1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Forums
Welcome, Guest
ClearOS Module - MiniUPNP Daemon
(1 viewing) 1 Guest
Go to bottomPage: 12345678
TOPIC: ClearOS Module - MiniUPNP Daemon
*
#21002
ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
I've built and packaged MiniUPNP daemon so that it will work with ClearOS
miniupnp.free.fr/

It relies on your system being configured in gateway mode, it also has only been tested in a single WAN environment. MultiWAN is experimental and can be acheived by editing the config (/etc/miniupnpd/miniupnpd.conf) and iptables (see below)

This can be used as a direct replacement for LinuxIGD, which as a flaw whereby multiple rules will be created with the same port for multiple devices.

MiniUPNPD also supports NAT-PMP

INSTALL:-
Setup the community yum repo by following the instructions HERE
Code:

yum --enablerepo=timb install miniupnpd



Add the following code to /etc/rc.d/rc.firewall.local to create the MiniUPNPD tables, required so that after a firewall restart the tables do not disappear.
Code:

##
#MINIUPNPD required tables
##
IPTABLES=/sbin/iptables
#EXTIF=  (not required as uses automagic to determine WAN, can be manually specified)
#adding the MINIUPNPD chain for nat
$IPTABLES -t nat -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j MINIUPNPD

#adding the MINIUPNPD chain for filter
$IPTABLES -t filter -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t filter -A FORWARD -i $EXTIF -o ! $EXTIF -j MINIUPNPD



Then review the config in /etc/miniupnpd/miniupnpd.conf - shouldn't need any changes....the External WAN is determined using the ClearOS automagic function.

Then restart the firewall to create the tables, and start the service
Code:

service firewall restart
service miniupnpd start



Voila! you should now have a functioning UPNP gateway device, you can check logs and entries by running
Code:

grep upnpd /var/log/messages
or
iptables -t nat -L MINIUPNPD -n -v
iptables -L MINIUPNPD -n -v



Enjoy
Tim Burgess
Moderator
Posts: 6371
graph
User Offline Click here to see the profile of this user
Last Edit: 2011/03/09 09:21 By timb80.
The administrator has disabled public write access.
 
#21004
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Great stuff Tim. I'll stick this on later and see if I can get it working with my multiwan setup. If it's using the ClearOS automatic detection then I believe it picks one of the 2 WAN's so it should work but I'll override that as I want it to use the one I pick.

I've only got one Xbox 360 but would be interested to know if 2 do work in open NAT at the same time with this. I might get another at some point soon.
FastLaneJB
Expert Boarder
Posts: 154
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#21005
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Great! let me know how you get on

I tested multiple applications configured with the same ports (utorrent) and it did correctly assign another open port instead. (Compared to the behaviour noted with LinuxIGD)
Tim Burgess
Moderator
Posts: 6371
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#21022
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Tim,

I notice there is a restriction in the init function to only one LAN interface as there is in upnpd. Is this a restriction of yours or one of miniupnpd? It looks like you based your script on the upnpd one but it would be more of a job to make it loop through the LANIFS if it were even possible.

Nick
Nick Howitt
Platinum Boarder
Posts: 5359
graphgraph
User Online Now Click here to see the profile of this user
The administrator has disabled public write access.
 
#21041
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Hi Nick, i've uploaded a new version with amended init script which will listen on all LAN interfaces (LANIF not HOTLAN)
ftp://starlane.gotdns.org/miniupnpd-1.4.20100921-2.clearos.i686.rpm

You can add further interface / subnets by editing /etc/miniupnpd/miniupnpd.conf and adding "listening_ip" fields
Tim Burgess
Moderator
Posts: 6371
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#21043
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Tested it with two xboxs.

Was able to get open nat on both.

first xbox gets port 3074 second one gets 10016 (every time so its not really random)

Thank you so much!
Ryan
Expert Boarder
Posts: 110
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#21046
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Tim Burgess wrote:
Hi Nick, i've uploaded a new version with amended init script which will listen on all LAN interfaces (LANIF not HOTLAN)
ftp://starlane.gotdns.org/miniupnpd-1.4.20100921-2.clearos.i686.rpm

You can add further interface / subnets by editing /etc/miniupnpd/miniupnpd.conf and adding "listening_ip" fields

Thanks, that's neat. That saves me hacking the init script. I have 2 LAN's, one of which is normally not used, but as luck would have it, it was the one picked up by the init script. It was the same for upnpd which is why I recognised your script and knew where to hack.
Nick Howitt
Platinum Boarder
Posts: 5359
graphgraph
User Online Now Click here to see the profile of this user
The administrator has disabled public write access.
 
#21061
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
great! thanks for the feedback
Tim Burgess
Moderator
Posts: 6371
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#21132
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
hi tim,

when I tried to add this into /etc/rc.d/rc.firewall.local
Code:

##
#MINIUPNPD required tables
##
IPTABLES=/sbin/iptables
#EXTIF=  (not required as uses automagic to determine WAN, can be manually specified)
#adding the MINIUPNPD chain for nat
$IPTABLES -t nat -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j MINIUPNPD

#adding the MINIUPNPD chain for filter
$IPTABLES -t filter -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t filter -A FORWARD -i $EXTIF -o ! $EXTIF -j MINIUPNPD



doing a firewall service restart returned me a failed status.. clearOS is managing my multi-wan
Calvin Teh
Junior Boarder
Posts: 25
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2010/11/30 04:46 By calvinz.
The administrator has disabled public write access.
 
#21133
Re:ClearOS Module - MiniUPNP Daemon 3 Years, 4 Months ago  
Hi, any further clues in /var/log/messages or /var/log/system?

Whats your general network config? number of interfaces? are you in gateway mode?
Tim Burgess
Moderator
Posts: 6371
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
Go to topPage: 12345678
  get the latest posts directly to your desktop