-
Notifications
You must be signed in to change notification settings - Fork 35.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UPNP is not disabled when tor-only settings are in effect. #2927
Comments
If using Bitcoin-Qt make sure to unset the UPnP option. For using bitcoind, I'm looking into a little patch currently. |
As far as I can see, -listen=0 should already disable UPnP by default. Only if you enable it explicitly through -upnp (or upnp=1), or the GUI should it be enabled. If that's not the case, it's a bug. |
@sipa Reproduced in the latest master. |
My reasoning would be that the bind=XXX re-enables listen, and hence upnp is not disabled. Edit: does it work if you explicitly add upnp=0 to the config? |
If you explicitly set listen to false, bind shouldn't re-enable it. |
Yes, @laanwj, running with the line
or compiling without UPNP does work, but logically if we're not |
Guess this needs to be fixed before 0.9 as well. |
Would this suffice (change in net.cpp)? // only map ports when not using Tor if (!IsLimited(NET_TOR)) // Map ports with UPnP MapPort(GetBoolArg("-upnp", fDefaultUpnp)); We already have in init.cpp the check for listen: if (!GetBoolArg("-listen", true)) { // do not map ports or try to retrieve public IP when not listening (pointless) SoftSetBoolArg("-upnp", false); SoftSetBoolArg("-discover", false); } |
Your change would make it impossible to map ports when using Tor. The goal is to make the default (if not overridden using -upnp) to not map ports when using Tor, not to make it completely impossible. |
I'm out... too many cases to consider for my ill brain ^^. |
This appears to have been already solved:
|
@gmaxwell well, the problem seems to be that he has a bind:XXX statement (for a hidden service), which re-enables listen so it never goes into that. |
To protect privacy, do not use UPNP when a proxy is set. The user may still specify -listen=1 to listen locally (for a hidden service), so don't rely on this happening through -listen. Fixes bitcoin#2927.
Foremost, if your goal is to hide completely behind a proxy you should use Given that, see #6153 for fix. |
To protect privacy, do not use UPNP when a proxy is set. The user may still specify -listen=1 to listen locally (for a hidden service), so don't rely on this happening through -listen. Fixes bitcoin#2927. Conflicts: src/init.cpp Rebased-From: 8c35b6f Github-Pull: bitcoin#6153 (cherry picked from commit ebd7d8d)
With the following enabled, UPNP should not attempt to open a port at the router for 8333, however in the latest stable the port is uselessly opened. At best it's doing nothing productive, at worst it's just advertising the existence of a bitcoin client.
Compiling with USE_UPNP=- works as a temporary solution, but is by no means ideal.
The text was updated successfully, but these errors were encountered: