Allow disabling of secure_mode for UPnP

[nashant]

This will allow the disabling of secure mode for miniupnpd.

My reasoning for this is to allow upnp port forwarding of kubernetes services where the client requesting the port forward will not have the same IP as that in the request.

[fichtner]

Hi,

In general ok but the storage value is the inverted value so the default can be retained as yes? That would be better to clean up to avoid future interpretation issues on changes regarding the topic.

Cheers,
Franco

[nashant]

Would you be happier if I just made it $upnp_config['disable_secure_mode'] rather than $upnp_config['secure_mode']?

[fichtner]

The most robust solution is to invert the storage value for GUI display. I just wanted to confirm the issue with you. I can take over that part in January if you don’t beat me to it. There are a few examples of this in the core code… I think on the services: router advertisements page for example.

Cheers,
Franco

[Self-Hosting-Group]

Currently the daemon only uses the secure_mode option for UPnP IGD with IPv4, not for IGD with IPv6 and PCP. Note that NAT-PMP does not have a THIRD_PARTY option, so secure mode is always on.

The maintainer has rejected the pull requests to make this option universal for IGD with IPv6 and PCP. However, the undocumented pcp_allow_thirdpartyoption (which works the other way around) has been added to the sample configuration for the daemon. However, there is still no configuration option to disable the secure mode for IGD and IPv6.

Perhaps the maintainer should reconsider the rejection to avoid having to add/maintain multiple options in the different router UIs.

Please let me know what you think of the suggestion?