--- /dev/null
+
+# LAN network interfaces IPs / networks
+# there can be multiple listening ips for SSDP traffic.
+# should be under the form nnn.nnn.nnn.nnn/nn
+# HTTP is available on all interfaces
+# port for HTTP (descriptions and SOAP) traffic. set 0 for autoselect.
+port=0
+
+# chain names for netfilter (not used for pf or ipf).
+upnp_forward_chain=UPNPFW
+upnp_nat_chain=UPNPFW
+
+# bitrates reported by daemon in bits per second
+bitrate_up=1000000
+bitrate_down=10000000
+
+# "secure" mode : when enabled, UPnP client are allowed to add mappings only
+# to their IP.
+secure_mode=yes
+
+# report system uptime instead of daemon uptime
+system_uptime=yes
+
+# notify interval in seconds. default is 30 seconds.
+notify_interval=60
+
+# unused rules cleaning.
+# never remove any rule before this threshold for the number
+# of redirections is exceeded. default to 20
+#clean_ruleset_threshold=10
+# clean process work interval in seconds. default to 0 (disabled).
+# a 600 seconds (10 minutes) interval makes sense
+clean_ruleset_interval=600
+
+# serial and model number the daemon will report to clients
+# in its XML description
+serial=12345678
+model_number=1
+
+# UPnP permission rules
+# (allow|deny) (external port range) ip/mask (internal port range)
+# A port range is <min port>-<max port> or <port> if there is only
+# one port in the range.
+# ip/mask format must be nn.nn.nn.nn/nn
+# it is advised to only allow redirection of port above 1024
+# and to finish the rule set with "deny 0-65535 0.0.0.0/0 0-65535"
+allow 0-65535 0.0.0.0/0 0-65535
#etc/rc.d/init.d/mediatomb
#etc/rc.d/init.d/messagebus
#etc/rc.d/init.d/miau
+#etc/rc.d/init.d/miniupnpd
#etc/rc.d/init.d/mldonkey
etc/rc.d/init.d/modules
#etc/rc.d/init.d/motion
#etc/rc.d/init.d/networking/red.down
etc/rc.d/init.d/networking/red.down/05-RS-dnsmasq
etc/rc.d/init.d/networking/red.down/10-ipsec
+etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
etc/rc.d/init.d/networking/red.down/20-RL-firewall
etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
#etc/rc.d/init.d/networking/red.up
etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
+etc/rc.d/init.d/networking/red.up/10-miniupnpd
etc/rc.d/init.d/networking/red.up/10-multicast
etc/rc.d/init.d/networking/red.up/20-RL-firewall
etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
etc/sysconfig/modules
etc/sysconfig/rc
etc/sysconfig/rc.local
-etc/init.d
+etc/init.d/firewall
etc/system-release
etc/rc.d/init.d/checkfs
etc/rc.d/init.d/checkfstab
--- /dev/null
+etc/init.d/miniupnpd
+etc/init.d/networking/red.down/10-miniupnpd
+etc/init.d/networking/red.up/10-miniupnpd
+etc/miniupnpd
+etc/miniupnpd/miniupnpd.conf
+usr/sbin/miniupnpd
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.4
+
+THISAPP = miniupnpd-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = miniupnpd
+PAK_VER = 0
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = ffa33d4ed8732c662bdb7d511e86db76
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/miniupnpd-iptcrdr.patch
+ cd $(DIR_APP) && make -f Makefile.linux \
+ CFLAGS="$(CFLAGS) -DIPTABLES_143 -I/usr/src/linux/include"
+
+ cd $(DIR_APP) && install -m 755 miniupnpd /usr/sbin
+ -mkdir -pv /etc/miniupnpd
+ cp -vf $(DIR_SRC)/config/miniupnpd/miniupnpd.conf /etc/miniupnpd/miniupnpd.conf
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
ipfiremake ddrescue
ipfiremake tcl
ipfiremake imspector
+ ipfiremake miniupnpd
ipfiremake client175
echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild
cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild
# upnp chain for our upnp daemon
/sbin/iptables -t nat -N UPNPFW
/sbin/iptables -t nat -A PREROUTING -j UPNPFW
-
+ # This chain only contains dummy rules.
+ /sbin/iptables -N UPNPFW
# Custom mangle chain (for port fowarding)
/sbin/iptables -t mangle -N PORTFWMANGLE
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/miniupnpd
+#
+# Description : Miniupnp daemon
+#
+# Authors : Michael Tremer <michael.tremer@ipfire.org>
+#
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+if [ ! -e /etc/miniupnpd/id ]; then
+ uuidgen > /etc/miniupnpd/id
+fi
+
+UUID=$(cat /etc/miniupnpd/id)
+
+EXT_DEV=$(cat /var/ipfire/red/iface)
+EXT_IP4=$(cat /var/ipfire/red/local-ipaddress)
+
+. /var/ipfire/ethernet/settings
+
+for i in GREEN_ADDRESS BLUE_ADDRESS; do
+ [ -n "${!i}" ] && LISTEN_IP="${LISTEN_IP} -a ${!i}"
+done
+
+function flush_iptables() {
+ # Flush iptables to remove all entries that were left
+ iptables -F UPNPFW
+ iptables -t nat -F UPNPFW
+}
+
+case "${1}" in
+ start)
+ boot_mesg "Starting miniupnpd..."
+
+ flush_iptables
+
+ loadproc miniupnpd -f /etc/miniupnpd/miniupnpd.conf \
+ -i ${EXT_DEV} -o ${EXT_IP4} ${LISTEN_IP} \
+ -u ${UUID}
+ ;;
+
+ stop)
+ boot_mesg "Stopping miniupnpd..."
+ killproc miniupnpd
+
+ flush_iptables
+ ;;
+
+ restart)
+ ${0} stop
+ sleep 1
+ ${0} start
+ ;;
+
+ status)
+ statusproc miniupnpd
+ ;;
+
+ *)
+ echo "Usage: ${0} {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/miniupnpd
--- /dev/null
+#!/bin/bash
+
+[ -x /etc/init.d/miniupnpd ] && \
+ /etc/init.d/miniupnpd stop &>/dev/null
+
+exit 0
--- /dev/null
+#!/bin/bash
+
+[ -x /etc/init.d/miniupnpd ] && \
+ /etc/init.d/miniupnpd start &>/dev/null
+
+exit 0
--- /dev/null
+--- netfilter/iptcrdr.c.old 2010-02-24 14:22:23.000000000 +0100
++++ netfilter/iptcrdr.c 2010-02-24 14:48:00.000000000 +0100
+@@ -20,6 +20,13 @@
+
+ #if IPTABLES_143
+ /* IPTABLES API version >= 1.4.3 */
++
++#define BUILD_BUG_ON_ZERO(e) (sizeof(struct { int:-!!(e); }))
++#define __must_be_array(a) \
++ BUILD_BUG_ON_ZERO(__builtin_types_compatible_p(typeof(a), typeof(&a[0])))
++#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
++#define LIST_POISON2 ((void *) 0x00200200 )
++
+ #include <net/netfilter/nf_nat.h>
+ #define ip_nat_multi_range nf_nat_multi_range
+ #define ip_nat_range nf_nat_range