git.openwrt.org Git - feed/packages.git/commit

author	Tiago Gaspar <tiagogaspar8@gmail.com>
	Tue, 16 Aug 2022 21:35:11 +0000 (22:35 +0100)
committer	Rosen Penev <rosenp@gmail.com>
	Thu, 25 Aug 2022 07:40:19 +0000 (00:40 -0700)
commit	651a578cac6168566cf727d6b82ce819e41bbbbe
tree	7527a2752fa2c02c506ce2bb8e4a2e8f1b942582	tree \| snapshot
parent	1d795f2c1ed0e3f42962f3547d63a86bf0d06e58	commit \| diff

miniupnpd: update and fix nftables variant

Update the package to a commit that fixes an issue with removing PCP
mappings from nftables.
This also allows us to fix the nftables miniupnpd implementation on
openwrt.
In this new implementation, a table is created at the start of miniupnpd
and it is dedicated to miniupnpd with a priority above the firewall4
table. This allows miniupnpd to go ahead of the drop rules of firewall4
and forward traffic as needed. There was the possibility of adding a
chain inside the firewall4 table, but this would raise an issue where
if firewall4 was reloaded the port forwardings would be lost and
miniupnpd could be out of sync. When miniupnpd is stopped the table is
deleted, taking the port forwardings with it.

Some of this commit is based of msylgj's work, mainly the logic of the
init/hotplug scripts and the makefile build parameters.

Signed-off-by: ZiMing Mo <msylgj@immortalwrt.org>
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>

net/miniupnpd/Makefile		diff \| blob \| history
net/miniupnpd/files/miniupnpd.hotplug		diff \| blob \| history
net/miniupnpd/files/miniupnpd.init		diff \| blob \| history
net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch	[deleted file]	blob \| history