miniupnp.tuxfamily.org

[F4S4K4N]

So i've come across a fault thats probably in the UPnP protocol itself.

When a device adds a port mapping it uses a duration of 0 and the rule lasts forever, for some devices this is ok because they are always on, but others are not always on and the mapping will remain. These mappings can build up over time, opening holes in the firewall that point to nothing or possibly a different device that has take the old device's DHCP lease. I can clean these mappings using the clean feature, but this feature removes all port mappings. Not just the dead ones.

So for some devices, they will have their mappings removed and not know about it so they cease to function correctly. The only solution is to reboot the device so it re-creates the mappings until the next clean cycle.

I tried using IGDv2 which requires a lease duration as far as i can tell, but on IGDv2 the devices wont even create mappings at all, even though they do connect to miniupnpd.

Has anyone ever experienced this and found a solution or workaround?

[miniupnp]

[F4S4K4N]

Could having a threshold of 0 create an invalid configuration? I would like to have miniupnpd always clean the rules, even if there is only a low number of.

Ill try setting the time to an hour or something like that. Right now it's at the default 10 min and most of the UPnP clients are IP phones and an Xbox. I imagine the IP phone's rules are getting clean because traffic only comes in when receiving a call, which doesn't happen every 10 min.

[miniupnp]

use a threshold of 1 !
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/