This is a tor-fw-helper rewrite in Go that functions as a drop in replacement for the original C code.
Features:
- Interface compatibility with the C tor-fw-helper.
- UPnP based NAT traversal.
- NAT-PMP based NAT traversal.
Limitations:
- go-fw-helper's "-T" option does not write to the log file.
- As the helper needs to be able to receive UDP packets, the local firewall's config may need to be altered.
- Lease times are hardcoded to "0" for UPnP (Indefinite/1 week depending on the UPnP version) and 7200 seconds for NAT-PMP. RFC 6886 includes dire warnings about broken UPnP implementations that freak out for non-"0" lease times.
TODO:
- Maybe also support PCP. Technically everything that speaks PCP should also speak NAT-PMP, so this is relatively low priority.
Further Reading:
- http://www.upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.0-20080424.pdf
- http://www.upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v1.1.pdf
- http://www.upnp.org/specs/gw/UPnP-gw-InternetGatewayDevice-v2-Device.pdf
- http://www.upnp.org/specs/gw/UPnP-gw-WANIPConnection-v2-Service.pdf
- https://tools.ietf.org/html/rfc6886