View previous topic :: View next topic |
Author |
Message |
troykelly
Joined: 21 Jan 2012 Posts: 2 Location: Australia
|
Posted: Sat Jan 21, 2012 12:54 pm Post subject: Adding ACCEPT rule |
|
|
I'm trying to work out how I can get the daemon to add an ACCEPT rule at the same time it is creating the forwarding rules.
Our firewalls are like most and default deny incoming traffic from untrusted sources. So, when granting a UPnP port forward, we also need to "open" a hole in the firewall and allow the packet in. |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1593
|
Posted: Sun Jan 22, 2012 11:15 pm Post subject: Re: Adding ACCEPT rule |
|
|
troykelly wrote: | I'm trying to work out how I can get the daemon to add an ACCEPT rule at the same time it is creating the forwarding rules.
Our firewalls are like most and default deny incoming traffic from untrusted sources. So, when granting a UPnP port forward, we also need to "open" a hole in the firewall and allow the packet in. |
I guess you are using miniupnpd under Linux/netfilter...
miniupnpd already add ACCEPT rule at the same time as the network address translation rule. _________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
troykelly
Joined: 21 Jan 2012 Posts: 2 Location: Australia
|
Posted: Sun Jan 22, 2012 11:42 pm Post subject: |
|
|
Thank-you.
Yes - It's on a DD-WRT router, iptables v1.3.7
I can't see the ACCEPT rule being created, which table does it get created in?
We don't use the default ruleset created by the router, a custom one is built. So I will need to add it to a chain I guess |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1593
|
Posted: Mon Jan 23, 2012 10:11 pm Post subject: |
|
|
troykelly wrote: | Thank-you.
Yes - It's on a DD-WRT router, iptables v1.3.7
I can't see the ACCEPT rule being created, which table does it get created in?
We don't use the default ruleset created by the router, a custom one is built. So I will need to add it to a chain I guess |
see the table "filter", chain MINIUPNPD :
Code: | iptables -v -n -t filter -L MINIUPNPD |
_________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
|