| View previous topic :: View next topic |
| Author |
Message |
daringone
Joined: 13 Sep 2011
Posts: 3
|
 Posted: Tue Sep 13, 2011 6:46 pm Post subject: miniupnpd + minissdpd + PF on OpenBSD 4.9 |
 |
|
Greetings all:
I'm waving the white flag and asking for help  After successfully compiling and installing miniupnpd on my OpenBSD 4.9 PF box, I fired it up hoping to get my Xbox360 to show me an open NAT. Unfortunately, nothing seemed to be happening. When I went back and ran miniupnpd in debug mode, when turning on the 360, I saw the following:
| Code: | # /sbin/miniupnpd -d
miniupnpd[17583]: HTTP listening on port 9361
miniupnpd[17583]: SSDP M-SEARCH from 172.29.0.36:16514 ST: uuid:2ec2659e-5565-46da-9644-09ee709339b1
miniupnpd[17583]: SSDP M-SEARCH from 172.29.0.36:16514 ST: uuid:2ec2659e-5565-46da-9644-09ee709339b1
miniupnpd[17583]: SSDP M-SEARCH from 172.29.0.36:16514 ST: uuid:2ec2659e-5565-46da-9644-09ee709339b1
miniupnpd[17583]: 160 rt_msg : msglen=160 version=4 type=1
miniupnpd[17583]: unprocessed RTM message type=1 |
Great, I thought. My 360 is certainly talking to the daemon. I noticed the SSDP acronym in there and remembered there being another daemon available for that. I checked the front page for miniupnpd, and sure enough the minissdpd program works alongside miniupnpd. So I install that and run them both side by side. Now I get the following while watching in debug:
miniupnpd:
| Code: | # /sbin/miniupnpd -d
miniupnpd[16291]: HTTP listening on port 9955
miniupnpd[16291]: bind(udp): Address already in use
miniupnpd[16291]: Failed to open socket for receiving SSDP. Trying to use MiniSSDPd
|
minissdpd:
| Code: | minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:00000000-0000-0000-0200-0025AE7906AD::urn:schemas-microsoft-com:nhed:presence:1
minissdpd[26387]: ** i=1 deltadev=0 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:60028570-1805-2000-0000-0025ae7906ad::upnp:rootdevice
minissdpd[26387]: ** i=1 deltadev=1 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: device updated : uuid:60028570-1805-2000-0000-0025ae7906ad::upnp:rootdevice
minissdpd[26387]: ** i=0 deltadev=2 **
minissdpd[26387]: 2 new devices added
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:60028570-1805-2000-0000-0025ae7906ad
minissdpd[26387]: ** i=1 deltadev=0 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: device updated : uuid:60028570-1805-2000-0000-0025ae7906ad
minissdpd[26387]: ** i=0 deltadev=1 **
minissdpd[26387]: 1 new devices added
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:device:MediaRenderer:1
minissdpd[26387]: ** i=1 deltadev=0 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: device updated : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:device:MediaRenderer:1
minissdpd[26387]: ** i=0 deltadev=1 **
minissdpd[26387]: 1 new devices added
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:service:ConnectionManager:1
minissdpd[26387]: ** i=1 deltadev=0 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: device updated : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:service:ConnectionManager:1
minissdpd[26387]: ** i=0 deltadev=1 **
minissdpd[26387]: 1 new devices added
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: new device discovered : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:service:RenderingControl:1
minissdpd[26387]: ** i=1 deltadev=0 **
minissdpd[26387]: SSDP request: 'NOTIFY' (2) st=
minissdpd[26387]: device updated : uuid:60028570-1805-2000-0000-0025ae7906ad::urn:schemas-upnp-org:service:RenderingControl:1
minissdpd[26387]: ** i=0 deltadev=1 **
minissdpd[26387]: 1 new devices added
|
Seeing the new devices added line makes me think I'm in business. Unfortunately, still a strict NAT type. When I check PF, I see my problem. No rules!
| Code: | | pfctl -a miniupnpd -sr produces no output |
I'm sure I've got my anchor in there, though the only thing I've noticed is that everything I've been able to find seems to refer to PF before the rules change in OpenBSD 4.7.
pf.conf:
| Code: | #############
# Xbox Live #
#############
# In order to get Xbox Live to work properly, we've got to throw traffic to a UPnP daemon.
# It will then make the rules in PF to allow traffic to flow properly.
anchor "miniupnpd" |
The last oddity I'm running into is despite the servers apparently reacting to the 360, if I run the upnpc-static.exe -s command on my Windows 7 machine, I get an error: "No IGD UPnP Device found on the network!"
So I'm currently at a loss for why PF rules aren't being created. Help would be greatly appreciated! |
|
| Back to top |
|
 |
daringone
Joined: 13 Sep 2011
Posts: 3
|
| Posted: Wed Sep 14, 2011 4:28 pm Post subject: |
|
|
Alright, so new development. As I came in to work today to bang on this some more, I brought up my Windows 7 machine and for giggles after making some changes, tried the miniupnp client again. I get a response now when doing a upnpc-static.exe -s command! I'm thinking I must have botched something with Windows, as I was having issues with my machine all yesterday even getting it on the network I've set up. In any case, here's my output:
Windows Console:
| Code: | C:\Users\daringone\Desktop\upnpc-exe-win32-20110714>upnpc-static.exe -s
upnpc : miniupnpc library test client. (c) 2006-2011 Thomas Bernard
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://172.29.0.1:18372/rootDesc.xml
st: upnp:rootdevice
Found valid IGD : http://172.29.0.1:18372/ctl/IPConn
Local LAN ip address : 172.29.0.5
Connection Type : IP_Routed
Status : Connected, uptime=89352s, LastConnectionError : ERROR_NONE
Time started : Tue Sep 13 11:33:09 2011
MaxBitRateDown : 15000000 bps (15.0 Mbps) MaxBitRateUp 15000000 bps (15.0 Mbps
)
ExternalIPAddress = X.X.X.X (obfuscated... it's valid though, trust me)
Bytes: Sent: 3834560 Recv: 35360548
Packets: Sent: 23777 Recv: 194812 |
minissdpd:
| Code: | # /usr/sbin/minissdpd -d -i 172.29.0.1
minissdpd[1901]: (s=6) new request connection
minissdpd[1901]: (s=6) request type=4 str='upnp:rootdevice'
minissdpd[1901]: usn='uuid:a9acf00b-bc81-418d-b482-c3dd346bdd58::upnp:rootdevice'
minissdpd[1901]: server='OpenBSD/4.9 UPnP/1.0 MiniUPnPd/1.6'
minissdpd[1901]: location='http://172.29.0.1:18372/rootDesc.xml'
minissdpd[1901]: (s=6) request connection closed
minissdpd[1901]: SSDP request: 'M-SEARCH' (1) st=urn:schemas-upnp-org:device:InternetGatewayDevice:1
minissdpd[1901]: SSDP M-SEARCH from 172.29.0.5:58619 ST:urn:schemas-upnp-org:device:InternetGatewayDevice:1
minissdpd[1901]: ** i=0 deltadev=0 **
minissdpd[1901]: SSDP request: 'M-SEARCH' (1) st=urn:schemas-upnp-org:service:WANIPConnection:1
minissdpd[1901]: SSDP M-SEARCH from 172.29.0.5:58619 ST:urn:schemas-upnp-org:service:WANIPConnection:1
minissdpd[1901]: ** i=0 deltadev=0 **
minissdpd[1901]: SSDP request: 'M-SEARCH' (1) st=urn:schemas-upnp-org:service:WANPPPConnection:1
minissdpd[1901]: SSDP M-SEARCH from 172.29.0.5:58619 ST:urn:schemas-upnp-org:service:WANPPPConnection:1
minissdpd[1901]: ** i=0 deltadev=0 **
minissdpd[1901]: SSDP request: 'M-SEARCH' (1) st=upnp:rootdevice
minissdpd[1901]: SSDP M-SEARCH from 172.29.0.5:58619 ST:upnp:rootdevice
minissdpd[1901]: ** i=0 deltadev=0 ** |
miniupnpd:
| Code: | # /sbin/miniupnpd -d
miniupnpd[16037]: HTTP listening on port 18372
miniupnpd[16037]: bind(udp): Address already in use
miniupnpd[16037]: Failed to open socket for receiving SSDP. Trying to use MiniSSDPd
miniupnpd[16037]: HTTP connection from 172.29.0.5:49254
miniupnpd[16037]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
miniupnpd[16037]: HTTP connection from 172.29.0.5:49255
miniupnpd[16037]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo
miniupnpd[16037]: HTTP connection from 172.29.0.5:49256
miniupnpd[16037]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetConnectionTypeInfo
miniupnpd[16037]: HTTP connection from 172.29.0.5:49257
miniupnpd[16037]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo
miniupnpd[16037]: HTTP connection from 172.29.0.5:49258
miniupnpd[16037]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetCommonLinkProperties
miniupnpd[16037]: HTTP connection from 172.29.0.5:49259
miniupnpd[16037]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress
miniupnpd[16037]: HTTP connection from 172.29.0.5:49260
miniupnpd[16037]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetTotalBytesSent
miniupnpd[16037]: HTTP connection from 172.29.0.5:49261
miniupnpd[16037]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetTotalBytesReceived
miniupnpd[16037]: HTTP connection from 172.29.0.5:49262
miniupnpd[16037]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetTotalPacketsSent
miniupnpd[16037]: HTTP connection from 172.29.0.5:49263
miniupnpd[16037]: HTTP REQUEST : POST /ctl/CmnIfCfg (HTTP/1.1)
miniupnpd[16037]: SOAPAction: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1#GetTotalPacketsReceived |
So I'm getting somewhere here. When I turn on an Xbox, I still see what I did yesterday, where requests come in to the SSDP daemon, but nothing on the UPnP daemon, and no rules are ever created. I was thinking originally that my Xbox problem was no rules being created, but now I'm beginning to wonder if it's even actually talking correctly to the UPnP daemon. Anyhow, chime in with ideas if you've got them! |
|
| Back to top |
|
|
daringone
Joined: 13 Sep 2011
Posts: 3
|
| Posted: Wed Sep 14, 2011 7:36 pm Post subject: |
|
|
As is sometimes the case, you solve your own problems. This is one of those instances. I found the sticky post in this forum about needing the 360 to be using DHCP to properly use UPnP. In my laziness in not wanting to have to set up a lab DHCP server, I didn't. This resulted in a lot more time wasted than if I'd just done it from the get go. Anyhow, I broke down and configured the service and saw the same thing where minissdpd didn't appear to be forwarding on the 360's requests. I then thought, well, let's see what happens if I just don't run it. I've seen miniupnpd receive requests before. I killed the minissdp daemon and tried again, and I'm now GOLDEN. If anything, let this be an example to everyone of a working miniupnpd config on OpenBSD 4.9 and miniupnpd 1.6 with an Xbox 360. I'll be bringing in my PS3 next...
miniupnpd config.h file:
Ensure the define PF_ENABLE_FILTER_RULE line is not commented.
miniupnpd.conf
| Code: | # WAN network interface
#ext_ifname=eth0
ext_ifname=bnx1
# if the WAN interface has several IP addresses, you
# can specify the one to use below
#ext_ip=
# LAN network interfaces IPs / networks
# there can be multiple listening ips for SSDP traffic.
# should be under the form nnn.nnn.nnn.nnn/nn
# HTTP is available on all interfaces
# When MULTIPLE_EXTERNAL_IP is enabled, the external ip
# address associated with the subnet follows. for example :
# listening_ip=192.168.0.1/24 88.22.44.13
#listening_ip=192.168.0.1/24
#listening_ip=192.168.1.1/24
listening_ip=172.29.0.1/24 173.241.225.183
# port for HTTP (descriptions and SOAP) traffic. set 0 for autoselect.
port=0
# path to the unix socket used to communicate with MiniSSDPd
# If running, MiniSSDPd will manage M-SEARCH answering.
# default is /var/run/minissdpd.sock
minissdpdsocket=/var/run/minissdpd.sock
# enable NAT-PMP support (default is no)
#enable_natpmp=no
# enable UPNP support (default is yes)
enable_upnp=yes
# chain names for netfilter (not used for pf or ipf).
# default is MINIUPNPD for both
#upnp_forward_chain=forwardUPnP
#upnp_nat_chain=UPnP
# lease file location
#lease_file=/var/log/upnp.leases
# bitrates reported by daemon in bits per second
bitrate_up=15000000
bitrate_down=15000000
# "secure" mode : when enabled, UPnP client are allowed to add mappings only
# to their IP.
#secure_mode=yes
secure_mode=no
# default presentation url is http address on port 80
# If set to an empty string, no presentationURL element will appear
# in the XML description of the device, which prevents MS Windows
# from displaying an icon in the "Network Connections" panel.
#presentation_url=http://www.mylan/index.php
# report system uptime instead of daemon uptime
system_uptime=yes
# notify interval in seconds. default is 30 seconds.
#notify_interval=240
notify_interval=60
# unused rules cleaning.
# never remove any rule before this threshold for the number
# of redirections is exceeded. default to 20
#clean_ruleset_threshold=10
# clean process work interval in seconds. default to 0 (disabled).
# a 600 seconds (10 minutes) interval makes sense
clean_ruleset_interval=600
# log packets in pf
packet_log=no
# ALTQ queue in pf
# filter rules must be used for this to be used.
# compile with PF_ENABLE_FILTER_RULES (see config.h file)
#queue=queue_name1
# tag name in pf
#tag=tag_name1
# make filter rules in pf quick or not. default is yes
# active when compiled with PF_ENABLE_FILTER_RULES (see config.h file)
#quickrules=no
# uuid : generate your own with "make genuuid"
uuid=(generate yourself a uuid)
# serial and model number the daemon will report to clients
# in its XML description
serial=12345678
model_number=1
# UPnP permission rules
# (allow|deny) (external port range) ip/mask (internal port range)
# A port range is <min port>-<max port> or <port> if there is only
# one port in the range.
# ip/mask format must be nn.nn.nn.nn/nn
# it is advised to only allow redirection of port above 1024
# and to finish the rule set with "deny 0-65535 0.0.0.0/0 0-65535"
allow 1024-65535 172.29.0.0/24 1024-65535
#allow 1024-65535 192.168.0.0/24 1024-65535
#allow 1024-65535 192.168.1.0/24 1024-65535
#allow 1024-65535 192.168.0.0/23 22
#allow 12345 192.168.7.113/32 54321
deny 0-65535 0.0.0.0/0 0-65535
|
pf.conf relavent section:
| Code: | #############
# Xbox Live #
#############
# In order to get Xbox Live to work properly, we've got to talk to a UPnP daemon.
# It will then make the rules in PF to allow traffic to flow properly.
anchor "miniupnpd" |
|
|
| Back to top |
|
|
miniupnp
Site Admin
Joined: 14 Apr 2007
Posts: 1589
|
| Posted: Thu Sep 15, 2011 9:31 am Post subject: |
|
|
Thank you for sharing your experience.
DHCP enabled on the XBOX360 is the thing to check first 
Also about running miniSSDPd: This is only useful if you want to run several UPnP devices on the same box. For instance miniDLNA and miniUPnPd.
If only miniUPnPd run on the box, it can handle its SSDP trafic by itself.
_________________
Main miniUPnP author.
https://miniupnp.tuxfamily.org/ |
|
| Back to top |
|
|
miniupnp
Site Admin
Joined: 14 Apr 2007
Posts: 1589
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
© 2007 Thomas Bernard, author of MiniUPNP.
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
