View previous topic :: View next topic |
Author |
Message |
machrider
Joined: 09 Oct 2008 Posts: 4
|
Posted: Fri Oct 10, 2008 12:01 am Post subject: Restricting port mappings to certain clients |
|
|
Hi,
I'm a new miniupnpc user, and so far it works great. The one thing I'm wondering is if I can use miniupnpc's UPNP_AddPortMapping() to add a port mapping that is only accessible to a certain external IP address. I want to dynamically create and destroy such mappings, and not have the whole world able to access them while they exist.
Is this possible with the current API? My understanding is that there is a NewRemoteHost parameter in the IGD protocol for this purpose.
Thoughts?
Thanks!
Mike |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1589
|
Posted: Fri Oct 10, 2008 9:45 am Post subject: |
|
|
It is indeed possible in the UPnP IGD API. But I think most routers wont accept setting the NewRemoteHost parameter.
What is the router you are using ? we could do the test to see if it supports setting the NewRemoteHost parametter. _________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
machrider
Joined: 09 Oct 2008 Posts: 4
|
Posted: Fri Oct 10, 2008 3:24 pm Post subject: |
|
|
Yeah, I'm starting to realize that. I saw that the source to AddPortMapping has the NewRemoteHost parameter already. I patched the source to actually pass a value in that field, and my Linksys router promptly ignored it. It still allowed connections from any remote host.
I have another router I'm going to test this on (a CradlePoint unit). The thing is, our router selection for this project hasn't been made, so if there is one out there that obeys the NewRemoteHost parameter, it's possible we'll choose that one (assuming it has the other features we need). |
|
Back to top |
|
|
machrider
Joined: 09 Oct 2008 Posts: 4
|
Posted: Mon Oct 13, 2008 9:25 pm Post subject: |
|
|
FollowUp: The CradlePoint router (an MBR1000) respects the NewRemoteHost parameter. It seems to drop packets on the floor for anyone who isn't explicitly allowed to access the port.
Edit: Hm, I can't seem to remove the mapping on this router, though. It gives me an error 714 (NoSuchEntryInArray). The same code successfully removed the mapping on the Linksys router. Any idea why that wouldn't work on this router? |
|
Back to top |
|
|
machrider
Joined: 09 Oct 2008 Posts: 4
|
Posted: Mon Oct 13, 2008 11:04 pm Post subject: |
|
|
Ok, I figured it out. I had to specify the NewRemoteHost in the delete mapping call, too, otherwise it didn't match any mappings in the router's table. Now I've got it working 100% the way I want it. |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1589
|
Posted: Tue Oct 14, 2008 5:33 pm Post subject: |
|
|
thanks for the informations and testing !
I'm adding the RemoteHost parameter to miniupnpc APIs _________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
Babblu0
Joined: 08 Apr 2015 Posts: 1 Location: Fsd
|
Posted: Wed Apr 08, 2015 6:48 am Post subject: |
|
|
just a suggestion: it think it would be useful if the nat-pmp client features could be rolled into miniupnpc - ie miniupnpc now becomes a generic client library for all port mapping requests, regardless of the gateway protocol.
tabletop RPGs
Littlelioness
Episodes 98-99: The Apis Arc
Last edited by Babblu0 on Wed Jun 14, 2023 7:41 am; edited 1 time in total |
|
Back to top |
|
|
yakovmotog
Joined: 18 Jul 2016 Posts: 13
|
Posted: Thu Aug 04, 2016 2:13 am Post subject: Retrieve iaddr to use for UPNP_AddAnyPortMapping inClient |
|
|
miniupnp wrote: | thanks for the informations and testing !
I'm adding the RemoteHost parameter to miniupnpc APIs |
Could you please advise why is the iaddr should be provided as as upnpc command line argument to pass it as internalClient IP paramter inClient passed to UPNP_AddAnyPortMapping:
AddPortMappingArgs[4].val = inClient;
This is local Control Point upnp client IP address, can't it be retrieved instead of passing as commandargv[0] ?
Thanks |
|
Back to top |
|
|
miniupnp Site Admin
Joined: 14 Apr 2007 Posts: 1589
|
Posted: Fri Aug 05, 2016 10:17 pm Post subject: Re: Retrieve iaddr to use for UPNP_AddAnyPortMapping inCli |
|
|
yakovmotog wrote: | miniupnp wrote: | thanks for the informations and testing !
I'm adding the RemoteHost parameter to miniupnpc APIs |
Could you please advise why is the iaddr should be provided as as upnpc command line argument to pass it as internalClient IP paramter inClient passed to UPNP_AddAnyPortMapping:
AddPortMappingArgs[4].val = inClient;
This is local Control Point upnp client IP address, can't it be retrieved instead of passing as commandargv[0] ?
Thanks |
I don't understand your question.
Don't forget that upnpc.c command line tool is just sample code, it should be rewritten to suit your needs. _________________ Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
Back to top |
|
|
|