UPnP support
-
Thank you for donating, this will give me resolve to finish this at least and not run away at the halfway point because it is upnp after all.
Seems to be coming along nicely, great work Seth!
-
UTorrent as you note now works. It actually worked before and then got broken somewhere along the way (when you updated to fix the serial number issue it seems). As well I noticed the little UPNP test program that I generall use now reports a complete success! Actually right now trying 3 different programs they all either work or report UPNP is working properly.
-
replace /etc/inc/system.inc with http://iserv.nl/files/pfsense/system.inc
replace /etc/inc/filter.inc with http://iserv.nl/files/pfsense/filter.inc
replace /usr/local/www/interfaces_lan.php with http://iserv.nl/files/pfsense/interfaces_lan.txt
replace /usr/local/www/interfaces_opt.php with http://iserv.nl/files/pfsense/interfaces_opt.txt
execute this command, fetch -o /usr/local/sbin/miniupnpd http://iserv.nl/files/pfsense/miniupnpd
execute this command, chmod +x /usr/local/sbin/miniupnpdenable it on the lan interface.
Check the sytem logs.
–-
to make it startup on reboot
replace /etc/inc/pfsense-utils.inc with http://iserv.nl/files/pfsense/pfsense-utils.inc
replace /etc/inc/system.inc with http://iserv.nl/files/pfsense/system.inc
fetch -o /usr/local/sbin/miniupnpd http://iserv.nl/files/pfsense/miniupnpd
chmod +x /usr/local/sbin/miniupnpd
replace /etc/rc.bootup with http://iserv.nl/files/pfsense/rc.bootup.txt
This works for me.
Are these the instructions for installing this on the embedded platofrm? If not how do I go about doing it? I would like to test this out.
Perferably it would be nice if this was included in the base as packages since packages arn't supported on the embedded platform, which I know has been stated throughout this thread. I know that probably wouldn't happen for the 1.0 release as features aren't being added, but for the next release this would be a great addition.
Alot of the home network appliances that are coming out require upnp, and almost every off the shelf home router supports this. However stability and other functionality isn't there on these home routers. Also the nat reflection for upnp would be an added bouns.
-
Works on embedded or full installation.
/etc/rc.conf_mount_rw will force the CF RW so you can make these changes. Or use the edit file feature from diagnostics (and command prompt).
-
I have taken Seths great work and created a package under System -> Packages. If you are on a Full Installation then please try it out. Embedded users we will get to you in a bit, please hold the comments to yourself. Thanks!
-
I have taken Seths great work and created a package under System -> Packages. If you are on a Full Installation then please try it out. Embedded users we will get to you in a bit, please hold the comments to yourself. Thanks!
Thanks, I'll be waiting for it. Might just throw a hard drive in the ip330 so I can use the packages. I really appreciate all the work everybody has put into pfsense as a whole.
-
Hi
I have install the Package on the RC2f it works fine :) , but i become follow message in my logfile.
greatly work.
Logfile.
Aug 20 18:12:02 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:12:17 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:13:26 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:02 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:02 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:02 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:14:03 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:03 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:14:03 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:15:55 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:15:55 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:15:55 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:07 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:16:07 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:37 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:16:53 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:17:01 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:41 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:41 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:17:47 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:17:57 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:17:59 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:12 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:12 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:12 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:12 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:12 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:12 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:13 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:18 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:18 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:34 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:36 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:36 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:36 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:36 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:36 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:36 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:36 miniupnpd[679]: HTTP REQUEST : SUBSCRIBE /event/WANIPConnection (HTTP/1.1)
Aug 20 18:19:36 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:36 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE
Aug 20 18:19:36 miniupnpd[679]: Unsupported HTTP Command SUBSCRIBE -
What program is this?
-
EMULE with UPNP Support eMule-0.47a-Sion-v1.3-bin
When i start the software miniupnpd open the ports, but i see the message come continue any minuteAug 20 20:32:18 last message repeated 2418160 times
Aug 20 20:22:18 last message repeated 450066 times
Aug 20 20:20:17 miniupnpd[678]: Unsupported HTTP Command SUBSCRIBE
Aug 20 20:19:37 miniupnpd[678]: Unsupported HTTP Command SUBSCRIBEIf i quit the emule the port dont close.
upnp status.
Port Protocol Internal IP Description
tcp 4662 label "eMule (TCP Port) [TCP: 4662]" 192.168.0.196 4662
udp rfa label "eMule (UDP Port) [UDP: 4672]" 192.168.0.196 4672
udp 2160 label "eMule (SVR Port) [UDP: 2160]" 192.168.0.196 2160Azureus works fine.
-
I'm able to install the package, but it doesn't seem to work at all. Starting the service on the Service Status page doesn't seem to work either.
I'm on RC2e. I tried updating the RC2f on Scott's site, but I it totally destroyed my previous install so I had to reinstall from the RC2 iso. So I'm a little reluctant to try going to "f" again and causing the same problem…
Anyone else have it working with RC2e, or will it only work on RC2f??
TIA
-
You have to configure it first. Select the interface that it will run on in the settings.
If F screwed up your install you may want to figure out what the problem is because you will get bit later by RC3.
Please start a new thread with your RC2F issues.
-
Please start a new thread with your RC2F issues.
Actually I think it was because of the manual changes I had made to test miniupnpd initially…before it was a package. Because this time after my fresh install from RC2 with all the updates sequentially, it updated fine...
Now on the the miniupnpd issues. I install the package, and no errors are noted but it just doesn't work. There's no new options on any interfaces, and on the services status page miniupnpd shows as stopped, but it will not start...
Do I need to reboot first? Nothing is mentioned during the install, so I assume no...
-
Okay, sorry, maybe I spoke too soon. I reloaded the main page, then found the minupnpd addition under diagnostics…now I think it's working...
Thanks!!
-
Still working on getting a tcpdump (libpcap-format) from the 360 for you. Just realized that I don't have any more ethernet hubs at home so I have to steal one from work tomorrow. :)
I did update miniupnpd to your latest version and I'm still getting output like this:
Aug 21 02:15:12 miniupnpd[95978]: Unknown udp packet received from 192.168.42.36:1025 Aug 21 02:15:12 miniupnpd[95978]: Unknown udp packet received from 192.168.42.36:1025 Aug 21 02:15:12 miniupnpd[95978]: Unknown udp packet received from 192.168.42.36:36301 Aug 21 02:15:12 miniupnpd[95978]: Unknown udp packet received from 192.168.42.36:36301 Aug 21 02:15:12 last message repeated 9 timesThis is what I see when I first turn it on. Unknown packets, but nothing else.
The 360 has a section to test your router/connectivity (to insure that UPnP is working and it can map the ports it needs) and that's when I see all of this below:Aug 21 02:16:02 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANIPConnection:1 Aug 21 02:16:02 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:16831 Aug 21 02:16:02 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANPPPConnection:1 Aug 21 02:16:02 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:2009 Aug 21 02:16:02 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANIPConnection:1 Aug 21 02:16:02 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:16831 Aug 21 02:16:02 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANPPPConnection:1 Aug 21 02:16:02 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:2009 Aug 21 02:16:03 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANIPConnection:1 Aug 21 02:16:03 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:16831 Aug 21 02:16:03 miniupnpd[95978]: ST: urn:schemas-upnp-org:service:WANPPPConnection:1 Aug 21 02:16:03 miniupnpd[95978]: SSDP M-SEARCH packet received from 192.168.42.36:2009 Aug 21 02:15:12 last message repeated 9 timesI did get a capture of the initial SSDP broadcasts from the 360 but I don't know if it is switching over to a unicast after the initial discovery, which is why I want to get you a better dump with a hub in the middle.
Here's what it does first:M-SEARCH * HTTP/1.1 Host: 239.255.255.250:1900 Man: "ssdp:discover" MX: 2 ST: urn:schemas-upnp-org:service:WANIPConnection:1Then immediately afterward (within a few microseconds):```
M-SEARCH * HTTP/1.1
Host: 239.255.255.250:1900
Man: "ssdp:discover"
MX: 2
ST: urn:schemas-upnp-org:service:WANPPPConnection:1Only difference is service type (PPP or IP Connection). It then fires a DNS query for "xeas.xboxlive.com". My DNS server replies (I've got a Win2k3 DC on the LAN doing DNS). AFter that it fires off the same pair of multicasted SSDP queries, two more times (it goes IP,PPP,IP,PPP). It resolves the same name in DNS a second time, and then the test completes and informs me that my router is "strict". A working UPNP router returns as "Open." I should be able to get you bidirectional captures from a working system (360 to a Linksys router that supports UPnP) as well as the pfsense box so you can compare and see what's different. I just need to get a hub over here. -
I'm not sure what MSN is trying to do here. Although I see something I could change with regards to the description.
Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#DeletePortMapping Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: Port 42193 protocol TCP allready redirected to 192.168.11.50:42193 Aug 19 19:58:34 miniupnpd[720]: AddportMapping TCP, for 192.168.11.50, port 42193, description : miniupnpd Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: GetSpecificPortMappingEntry : rhost='(null)' 42193 TCP found => 192.168.11.50:42193 desc='miniupnpd' Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: GetSpecificPortMappingEntry : rhost='(null)' 42193 TCP found => 192.168.11.50:42193 desc='miniupnpd' Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: AddportMapping TCP, for 192.168.11.50, port 42193, description : MSGR Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:34 miniupnpd[720]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 19 19:58:34 miniupnpd[720]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable Aug 19 19:58:34 miniupnpd[720]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1) Aug 19 19:58:33 miniupnpd[720]: SSDP M-SEARCH packet received from 192.168.11.50:9397</m:varname></m:varname>Weird, MSN adds a portmapping, then query's the mappings, tries mapping it again and then removes it.
Perhaps it also checks the description which is not "MSGR" but "miniupnpd". I think I can change that.
If you enable the upnp framework you should see a "Internet Connection" symbol in the network connections. When you ask the status it immediately dissapears. When you ask the properties it shows all the upnp mappings. But they are all called miniupnpd. But at least this part works. -
With regards to the eMule version that spams your syslog. Since it fired 2.4 million messages at your miniupnpd and did not remove the port mappings I consider it a broken client and I will not fix it. There is nothing to fix.
-
With regards to the XBOX, if I understand you correctly it does not even try adding a portmapping like the MSN case, am I correct?
-
BTW: I certainly can't explain this but today when I try to run the upnptest.exe program it fails on 7 and 8 while 2 days ago it was working. Nothing has changed but it now fails again… Here is what I see in the logs:
Aug 20 09:00:28 miniupnpd[11684]: SSDP M-SEARCH packet received from 192.168.17.105:1430
Aug 20 09:00:28 miniupnpd[11684]: ST:upnp:rootdevice
Aug 20 09:00:25 miniupnpd[11684]: SSDP M-SEARCH packet received from 192.168.17.105:1430
Aug 20 09:00:25 miniupnpd[11684]: ST:upnp:rootdevice
Aug 20 09:00:23 miniupnpd[11684]: /dummy not found, responding ERROR 404
Aug 20 09:00:23 miniupnpd[11684]: /dummy not found, responding ERROR 404
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : GET /dummy (HTTP/1.1)
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : GET /WANCfg.xml (HTTP/1.1)
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : GET /WANCfg.xml (HTTP/1.1)
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
Aug 20 09:00:23 miniupnpd[11684]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 20 09:00:23 miniupnpd[11684]: HTTP REQUEST : GET /WANIPCn.xml (HTTP/1.1)
Aug 20 09:00:22 miniupnpd[11684]: HTTP REQUEST : GET /WANIPCn.xml (HTTP/1.1)
Aug 20 09:00:22 miniupnpd[11684]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
Aug 20 09:00:22 miniupnpd[11684]: HTTP REQUEST : GET /rootDesc.xml (HTTP/1.1)
Aug 20 09:00:22 miniupnpd[11684]: SSDP M-SEARCH packet received from 192.168.17.105:1430
Aug 20 09:00:22 miniupnpd[11684]: ST:upnp:rootdeviceOKAY hold the press. I just tried again now for now explainable reason and it worked on all of them again. Again no changes made to the router. Here is what I get in the logs now (much longer)
Aug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#DeletePortMapping
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: GetSpecificPortMappingEntry : rhost='(null)' 1345 TCP found => 192.168.17.105:1345 desc='miniupnpd'
Aug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: GetSpecificPortMappingEntry : rhost='(null)' 1345 TCP found => 192.168.17.105:1345 desc='miniupnpd'
Aug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetSpecificPortMappingEntry
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: AddportMapping TCP, for 192.168.17.105, port 1345, description : Test Port Map
Aug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)
Aug 21 12:52:29 miniupnpd[2363]: QueryStateVariable(0"><m:varname>ConnectionStatusAug 21 12:52:29 miniupnpd[2363]: SOAPAction: urn:schemas-upnp-org:control-1-0#QueryStateVariable
Aug 21 12:52:29 miniupnpd[2363]: HTTP REQUEST : POST /control/WANIPConnection (HTTP/1.1)</m:varname></m:varname></m:varname></m:varname></m:varname></m:varname> -
Yeah it doesn't look like the XBox is actually trying to map anything, but I can't be 100% sure - I'm just going off of what the logs say at this point. I'm bringing a hub home with me tonight so I'll be able to get a full capture of both sides of the conversation.
-
OK, I have some captures finally. :) They are in LibPCap format and were generated by Wireshark (the project formerly known as Ethereal) so should be viewable by just about anyone.
There are four .pcap files in a single .zip.
192.168.42.x is my internal range here. .1 is the pfsense box. .254 is a Linksys WRT54G running Sveasoft Talisman (which has working UPnP support). .2 is my Windows 2003 server - it does DHCP and DNS for the network, and it is what I was capturing from as well.
xbox360-startup.pcap is the dump from the bootup while connected to the pfsense box. Not much interesting here - you'll see the SSDP packets where it just checks for the router, and then a bunch of UDP as it connects to XBox Live.
xbox360-test_live_connection.pcap is the results of the "test my connection to Live" from the Xbox, while still routed through the pfsense box. You'll see a bunch of SSDP queries but then nothing else other than the UDP traffic once it signs in to Live.
xbox360-startup-linksys.pcap - the name is obvious. SAme as the first, but with the default route of .254 and the pfsense box off the LAN. The Linksys does UPnP. Since the Xbox doesn't yet need a hole punched in the firewall, it doesn't try to do any more with UPnP other than check for the router.
xbox360-test_linksys_works.pcap - this is the money shot. You can see that there's a brief SSDP exchange over multicasting, and then there's a unicast exchange, and then the 360 and the Linksys start a TCP conversation. It's not on port 80 so Wireshark doesn't decode it all pretty, but if you look at the data it's just SOAP/XML/HTTP exchange. I'm guessing that this is where it actually does the magic of opening the port in the firewall. If you can mimic the Linksys's responses here it should work.
Hmm. I think I might know what the problem is. The Location: line that miniupnpd spits back is "http://<firewall ip="">:1900/rootDesc.xml" Note the uppercase D in "rootDesc.xml". $5 says that the 360 does an lcase() on the URL and tries to hit it like that…? Although I don't see any such attempt and 404 - it never appears to even try a TCP connection with the PFSense box (or at least there's no packets showing this, and I logged *). The source for Sveasoft is open and we could port over their work, but it's probably GPL vs BSD license and I know that is frowned upon. :-\
I don't know the slightest bit about BSD developent or else I'd try to lend a hand. I've had some courses in C/C++ so I might be at least remotely helpful, but I don't have a clue about how to actually work on a real project (about all I've done is 2-3 source file jobs, with a header or two and maybe one library involved).</firewall>