From: Jo-Philipp Wich Date: Wed, 14 Jan 2009 23:18:45 +0000 (+0000) Subject: packages/net/miniupnpd: - rewrite firewall to actually forward - fix bandwidth calcul... X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=a974e9dc8f4615e1f33b6a706b9e5612b827a1a1;p=openwrt%2Fsvn-archive%2Fpackages.git packages/net/miniupnpd: - rewrite firewall to actually forward - fix bandwidth calculation - swap upload and download rate - make init and hotplug scripts less verbose - bump package revision SVN-Revision: 14038 --- diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile index 6cfde4738..feba7cfad 100644 --- a/net/miniupnpd/Makefile +++ b/net/miniupnpd/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=miniupnpd PKG_VERSION:=1.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_MD5SUM:=a0f6651476721db9b554668c8c83b151 PKG_SOURCE_URL:=http://miniupnp.free.fr/files diff --git a/net/miniupnpd/files/miniupnpd.firewall b/net/miniupnpd/files/miniupnpd.firewall index df1f6f784..4761a6352 100644 --- a/net/miniupnpd/files/miniupnpd.firewall +++ b/net/miniupnpd/files/miniupnpd.firewall @@ -7,69 +7,57 @@ upnp_ipt() { } upnp_firewall_addif() { - local intif - local intip - local coldplug="$1" + local extif + local extip + local iface config_load upnpd - config_get intif config internal_iface + config_get iface config external_iface + + [ -n "$INTERFACE" -a "$INTERFACE" != "$iface" ] && return config_load network + config_get extip "${iface:-wan}" ipaddr + config_get extif "${iface:-wan}" ifname + + logger -t "upnp firewall" "adding wan interface $extif($extip)" + + upnp_ipt -t nat -N miniupnpd_${iface:-wan}_rule + upnp_ipt -t nat -A miniupnpd_${iface:-wan}_rule -i $extif -d $extip -j MINIUPNPD + upnp_ipt -t nat -A prerouting_rule -j miniupnpd_${iface:-wan}_rule - for iface in ${intif:-lan}; do - if [ -n "$coldplug" -o "$iface" == "$INTERFACE" ]; then - config_get intip "$iface" ipaddr - config_get intif "$iface" ifname - - [ -n "$intif" -a -n "$intip" ] && { - logger -t "upnp firewall" "adding interface $iface($intip)" - - upnp_ipt -t nat -N MINIUPNPD - upnp_ipt -t nat -N miniupnpd_${iface}_rule - upnp_ipt -t nat -A miniupnpd_${iface}_rule -i $intif -d $intip -j MINIUPNPD - upnp_ipt -t nat -A prerouting_rule -j miniupnpd_${iface}_rule - - upnp_ipt -t filter -N MINIUPNPD - upnp_ipt -t filter -N miniupnpd_${iface}_rule - upnp_ipt -t filter -A miniupnpd_${iface}_rule -i $intif -o ! $intif -j MINIUPNPD - upnp_ipt -t filter -A forwarding_rule -j miniupnpd_${iface}_rule - } - fi - done + upnp_ipt -t filter -N miniupnpd_${iface:-wan}_rule + upnp_ipt -t filter -A miniupnpd_${iface:-wan}_rule -i $extif -o ! $extif -j MINIUPNPD + upnp_ipt -t filter -A forwarding_rule -j miniupnpd_${iface:-wan}_rule } upnp_firewall_delif() { - local iface="${1:-$INTERFACE}" + local iface + + config_load upnpd + config_get iface config external_iface - if [ -n "$iface" ]; then - logger -t "upnp firewall" "removing interface $iface" + [ -n "$INTERFACE" -a "$INTERFACE" != "$iface" ] && return - upnp_ipt -t nat -D prerouting_rule -j miniupnpd_${iface}_rule - upnp_ipt -t nat -F miniupnpd_${iface}_rule - upnp_ipt -t nat -X miniupnpd_${iface}_rule + logger -t "upnp firewall" "removing wan interface" - upnp_ipt -t filter -D forwarding_rule -j miniupnpd_${iface}_rule - upnp_ipt -t filter -F miniupnpd_${iface}_rule - upnp_ipt -t filter -X miniupnpd_${iface}_rule - fi + upnp_ipt -t nat -D prerouting_rule -j miniupnpd_${iface:-wan}_rule + upnp_ipt -t nat -F miniupnpd_${iface:-wan}_rule + upnp_ipt -t nat -X miniupnpd_${iface:-wan}_rule + + upnp_ipt -t filter -D forwarding_rule -j miniupnpd_${iface:-wan}_rule + upnp_ipt -t filter -F miniupnpd_${iface:-wan}_rule + upnp_ipt -t filter -X miniupnpd_${iface:-wan}_rule } upnp_firewall_start() { - logger -t "upnp firewall" "starting ..." - upnp_firewall_addif coldplug + upnp_ipt -t nat -N MINIUPNPD + upnp_ipt -t filter -N MINIUPNPD + upnp_firewall_addif } upnp_firewall_stop() { - local intif - config_load upnpd - config_get intif config internal_iface - - logger -t "upnp firewall" "stopping ..." - - for iface in ${intif:-lan}; do - upnp_firewall_delif "$iface" - done - + upnp_firewall_delif upnp_ipt -t nat -F MINIUPNPD upnp_ipt -t nat -X MINIUPNPD upnp_ipt -t filter -F MINIUPNPD diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init index 9a5b586c8..5e337df5f 100644 --- a/net/miniupnpd/files/miniupnpd.init +++ b/net/miniupnpd/files/miniupnpd.init @@ -3,9 +3,16 @@ START=95 include /lib/miniupnpd +boot() { + # On boot, there's a race condition with hotplug, + # therfore do nothing here + return +} + start() { local extif local intif + local extiface local upload local download local logging @@ -17,14 +24,13 @@ start() { config_get download config download config_get_bool logging config log_output 0 - config_get extif ${extif:-wan} ifname + config_load "network" + config_get extiface ${extif:-wan} ifname - if [ -n "$extif" ]; then - logger -t "upnp daemon" "starting ..." - + if [ -n "$extiface" ]; then upnp_firewall_start - local args="-i $extif" + local args="-i $extiface" for iface in ${intif:-lan}; do local ipaddr @@ -35,7 +41,7 @@ start() { append args "-p 5000 -U" [ -n "$upload" -a -n "$download" ] && \ - append args "-B $(($upload * 1024 / 8)) $(($download * 1024 / 8))" + append args "-B $(($download * 1024 * 8)) $(($upload * 1024 * 8))" if [ "$logging" = "1" ]; then eval start-stop-daemon -S -x miniupnpd -- $args -d | logger -t miniupnpd & @@ -48,7 +54,6 @@ start() { } stop() { - logger -t "upnp daemon" "stopping ..." start-stop-daemon -K -q -x miniupnpd -p /var/run/miniupnpd.pid upnp_firewall_stop }