projects / lede-routing / .git / blob
? search:


b66621d3d62d7dd6c0e48a4cb804e6b4daf8e11a
[lede-routing/.git] / miniupnpd / patches / 101-pcp-third-party.patch
1 From 27d4d10a3ed3a4d87941247ed73bcb67c68b2bb9 Mon Sep 17 00:00:00 2001
2 From: Thomas Bernard <miniupnp@free.fr>
3 Date: Thu, 30 Oct 2014 20:37:35 +0100
4 Subject: [PATCH] miniupnpd.c: fix PCP third party mode (in IPv4)
5
6 fixes problem introduced in commit 16389fda3c5313bffc83fb6594f5bb5872e37e5e
7 ---
8  miniupnpd.c | 38 +++++++++++++++++++++++++++-----------
9  1 file changed, 27 insertions(+), 11 deletions(-)
10
11 diff --git a/miniupnpd.c b/miniupnpd.c
12 index 6468075..06bcae2 100644
13 --- a/miniupnpd.c
14 +++ b/miniupnpd.c
15 @@ -2133,30 +2133,46 @@ main(int argc, char * * argv)
16                                                                msg_buff, sizeof(msg_buff));
17                                 if (len < 1)
18                                         continue;
19 +#ifdef ENABLE_PCP
20 +                               if (msg_buff[0]==0) {  /* version equals to 0 -> means NAT-PMP */
21 +                                       /* Check if the packet is coming from a LAN to enforce RFC6886 :
22 +                                        * The NAT gateway MUST NOT accept mapping requests destined to the NAT
23 +                                        * gateway's external IP address or received on its external network
24 +                                        * interface.  Only packets received on the internal interface(s) with a
25 +                                        * destination address matching the internal address(es) of the NAT
26 +                                        * gateway should be allowed. */
27 +                                       /* TODO : move to ProcessIncomingNATPMPPacket() ? */
28 +                                       lan_addr = get_lan_for_peer((struct sockaddr *)&senderaddr);
29 +                                       if(lan_addr == NULL) {
30 +                                               char sender_str[64];
31 +                                               sockaddr_to_string((struct sockaddr *)&senderaddr, sender_str, sizeof(sender_str));
32 +                                               syslog(LOG_WARNING, "NAT-PMP packet sender %s not from a LAN, ignoring",
33 +                                                      sender_str);
34 +                                               continue;
35 +                                       }
36 +                                       ProcessIncomingNATPMPPacket(snatpmp[i], msg_buff, len,
37 +                                                                   &senderaddr);
38 +                               } else { /* everything else can be PCP */
39 +                                       ProcessIncomingPCPPacket(snatpmp[i], msg_buff, len,
40 +                                                                (struct sockaddr *)&senderaddr, NULL);
41 +                               }
42 +
43 +#else
44                                 /* Check if the packet is coming from a LAN to enforce RFC6886 :
45                                  * The NAT gateway MUST NOT accept mapping requests destined to the NAT
46                                  * gateway's external IP address or received on its external network
47                                  * interface.  Only packets received on the internal interface(s) with a
48                                  * destination address matching the internal address(es) of the NAT
49                                  * gateway should be allowed. */
50 +                               /* TODO : move to ProcessIncomingNATPMPPacket() ? */
51                                 lan_addr = get_lan_for_peer((struct sockaddr *)&senderaddr);
52                                 if(lan_addr == NULL) {
53                                         char sender_str[64];
54                                         sockaddr_to_string((struct sockaddr *)&senderaddr, sender_str, sizeof(sender_str));
55 -                                       syslog(LOG_WARNING, "NAT-PMP/PCP packet sender %s not from a LAN, ignoring",
56 +                                       syslog(LOG_WARNING, "NAT-PMP packet sender %s not from a LAN, ignoring",
57                                                sender_str);
58                                         continue;
59                                 }
60 -#ifdef ENABLE_PCP
61 -                               if (msg_buff[0]==0) {  /* version equals to 0 -> means NAT-PMP */
62 -                                       ProcessIncomingNATPMPPacket(snatpmp[i], msg_buff, len,
63 -                                                                   &senderaddr);
64 -                               } else { /* everything else can be PCP */
65 -                                       ProcessIncomingPCPPacket(snatpmp[i], msg_buff, len,
66 -                                                                (struct sockaddr *)&senderaddr, NULL);
67 -                               }
68 -
69 -#else
70                                 ProcessIncomingNATPMPPacket(snatpmp[i], msg_buff, len, &senderaddr);
71  #endif
72                         }
73 -- 
74 2.1.0
75
Unnamed repository; edit this file 'description' to name the repository.