Modify

Opened 6 years ago

Closed 6 years ago

#8532 closed defect (fixed)

miniupnpd does not update NAT rules when WAN IP changed

Reported by: Alexey I. Froloff <raorn@…> Owned by: cshore
Priority: response-needed Milestone:
Component: packages Version: Backfire 10.03
Keywords: upnp nat Cc:

Description

My WAN connection (PPPoE) is being restarted daily die to accounting reasons. External IP address may be changed when connection is back up.

However, I still can see old IP in miniupnpd's NAT rules. Restarting client application doesn't help, I have to restart miniupnpd in order to get correct NAT rules.

Attachments (0)

Change History (15)

comment:1 follow-up: Changed 6 years ago by andrew

restart system help you?

comment:2 in reply to: ↑ 1 ; follow-up: Changed 6 years ago by Alexey I. Froloff <raorn@…>

Replying to andrew:

restart system help you?

Restarting miniupnpd service helps, so I guess rebooting router will help too.

This is the only issue that stops me from using opwnwrt on a WNDR3700. Original firmware does not have this problem.

comment:3 in reply to: ↑ 2 ; follow-up: Changed 6 years ago by anonymous

Replying to Alexey I. Froloff <raorn@…>:

Replying to andrew:
This is the only issue that stops me from using opwnwrt on a WNDR3700.

You always have the option to run linuxigd + libupnpd instead of miniupnpd.
OpenWrt gives you that choice ;)

comment:4 Changed 6 years ago by anonymous

Just make sure to run a revision >= [24066] if you're going to try it.

comment:5 Changed 6 years ago by anonymous

I believe I worked around this by adding this command to /etc/ppp/ip-up:
iptables -t nat -A prerouting_rule -i $PPP_IFACE -d $PPP_LOCAL -j MINIUPNPD

in ip-down:
iptables -t nat -D prerouting_rule -i $PPP_IFACE -d $PPP_LOCAL -j MINIUPNPD

not totally clean, but seems to get the job done.

comment:6 in reply to: ↑ 3 Changed 6 years ago by Alexey I. Froloff <raorn@…>

Replying to anonymous:

You always have the option to run linuxigd + libupnpd instead of miniupnpd.

Yes, this works. But NAT rules are lost whenever firewall configuration is updated. Also it doesn't seen to support IPv6. Is linuxigd2 ready for testing?

comment:7 Changed 6 years ago by Alexey I. Froloff <raorn@…>

No success with linuxigd2 from http://gitorious.org/igd2-for-linux/wanipconnection2 (libupnp also updated to .12). upnpd doesn't seem to catch requests from transmission.

comment:8 Changed 6 years ago by cshore

  • Owner changed from developers to cshore
  • Priority changed from normal to response-needed
  • Status changed from new to accepted

Can you please check if miniupnpd 1.5 fixes this? (in packages feed now).

comment:9 Changed 6 years ago by Alexey I. Froloff <raorn@…>

I'll check it shortly. Does it support IPv6? It would be nice.

comment:10 Changed 6 years ago by cshore

I don't think miniupnpd supports ipv6 but I could be wrong. I know that the permission rules are ipv4 only.

comment:11 Changed 6 years ago by cshore

I've been informed that miniupnpd definitely doesn't support ipv6 and that OpenWRT doesn't have ipv6 masquerading so if it miniupnpd could do it we can't.

I'm not sure that masquerading makes sense with ipv6 anyway, it kinds of defeats one of the design goals of v6 (get rid of NAT because it makes life way more difficult for getting traffic to a destination (end-to-end communication).

comment:12 Changed 6 years ago by Alexey I. Froloff <raorn@…>

No need to masquerade IPv6, since all my local boxes have real IPv6 addresses. However it would be nice if miniupnpd just open requests port in ip6tables. Besides, why miniupnpd is linked against libip6tc?

comment:13 Changed 6 years ago by cshore

AFAIR that was due to libip6tc and libip4tc not being separate at the time, and recently not having had time to verify operation without 6tc.

comment:14 Changed 6 years ago by Alexey I. Froloff <raorn@…>

This issue seems to be resolved with new miniupnpd.

comment:15 Changed 6 years ago by cshore

  • Resolution set to fixed
  • Status changed from accepted to closed

Appears to be resolved.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.