-
Notifications
You must be signed in to change notification settings - Fork 109
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
opnsense/miniupnpd: development copy
- Loading branch information
Showing
7 changed files
with
211 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
PORTNAME= miniupnpd | ||
PORTVERSION= 2.1.20200510 | ||
PORTEPOCH= 1 | ||
CATEGORIES= net | ||
MASTER_SITES= http://miniupnp.tuxfamily.org/files/ \ | ||
http://miniupnp.free.fr/files/ | ||
|
||
MAINTAINER= squat@squat.no | ||
COMMENT= UPnP IGD implementation which uses pf/ipf | ||
WWW= http://miniupnp.free.fr/ | ||
|
||
LICENSE= BSD3CLAUSE | ||
|
||
USES= cpe ssl | ||
CPE_VENDOR= miniupnp_project | ||
USE_RC_SUBR= miniupnpd | ||
|
||
HAS_CONFIGURE= yes | ||
MAKE_JOBS_UNSAFE= yes | ||
|
||
CFLAGS+= -I${OPENSSLINC} | ||
LDFLAGS+= -L${OPENSSLLIB} | ||
|
||
PLIST_FILES= etc/miniupnpd.conf.sample \ | ||
man/man8/miniupnpd.8.gz \ | ||
sbin/miniupnpd | ||
|
||
OPTIONS_DEFINE= CHECK_PORTINUSE IPV6 LEASEFILE UPNP_IGDV2 \ | ||
UPNP_STRICT | ||
OPTIONS_DEFAULT= AUTODETECT_FW | ||
OPTIONS_SINGLE= FIREWALL | ||
OPTIONS_SINGLE_FIREWALL= AUTODETECT_FW PF IPFW | ||
AUTODETECT_FW_DESC= Try to autodetect firewall type | ||
CHECK_PORTINUSE_DESC= Check if ports are in use | ||
IPFW_DESC= Use IPFW as firewall type | ||
LEASEFILE_DESC= Enable lease file | ||
PF_DESC= Use PF as firewall type | ||
UPNP_IGDV2_DESC= Build an IGDv2 instead of an IGDv1 | ||
UPNP_STRICT_DESC= More strict UPnP specification compliance | ||
|
||
CHECK_PORTINUSE_CONFIGURE_ON= --portinuse | ||
IPV6_CONFIGURE_ON= --ipv6 | ||
LEASEFILE_CONFIGURE_ON= --leasefile | ||
PF_CONFIGURE_ON= --firewall=pf | ||
UPNP_IGDV2_CONFIGURE_ON= --igd2 | ||
UPNP_STRICT_CONFIGURE_ON= --strict | ||
|
||
post-patch: | ||
@${REINPLACE_CMD} -e 's|\(-lssl -lcrypto\)|$$(LDFLAGS) \1|g' \ | ||
${WRKSRC}/Makefile.bsd | ||
|
||
.include <bsd.port.mk> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
TIMESTAMP = 1591038112 | ||
SHA256 (miniupnpd-2.1.20200510.tar.gz) = 821e708f369cc1fb851506441fbc3a1f4a1b5a8bf8e84a9e71758a32f5127e8b | ||
SIZE (miniupnpd-2.1.20200510.tar.gz) = 245426 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
# WAN network interface | ||
ext_ifname=ed0 | ||
# if the WAN interface has several IP addresses, you | ||
# can specify the one to use below | ||
#ext_ip= | ||
|
||
# there can be multiple listening ips for receiving SSDP traffic. | ||
# the 1st IP is also used for UPnP Soap traffic. | ||
#listening_ip= 192.168.0.61 | ||
listening_ip=10.0.2.1 | ||
|
||
# port for HTTP (descriptions and SOAP) traffic. set 0 for autoselect. | ||
port=5555 | ||
|
||
# path to the unix socket used to communicate with MiniSSDPd | ||
# If running, MiniSSDPd will manage M-SEARCH answering. | ||
# default is /var/run/minissdpd.sock | ||
#minissdpdsocket=/var/run/minissdpd.sock | ||
|
||
# enable NAT-PMP support (default is no) | ||
#enable_natpmp=no | ||
|
||
# lease file location | ||
#lease_file=/var/log/upnp.leases | ||
|
||
# bitrates reported by daemon in bits per second | ||
bitrate_up=131072 | ||
bitrate_down=524288 | ||
|
||
# "secure" mode : when enabled, UPnP client are allowed to add mappings only | ||
# to their IP. (default is yes) | ||
#secure_mode=yes | ||
|
||
# default presentation url is http address on port 80 | ||
#presentation_url= | ||
|
||
# report system uptime instead of daemon uptime | ||
system_uptime=yes | ||
|
||
# unused rules cleaning. | ||
# never remove any rule before this threshold for the number | ||
# of redirections is exceeded. default to 20 | ||
#clean_ruleset_threshold=10 | ||
# clean process work interval in seconds. default to 0 (disabled). | ||
# a 600 seconds (10 minutes) interval makes sense | ||
clean_ruleset_interval=600 | ||
|
||
# notify interval in seconds default is 30 seconds. | ||
#notify_interval=240 | ||
|
||
# log packets in pf | ||
#packet_log=no | ||
# ALTQ queue in pf | ||
# filter rules must be used for this to be used. | ||
# compile with PF_ENABLE_FILTER_RULES (see config.h file) | ||
#queue=queue_name1 | ||
|
||
# uuid : generated by the install a new one can be created with | ||
# uuidgen | ||
uuid=%%UUID%% | ||
|
||
# UPnP permission rules | ||
# (allow|deny) (external port range) ip/mask (internal port range) | ||
# A port range is <min port>-<max port> or <port> if there is only | ||
# one port in the range. | ||
# ip/mask format must be nn.nn.nn.nn/nn | ||
allow 1024-65535 10.0.2.0/24 1024-65535 | ||
allow 1024-65535 10.0.2.0/24 1024-65535 | ||
deny 0-65535 0.0.0.0/0 0-65535 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
#!/bin/sh | ||
|
||
# PROVIDE: miniupnpd | ||
# REQUIRE: NETWORKING SERVERS DAEMON ldconfig resolv | ||
|
||
. /etc/rc.subr | ||
|
||
# Add the following line to /etc/rc.conf to enable miniupnpd | ||
# miniupnpd_enable="YES" | ||
# miniupnpd_flags="<set as needed>" | ||
|
||
name=miniupnpd | ||
rcvar=miniupnpd_enable | ||
load_rc_config $name | ||
|
||
miniupnpd_enable=${miniupnpd_enable:-"NO"} | ||
miniupnpd_config=${miniupnpd_config:-"%%PREFIX%%/etc/miniupnpd.conf"} | ||
|
||
command="%%PREFIX%%/sbin/miniupnpd" | ||
pidfile="/var/run/${name}.pid" | ||
command_args="-f $miniupnpd_config" | ||
|
||
required_files=$miniupnpd_config | ||
|
||
run_rc_command "$1" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
--- Makefile.bsd.orig 2020-05-10 16:58:42 UTC | ||
+++ Makefile.bsd | ||
@@ -121,8 +121,7 @@ LIBS += -lssl -lcrypto | ||
|
||
INSTALLBINDIR = $(PREFIX)/sbin | ||
INSTALLETCDIR = $(PREFIX)/etc | ||
-# INSTALLMANDIR = $(PREFIX)/man | ||
-INSTALLMANDIR = /usr/share/man | ||
+INSTALLMANDIR = $(MANPREFIX)/man | ||
|
||
all: $(EXECUTABLES) | ||
|
||
@@ -140,10 +139,10 @@ install: miniupnpd genuuid | ||
$(INSTALL) -d $(DESTDIR)$(INSTALLBINDIR) | ||
$(INSTALL) -m 755 miniupnpd $(DESTDIR)$(INSTALLBINDIR) | ||
$(INSTALL) -d $(DESTDIR)$(INSTALLETCDIR) | ||
- $(INSTALL) -b miniupnpd.conf $(DESTDIR)$(INSTALLETCDIR) | ||
+ $(INSTALL) -b miniupnpd.conf $(DESTDIR)$(INSTALLETCDIR)/miniupnpd.conf.sample | ||
# TODO : install man page correctly | ||
-# $(INSTALL) -d $(INSTALLMANDIR) | ||
-# $(INSTALL) miniupnpd.8 $(INSTALLMANDIR)/cat8/miniupnpd.0 | ||
+ $(INSTALL) -d $(DESTDIR)$(INSTALLMANDIR)/man8 | ||
+ $(INSTALL) miniupnpd.8 $(DESTDIR)$(INSTALLMANDIR)/man8/miniupnpd.8 | ||
|
||
# genuuid is using the uuid cli tool available under OpenBSD 4.0 in | ||
# the uuid-1.5.0 package | ||
@@ -187,7 +186,7 @@ dox: miniupnpd.doxyconf | ||
$(DOXYGEN) $> | ||
|
||
miniupnpd: config.h $(ALLOBJS) | ||
- $(CC) $(LDFLAGS) -o $@ $(ALLOBJS) $(LIBS) | ||
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(ALLOBJS) $(LIBS) | ||
|
||
# BSDmake : | ||
# $(CC) $(LDFLAGS) -o $@ $> $(LIBS) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
Mini UPnPd is a lightweight implementation of a UPnP IGD daemon. This is | ||
supposed to be run on your gateway machine to allow client systems to redirect | ||
ports and punch holes in the firewall. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
[ | ||
{ type: install | ||
message: <<EOM | ||
*** !!WARNING!! !!WARNING!! !!WARNING!! *** | ||
This port allows machines within your network to create holes in your | ||
firewall. Please ensure this is really what you want! | ||
*** !!WARNING!! !!WARNING!! !!WARNING!! *** | ||
|
||
For this daemon to work, you must modify your pf rules to add an anchor | ||
in both the NAT and rules section. Both must be called 'miniupnpd'. | ||
Example: | ||
|
||
# NAT section | ||
# UPnPd rdr anchor | ||
rdr-anchor "miniupnpd" | ||
|
||
# Rules section | ||
# uPnPd rule anchor | ||
anchor "miniupnpd" | ||
EOM | ||
} | ||
] |