miniupnp.tuxfamily.org Forum Index miniupnp.tuxfamily.org
The forum about miniupnp and libnatpmp
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

FreeBSD 7, Xbox 360, miniupnpd
Goto page 1, 2  Next
 
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> NAT/UPnP
View previous topic :: View next topic  
Author Message
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Mon Oct 13, 2008 10:57 pm    Post subject: FreeBSD 7, Xbox 360, miniupnpd Reply with quote

Xbox obtains IP via DHCP, everything on my PC works fine so I know miniupnpd is working. My Xbox even says Open NAT yet in the lease file I see nothing from the xbox and people cant connect to my xbox
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Tue Oct 14, 2008 5:41 pm    Post subject: Re: FreeBSD 7, Xbox 360, miniupnpd Reply with quote

jedinite wrote:
Xbox obtains IP via DHCP, everything on my PC works fine so I know miniupnpd is working. My Xbox even says Open NAT yet in the lease file I see nothing from the xbox and people cant connect to my xbox

what is the IP of you xbox 360 and the allow/deny lines in your miniupnpd.conf ?
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Wed Oct 15, 2008 8:57 pm    Post subject: Reply with quote

Code:
ext_ifname=nfe0
listening_ip=10.0.0.1/24
port=0
enable_natpmp=yes
enable_upnp=yes
lease_file=/var/db/upnpd/upnpd.leases
bitrate_up=1000000
bitrate_down=10000000
secure_mode=no
system_uptime=yes
notify_interval=60
clean_ruleset_interval=600
uuid=fc4ec57e-b051-11db-88f8-0060085db3f6
serial=12345678
model_number=1
allow 10-65535 10.0.0.0/24 10-65535
deny 0-65535 0.0.0.0/0 0-65535


Xbox is 10.0.0.3
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Thu Oct 16, 2008 9:47 am    Post subject: Reply with quote

everything looks fine...
People should be able to connect to your XBox.
About the lease file, maybe miniupnpd was not compiled with the right option.
Anyway you can see what are the active mappings from another PC running Windows or with miniupnpc.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Fri Oct 24, 2008 12:10 am    Post subject: Reply with quote

I compiled with lease file. The ports are not being forwarded.
Back to top
View user's profile Send private message
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Fri Oct 24, 2008 4:30 am    Post subject: Reply with quote

Should I uncomment
Code:
/*#define PF_ENABLE_FILTER_RULES*/
? I am using PF...
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Fri Oct 24, 2008 6:24 am    Post subject: Reply with quote

the code can either add filter rules with "pass" option OR fileter rules AND pass rules.
There are some options you can set on pass rules but can't on filter rules with pass options.
Most people whnt need to enable the PF_ENABLE_FILTER_RULES.
Code:
$ sudo pfctl -s nat -a miniupnpd
rdr pass on dc0 inet proto tcp from any to any port = 4662 label "libminiupnpc" -> 192.168.11.33 port 4662

That works for me Smile
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Sat Oct 25, 2008 1:07 am    Post subject: Reply with quote

Code:
gateway# pfctl -s nat -a miniupnpd
No ALTQ support in kernel
ALTQ related functions disabled
rdr on nfe0 inet proto tcp from any to any port = 14105 label "msnmsgr (10.0.0.2:4917) 14105 TCP" rtable 0 -> 10.0.0.2 port 4917
rdr on nfe0 inet proto tcp from any to any port = 28441 label "msnmsgr (10.0.0.2:4973) 28441 TCP" rtable 0 -> 10.0.0.2 port 4973
rdr on nfe0 inet proto tcp from any to any port = 5902 label "msnmsgr (10.0.0.2:1045) 5902 TCP" rtable 0 -> 10.0.0.2 port 1045
rdr on nfe0 inet proto tcp from any to any port = 15630 label "msnmsgr (10.0.0.2:1087) 15630 TCP" rtable 0 -> 10.0.0.2 port 1087
rdr on nfe0 inet proto tcp from any to any port = 10767 label "msnmsgr (10.0.0.2:1320) 10767 TCP" rtable 0 -> 10.0.0.2 port 1320
rdr on nfe0 inet proto tcp from any to any port = 23311 label "msnmsgr (10.0.0.2:1369) 23311 TCP" rtable 0 -> 10.0.0.2 port 1369
rdr on nfe0 inet proto tcp from any to any port = 36623 label "msnmsgr (10.0.0.2:1421) 36623 TCP" rtable 0 -> 10.0.0.2 port 1421
rdr on nfe0 inet proto tcp from any to any port = 34831 label "msnmsgr (10.0.0.2:1418) 34831 TCP" rtable 0 -> 10.0.0.2 port 1418
rdr on nfe0 inet proto tcp from any to any port = 50959 label "msnmsgr (10.0.0.2:1477) 50959 TCP" rtable 0 -> 10.0.0.2 port 1477
rdr on nfe0 inet proto tcp from any to any port = 1804 label "msnmsgr (10.0.0.2:1541) 1804 TCP" rtable 0 -> 10.0.0.2 port 1541
gateway#

Everything but Xbox seems to work fine.

Edit:

Also...

Code:
#define UPNP_VERSION    "20081024"
#define PFRULE_INOUT_COUNTS
#define USE_PF 1
#define OS_NAME         "FreeBSD"
#define OS_VERSION      "FreeBSD/7.0-RELEASE"
#define OS_URL          "http://www.freebsd.org/"


PFRULE_INOUT_COUNTS is fine with no value?
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Sat Oct 25, 2008 8:38 am    Post subject: Reply with quote

jedinite wrote:

Also...

Code:
#define UPNP_VERSION    "20081024"
#define PFRULE_INOUT_COUNTS
#define USE_PF 1
#define OS_NAME         "FreeBSD"
#define OS_VERSION      "FreeBSD/7.0-RELEASE"
#define OS_URL          "http://www.freebsd.org/"


PFRULE_INOUT_COUNTS is fine with no value?

yes.

If everything works except the XBOX 360, you should try to concentrate on what exactly happen when the XBOX 360 discovers the UPnP devices and when it tries (or not ?) to redirect a port.
Running miniupnpd with -d option would be usefull.
Here an example of what I get when a UPnP client detect miniupnpd :
Code:

Oct 26 06:33:50 fontarabie miniupnpd[4995]: SSDP M-SEARCH from 192.168.11.33:40605 ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51037
Oct 26 06:33:52 fontarabie miniupnpd[4995]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
Oct 26 06:33:52 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51038
Oct 26 06:33:52 fontarabie miniupnpd[4995]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Oct 26 06:33:52 fontarabie miniupnpd[4995]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51039
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Oct 26 06:33:53 fontarabie miniupnpd[4995]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetConnectionTypeInfo
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51040
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Oct 26 06:33:53 fontarabie miniupnpd[4995]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51041
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
Oct 26 06:33:53 fontarabie miniupnpd[4995]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetCommonLinkProperties
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP connection from 192.168.11.33:51042
Oct 26 06:33:53 fontarabie miniupnpd[4995]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
Oct 26 06:33:53 fontarabie miniupnpd[4995]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress

PS: -d option has 2 actions : don't daemonize, and set log to verbose...
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Mon Oct 27, 2008 6:57 am    Post subject: Reply with quote

Code:
gateway# miniupnpd -d
Reading configuration from file /etc/miniupnpd.conf
perm rule added : allow 10-65535 0a000000/ffffff00 10-65535
perm rule added : deny 0-65535 00000000/00000000 0-65535
miniupnpd[2121]: HTTP listening on port 51507
miniupnpd[2121]: Listening for NAT-PMP traffic on port 5351
miniupnpd[2121]: HTTP connection from 10.0.0.2:4153
miniupnpd[2121]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4154
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress
miniupnpd[2121]: HTTP connection from 10.0.0.2:4156
miniupnpd[2121]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4158
miniupnpd[2121]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4159
miniupnpd[2121]: HTTP REQUEST : GET /L3F.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4160
miniupnpd[2121]: HTTP REQUEST : GET /WANCfg.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4161
miniupnpd[2121]: HTTP REQUEST : GET /WANIPCn.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.2:4162
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetConnectionTypeInfo
miniupnpd[2121]: HTTP connection from 10.0.0.2:4163
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetNATRSIPStatus
miniupnpd[2121]: HTTP connection from 10.0.0.2:4164
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
miniupnpd[2121]: SSDP M-SEARCH from 10.0.0.3:2831 ST: urn:schemas-upnp-org:service:WANIPConnection:1
miniupnpd[2121]: SSDP M-SEARCH from 10.0.0.3:28153 ST: urn:schemas-upnp-org:service:WANPPPConnection:1
miniupnpd[2121]: HTTP connection from 10.0.0.3:37779
miniupnpd[2121]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
miniupnpd[2121]: HTTP connection from 10.0.0.3:5862
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo
miniupnpd[2121]: HTTP connection from 10.0.0.3:27293
miniupnpd[2121]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[2121]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
miniupnpd[2121]: AddPortMapping: ext port 3074 to 10.0.0.3:3074 protocol UDP for: Xbox (10.0.0.3:3074) 3074 UDP
miniupnpd[2121]: UPnP permission rule 0 matched : port mapping accepted
miniupnpd[2121]: redirecting port 3074 to 10.0.0.3:3074 protocol UDP for: Xbox (10.0.0.3:3074) 3074 UDP


I just ran the "Connection Test" on the Xbox 360 (10.0.0.3) and it reports an open NAT. I wonder why in Halo 3 when searching for a game it says I am behind a strict NAT. This is however the first time I have seen the Xbox 360 rule in the lease file ( http://216.232.234.163:1338/vnstat/ , in page src). I guess I'll play some Halo 3 with -d and see what happens.

Edit:

Just out of curiosity, whats with the instant requests from my PC when miniupnpd is started does it send out some sort of broadcast on start? Looks like it happened in yours too.
Back to top
View user's profile Send private message
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Mon Oct 27, 2008 7:04 am    Post subject: Reply with quote

Might as well throw this up too
Code:
# macros
ext_if="nfe0"
int_if="rl0"

tcp_services="{ 1338 }"
icmp_types="{ echoreq, unreach, echorep }"

comp1="10.0.0.2"
#comp1_tcp_services="{ 1337 }"
comp2="10.0.0.3"
#comp2_tcp_services="{ 3074  }"
#comp2_udp_services="{ 3074, 88 }"

# options
set block-policy return
set loginterface $ext_if

set skip on lo

# scrub
scrub in

# nat/rdr
nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr-anchor "miniupnpd"

#rdr on $ext_if proto tcp from any to any port 46465 -> $comp1
rdr on $ext_if proto tcp from any to any port 1337 -> $comp1

rdr on $ext_if inet proto udp from any to any port 88 -> $comp2
rdr on $ext_if inet proto { tcp, udp } from any to any port 3074 -> $comp2

# filter rules
block in

pass out keep state

anchor "miniupnpd"
antispoof quick for { lo $int_if }

pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services flags S/SA keep state

#pass in on $ext_if inet proto tcp from any to $comp1 port 46465 flags S/SA synproxy state
pass in on $ext_if inet proto tcp from any to $comp1 port 1337 flags S/SA synproxy state

pass in quick on $ext_if inet proto udp from any to $comp2 port 88 keep state
pass in quick on $ext_if inet proto {tcp, udp} from any to $comp2 port 3074 keep state

pass in quick inet proto icmp all icmp-type $icmp_types keep state

pass in quick on $int_if


It's a bit of a mess is there a cleaner one somewhere?
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Mon Oct 27, 2008 1:09 pm    Post subject: Reply with quote

jedinite wrote:
Just out of curiosity, whats with the instant requests from my PC when miniupnpd is started does it send out some sort of broadcast on start? Looks like it happened in yours too.

Yep. When started, and then regularly MiniUPnPd broadcast some NOTIFY SSDP packets.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Mon Oct 27, 2008 10:36 pm    Post subject: Reply with quote

is there any way to make it write all this -d stuff to a file? there is too much after a few rounds of halo putty trims it.

Edit:

adding
Code:
!miniupnpd
*.*                                             /var/log/miniupnpd.log
to /etc/syslog.conf what i want?

also:

Code:
gateway# miniupnpd
Reading configuration from file /etc/miniupnpd.conf
perm rule added : allow 10-65535 0a000000/ffffff00 10-65535
perm rule added : deny 0-65535 00000000/00000000 0-65535
gateway# miniupnpd
Reading configuration from file /etc/miniupnpd.conf
perm rule added : allow 10-65535 0a000000/ffffff00 10-65535
perm rule added : deny 0-65535 00000000/00000000 0-65535
gateway#

does the second process make the first reload config or does the second just exit because miniupnpd already running?
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1589

PostPosted: Mon Oct 27, 2008 11:22 pm    Post subject: Reply with quote

jedinite wrote:
is there any way to make it write all this -d stuff to a file... there is too much after a few rounds of halo putty trims it.

Edit:

adding
Code:
*miniupnpd* /var/log/miniupnpd.log
to /etc/syslog.conf what i want?

depending on what is defined LOG_MINIUPNPD in config.h you should ensure there is a line daemon.* /var/log/somefile in syslog.conf...
See http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=492 for more details...
jedinite wrote:

also:

Code:
gateway# miniupnpd
Reading configuration from file /etc/miniupnpd.conf
perm rule added : allow 10-65535 0a000000/ffffff00 10-65535
perm rule added : deny 0-65535 00000000/00000000 0-65535
gateway# miniupnpd
Reading configuration from file /etc/miniupnpd.conf
perm rule added : allow 10-65535 0a000000/ffffff00 10-65535
perm rule added : deny 0-65535 00000000/00000000 0-65535
gateway#

does the second process make the first reload config or does the second just exit because miniupnpd already running?

the second one is just exiting because already running.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
jedinite



Joined: 10 Oct 2008
Posts: 13

PostPosted: Wed Oct 29, 2008 9:29 am    Post subject: Reply with quote

My syslog.conf
Code:
*.err;kern.warning;auth.notice;mail.crit                /dev/console
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err   /var/log/messages
security.*                                      /var/log/security
auth.info;authpriv.info                         /var/log/auth.log
mail.info                                       /var/log/maillog
lpr.info                                        /var/log/lpd-errs
ftp.info                                        /var/log/xferlog
cron.*                                          /var/log/cron
*.=debug                                        /var/log/debug.log
*.emerg                                         *
!startslip
*.*                                             /var/log/slip.log
!ppp
*.*                                             /var/log/ppp.log


Is there a list of command line options somewhere?

Also if there are rules like

Code:
rdr on $ext_if inet proto udp from any to any port 88 -> $comp2
rdr on $ext_if inet proto { tcp, udp } from any to any port 3074 -> $comp2

pass in quick on $ext_if inet proto udp from any to $comp2 port 88 keep state
pass in quick on $ext_if inet proto {tcp, udp} from any to $comp2 port 3074 keep state


and then miniupnpd has a request for those ports to be maped, and another for them to me unmapped will the orignal rule in the pf.conf remain or be cleared? I think the xbox is unmaping them after it maps, I need to get miniupnpd logging every action to file to see.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> NAT/UPnP All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP
© 2007 Thomas Bernard, author of MiniUPNP.