes your problem. I haven't looked at the source since I compiled this, I will look at the mentioned files and try and come up with something if I can find time. Thanks for reporting your results, I will test your method for the iptables rule and integrate it if it works consistently.
_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed
MikeMcr
DD-WRT User


Joined: 28 Aug 2009
Posts: 54

PostPosted: Fri Dec 18, 2009 23:26    Post subject: Reply with quote
Thanks, maybe its because I am testing standalone from the SSH prompt rather than as part of the firewall startup.

I did notice that this command from your script:

Code:
$IPT -F


seems to be wiping out the entire firewall rules, not just those belonging to miniupnpd. Is that intentional? I only noticed when I did a ShieldsUp port scan and found every low numbered port closed instead of stealth (and a few open). Shocked
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Fri Dec 18, 2009 23:57    Post subject: Reply with quote
Your right, I will fix that. Great catch!
_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed


Last edited by autobot on Sat Dec 19, 2009 5:14; edited 1 time in total
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Sat Dec 19, 2009 5:10    Post subject: Reply with quote
Script is updated, thanks MikeMcr and all you who help.
_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed
iloveramen
DD-WRT Novice


Joined: 09 Dec 2009
Posts: 15

PostPosted: Sat Dec 19, 2009 9:43    Post subject: Reply with quote
So far everything works fine. My PS3 works great and is in NAT Type 2. My computers are forwarding fine.
MikeMcr
DD-WRT User


Joined: 28 Aug 2009
Posts: 54

PostPosted: Sat Dec 19, 2009 15:10    Post subject: Reply with quote
I would like to display a list of UPnP forwards using the MyPage feature.

Unfortunately "iptables -L MINIUPNPD" does not show the internal description for each forward which is provided by the client (XBox, Messenger etc)

This is acknowledged by the author here:

http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=299

The solution in the last post is to use "miniupnpdctl".

Looking at the source, this appears to be a binary built along with miniupnpd. Autobot, I don't suppose you have a copy from your compiled build, please?
autobot
DD-WRT Guru


Joined: 07 May 2009
Posts: 1596

PostPosted: Sat Dec 19, 2009 16:46    Post subject: Reply with quote
I do have it, let me find it and I will upload it and post a link.
_________________
Eko Builds

BrainSlayer Builds

DD-WRT Changelog RSS Feed


Last edited by autobot on Sun Dec 20, 2009 5:14; edited 1 time in total
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  Next Display posts from previous:    Page 2 of 8
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum