miniupnp.tuxfamily.org Forum Index miniupnp.tuxfamily.org
The forum about miniupnp and libnatpmp
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

FreeBSD 7, PS3, pf and miniupnpd

 
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Compilation/Installation
View previous topic :: View next topic  
Author Message
cykotix



Joined: 19 Jun 2008
Posts: 14

PostPosted: Thu Jun 19, 2008 3:18 am    Post subject: FreeBSD 7, PS3, pf and miniupnpd Reply with quote

I'm unsure as to whether or not this is where I should be asking because I am unsure as to whether or not this is a pf issue or a miniupnpd issue. I'll start off by saying that my PS3, after installing miniupnpd is reporting that uPNP is available; however the PS3 is still reporting that it is on NAT 3.

Using Microsoft's tool also passes the UPNP test. While it is running, I can execute `pfctl -a miniupnpd -s nat` to see the dynamic rules the rest creates.

My `/var/log/messages` doesn't report any error messages. I typically log all dropped packets and nothing comes up when my PS3 runs the internet test to see if I am still on NAT 3. Here is my miniupnpd.conf

Code:

# WAN network interface
ext_ifname=sis0
# if the WAN interface has several IP addresses, you
# can specify the one to use below
#ext_ip=

# there can be multiple listening ips for receiving SSDP traffic.
# the 1st IP is also used for UPnP Soap traffic.
#listening_ip= 192.168.0.61
listening_ip=192.168.5.1
port=5555

# bitrates reported by daemon in bits per second
bitrate_up=131072
bitrate_down=524288

# default presentation url is http address on port 80
#presentation_url=

# report system uptime instead of daemon uptime
system_uptime=yes

# notify interval in seconds default is 30 seconds.
#notify_interval=240

# log packets in pf
packet_log=yes

# uuid : generated by the install a new one can be created with
# uuidgen
uuid=9d82e633-3d9b-11dd-8e6a-000024c3eb88

# UPnP permission rules
# (allow|deny) (external port range) ip/mask (internal port range)
# A port range is <min port>-<max port> or <port> if there is only
# one port in the range.
# ip/mask format must be nn.nn.nn.nn/nn
allow 1024-65535 192.168.5.0/24 1024-65535
#allow 1024-65535 10.0.2.0/24 1024-65535
deny 0-65535 0.0.0.0/0 0-65535


Here is my pf.conf

Code:

ext_if = "sis0"
int_if = "sis1"
localnet = $int_if:network
desktop = "192.168.5.74"

nat on $ext_if from $localnet to any -> ($ext_if)
rdr-anchor miniupnpd

block in log (all) all
pass log from { lo0, $localnet, $ext_if } to any keep state
pass in inet proto tcp from any to any port ssh
pass in inet proto { tcp, udp } from any to any port domain
pass inet proto icmp from any to any



Running `tcpdump -nettti pflog0 net 192.168.5.81` (being the IP currently assigned to the PS3) before running the PS3 internet test only yields the following output:

Code:

tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes
000000 rule 4/0(match): pass in on sis1: 192.168.5.81.58308 > 192.168.5.1.5555:  tcp 40 [bad hdr length 0 - too short, < 20]
6. 422733 rule 4/0(match): pass in on sis1: 192.168.5.81.60100 > 239.255.255.250.1900: UDP, length 217
330524 rule 4/0(match): pass in on sis1: 192.168.5.81.58307 > 88.221.26.40.80: [|tcp]
229443 rule 4/0(match): pass in on sis1: 192.168.5.81.58306 > 199.108.4.73.443:  tcp 40 [bad hdr length 0 - too short, < 20]
693826 rule 4/0(match): pass in on sis1: 192.168.5.81.58305 > 198.107.157.146.443: [|tcp]
1. 467636 rule 4/0(match): pass in on sis1: 192.168.5.81.58304 > 198.107.157.128.5223: [|tcp]
1. 375546 rule 4/0(match): pass in on sis1: 192.168.5.81.60096 > 239.255.255.250.1900: UDP, length 137
000699 rule 4/0(match): pass out on sis1: 192.168.5.1.1900 > 192.168.5.81.60096: UDP, length 310
002934 rule 4/0(match): pass in on sis1: 192.168.5.81.58303 > 192.168.5.1.5555: [|tcp]
011525 rule 4/0(match): pass in on sis1: 192.168.5.81.58302 > 192.168.5.1.5555: [|tcp]
007025 rule 4/0(match): pass in on sis1: 192.168.5.81.58301 > 192.168.5.1.5555: [|tcp]
099709 rule 4/0(match): pass in on sis1: 192.168.5.81.60094 > 198.107.157.129.3478: UDP, length 56
072281 rule 4/0(match): pass in on sis1: 192.168.5.81.58300 > 192.168.5.1.5555: [|tcp]
000840 rule 4/0(match): pass in on sis1: 192.168.5.81.60094 > 198.107.157.129.3479: UDP, length 56
072861 rule 4/0(match): pass in on sis1: 192.168.5.81.60094 > 198.107.157.130.3479: UDP, length 56
076045 rule 4/0(match): pass in on sis1: 192.168.5.81.60093 > 198.107.157.129.3478: UDP, length 56
078796 rule 4/0(match): pass in on sis1: 192.168.5.81.60093 > 198.107.157.129.3479: UDP, length 56
079090 rule 4/0(match): pass in on sis1: 192.168.5.81.60093 > 198.107.157.130.3479: UDP, length 56
073271 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000133 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000255 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000123 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
099660 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000132 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000246 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000166 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
199688 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000169 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000254 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000120 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
403967 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000133 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000247 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000173 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
799009 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000131 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000245 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000118 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
1. 605597 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000131 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
002540 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000138 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
1. 594755 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000133 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000292 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000121 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
1. 599381 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000134 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000300 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000126 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
1. 599716 rule 4/0(match): pass in on sis1: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000139 rule 4/0(match): pass out on sis0: 192.168.5.81.60092 > 198.107.157.129.3478: UDP, length 2108
000244 rule 4/0(match): pass in on sis1: 192.168.5.81 > 198.107.157.129: udp
000120 rule 4/0(match): pass out on sis0: 192.168.5.81 > 198.107.157.129: udp
1. 606486 rule 4/0(match): pass in on sis1: 192.168.5.81.58296 > 192.168.5.1.5555: [|tcp]
19. 117039 rule 4/0(match): pass in on sis1: 192.168.5.81.58293 > 192.168.5.1.5555: [|tcp]


Any assistance at all in tracking down my oversight would be greatly appreciated!
Back to top
View user's profile Send private message
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1501

PostPosted: Sat Jun 21, 2008 11:20 pm    Post subject: Reply with quote

what does that mean "NAT 3" for the PS3 ?

miniupnpd should log to /var/log/daemon the request it receive from the PS3 : that could help you.
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
miniupnp
Site Admin


Joined: 14 Apr 2007
Posts: 1501

PostPosted: Mon Feb 06, 2012 2:24 pm    Post subject: Reply with quote

Some interesting blog post about PS3 + *BSD/PF/miniupnpd :
http://www.hungryhacker.com/os/upnp-igd-on-freebsd-with-pf/
_________________
Main miniUPnP author.
http://miniupnp.tuxfamily.org/
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    miniupnp.tuxfamily.org Forum Index -> miniupnpd Compilation/Installation All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP
© 2007 Thomas Bernard, author of MiniUPNP.