miniupnp.tuxfamily.org Forum Index miniupnp.tuxfamily.org
The forum about miniupnp and libnatpmp
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

When the wan ip changed, or wan interface changed, how to?

 
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Compilation/Installation
View previous topic :: View next topic  
Author Message
weixing979



Joined: 16 Feb 2023
Posts: 6
Location: china

PostPosted: Thu Feb 16, 2023 9:06 am    Post subject: When the wan ip changed, or wan interface changed, how to? Reply with quote

Hello ,
I am using miniupnpd 2.3.2 in my CPE device, the CPE has multiple Cellular network wan interface , CPE can only use one of these interfaces to connect internet at the same time.

I have some questions about the wan ip or wan interface changed.

1 Wan interface is Cellular Wan, it's name is ccmni1, and miniupnpd is running (its external_iface wan is ccmni1), and port mapping rules has been created for lan device.
When ccmni1 interface happens down/ up, and it's public ip changed. In this scenario,what I will do ?
If I do nothing, the port mapping rules can continue work?
Does it need restart miniupnpd?


2 Wan interface is Cellular Wan, it's name is ccmni1, and miniupnpd is running (its external_iface wan is ccmni1), and port mapping rules has been created for lan device.
But user modify the CPE configure , CPE use another interface ccmni2 to connect internet , ccmni1 can not connect internet now.

In this scenario, do I need restart miniupnpd?
If yes, the port mapping rules will be deleted, then how to resume these rules ?

thank you very much.
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Fri Feb 17, 2023 3:00 am    Post subject: Reply with quote

Scenario 1 : it all depends on your configuration. Which OS ? which packet filtering / masquerading engine ? (pf, netfilter iptables ? netfilter nftables ?)

Scenario 2 : indeed if the external network interface changes miniupnpd need to be restarted.
You will need additional scripts to clean existing port forwarding rules.
To reload existing rules to the new network interface you could use the lease file feature of miniupnpd
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
weixing979



Joined: 16 Feb 2023
Posts: 6
Location: china

PostPosted: Fri Feb 17, 2023 6:10 am    Post subject: Reply with quote

Thank you for your reply.

Scenario 1 My OS is Linux OpenWrt 5.4.179 #0 SMP Thu Jan 5 03:03:09 2023 aarch64 GNU/Linux
it use netfilter iptables.


Scenario 2

I have create scripts to clean existing port forwarding rules when miniupnpd is stoped.

I have set lease file parameter '/var/run/miniupnpd.leases'
and I checked it's contents,it has the port mapping rules.

So under these conditions ,if the external interface is changed from ccmni1 to ccmni2, I just need modify the external interface in the config file and restart miniupnpd . is it right?
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Fri Feb 17, 2023 1:23 pm    Post subject: Reply with quote

scenario 1.
The IPTABLES entries created by miniupnpd don't depend on the IP address of the WAN interface, so I think everything will be OK
Please check the IPTABLES entries anyway.

scenario 2.
I don't remember well if the IPTABLES entries created by miniupnpd depends on the WAN interface name. If that is not the case, you won't even need to clean/reload existing rules.

Please have a look by yourself.

you can used the provided iptables_display.sh / iptables_display_miniupnpd.sh to show them.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
weixing979



Joined: 16 Feb 2023
Posts: 6
Location: china

PostPosted: Tue Feb 21, 2023 2:24 am    Post subject: Reply with quote

Hello
below is the rules created by miniupnpd

Chain MINIUPNPD (0 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:17819 to:192.168.1.143:54321
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:17819 to:192.168.1.143:12345
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:57572 to:192.168.1.143:6763
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:57572 to:192.168.1.143:57572
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6761 to:192.168.1.143:6761

Chain MINIUPNPD-POSTROUTING (0 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:54321 masq ports: 17819
0 0 MASQUERADE udp -- * * 192.168.1.143 0.0.0.0/0 udp spt:12345 masq ports: 17819
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:6763 masq ports: 57572
0 0 MASQUERADE udp -- * * 192.168.1.143 0.0.0.0/0 udp spt:57572 masq ports: 57572
0 0 MASQUERADE tcp -- * * 192.168.1.143 0.0.0.0/0 tcp spt:6761 masq ports: 6761


I found a way to process Scenario 1 and Scenario 2, when the wan re-attach , I restart the miniupnd will be OK.
(It consists of several steps,
1 stop miniupnpd,clean the port mapping rules.
2 start miniupnpd , reload the port mapping rules from the lease file )

BTW: if miniupnpd don't depend on the IP and WAN interface name, can port mapping rules be created ?
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1590

PostPosted: Tue Feb 21, 2023 7:38 am    Post subject: Reply with quote

Quote:
BTW: if miniupnpd don't depend on the IP and WAN interface name, can port mapping rules be created ?

the way MINIUPNPD chain is called depends on the WAN interface name or address.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
weixing979



Joined: 16 Feb 2023
Posts: 6
Location: china

PostPosted: Tue Feb 21, 2023 8:07 am    Post subject: Reply with quote

Ok,I have found the method.
Thank you very much.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Compilation/Installation All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP
© 2007 Thomas Bernard, author of MiniUPNP.