UPnP support
-
Nice work :)
Thanks!! I worked on this some more and have added the ability to set the maximum downstream and upstream bitrates, and the option to use the pfSense system uptime instead of the daemon uptime. I am going to talk to Thomas and see if he will include these options. If not I will most likely add just include them in his future releases (reasons follow).
I like the option of seeing the pfSense system uptime as the dhcp renewal on the wan interface restarts miniupnpd every 12 hours (varying on your ISP) so its uptime serves no purpose to me. Maybe I should just have it default this way and not give the option in the package gui? I'm sure others have this same issue as well. The above post with the WinXP screenshot where is says duration is the uptime.
Also the bitrate is currently hard coded. I have a feeling some UPnP programs use this to determine the ideal amount of bandwidth to use for downloading, etc.
Heres a screenshot of the package gui. I'm debating on how the downstream and upstream bandwidths should be inputed, in bitrate as shown, Mbps, etc. I'm thinking bitrates are hard to read quickly as the values shown are 5Mbps down/2Mbps up. Then again if I do it in Mbps people on 768/128 DSL would be fractional. So maybe the best option is Kbps.
Of course these fields are all optional. The only required field is the interface. If the bitrates are omitted miniupnpd will use the nic link speed which most likely would be 100Mbps maybe 10Mbps.
Comments and suggestions are appreciated.
-
Auto fill in the bitrate from the shaper settings (in kbps) if set :)
–Bill
-
Auto fill in the bitrate from the shaper settings (in kbps) if set :)
–Bill
Yes, please! I know for a fact a lot of folks are entering the WRONG values for the shaper. Hell, if it bit me, I know it is biting others!
bits to kilobytes to megabytes to petabytes… Who needs this burden to do math... This is one of the things I hope to fix before 2.0 comes out.
-
Auto fill in the bitrate from the shaper settings (in kbps) if set :)
–Bill
Yes, please! I know for a fact a lot of folks are entering the WRONG values for the shaper. Hell, if it bit me, I know it is biting others!
bits to kilobytes to megabytes to petabytes… Who needs this burden to do math... This is one of the things I hope to fix before 2.0 comes out.
Sure I can do that. Is there a way to hide the xml fields if using the shaper values and show them otherwise? I don't see how there is, but figured I'd ask.
Otherwise I think the best option is to hide the fields and use the traffic shaper values behind the scenes. Showing them would just confuse people and they might start changing them. I did some testing with the traffic shaper setup and even if the user doesn't want the traffic shaper if they just go through the first page and define the lan and wan speeds it will save that to the config. Then they can just click next and click the pfSense logo and it will leave the shaper disabled.
Only thing left is how to inform the user of the above. I didn't see a field type I could put in the xml file to just show text on the configuration page.
-
Auto fill in the bitrate from the shaper settings (in kbps) if set :)
–Bill
Yes, please! I know for a fact a lot of folks are entering the WRONG values for the shaper. Hell, if it bit me, I know it is biting others!
bits to kilobytes to megabytes to petabytes… Who needs this burden to do math... This is one of the things I hope to fix before 2.0 comes out.
Sure I can do that. Is there a way to hide the xml fields if using the shaper values and show them otherwise? I don't see how there is, but figured I'd ask.
Otherwise I think the best option is to hide the fields and use the traffic shaper values behind the scenes. Showing them would just confuse people. I did some testing with the traffic shaper setup and even if the user doesn't want the traffic shaper if they just go through the first page and define the lan and wan speeds it will save that to the config. Then they can just click next and click the pfSense logo and it will leave the shaper disabled.
Only thing left is how to inform the user of the above. I didn't see a field type I could put in the xml file to just show text on the configuration page.
Sure. Simply unset the items from the xml array in the pre processing functions. I'd have to look at which one it is but IIRC its something like before_form or something or other. Grep should find it.
-
Sure. Simply unset the items from the xml array in the pre processing functions. I'd have to look at which one it is but IIRC its something like before_form or something or other. Grep should find it.
Sounds like a plan. I will look into that.
Alright I got it all working. When the shaper values are defined the fields are hidden and the values from the shaper are used. Otherwise the user can fill in the values. Thomas got back to me and theres a few things I still need to resolve. I should have the new version committed Wednesday night.
-
I just committed version 20061107. Full installs reinstall the package via the package manager. Embedded install you can use the sh-update-miniupnpd.sh talked about a few posts back or reflash.
http://wgnrs.dynalias.com:81/pfsense/miniupnpd/sh-update-miniupnpd.sh
http://wgnrs.dynalias.com:81/pfsense/pfSense-1.0.1-Embedded-Miniupnpd.img.gzminiupnpd 20061107: CB9C843FD9A01CFD55AD280F497A45E2
-
spectacular stuff. Looking back at last Feb. I'm amazed at how far this project has come. :) My continued thanks to all of you who have put effort into UPnP as it has made my life at home a lot easier. (No more screwing around with port forwards for random IM clients and stuff…) Plus, I can have 2 xbox 360s under one roof without any problems. ;D
-
It's seems with this latest package the 100% CPU usage problem is back.
I'm get the old error:```
miniupnpd[10622]: recv (state0): Operation timed outIt seems to happen every couple of days. I have to restart the miniupnpd service and then all is well. The earlier packages seemed to do it as well, but it took longer between times the problem would reappear. I noticed that as of today (Nov 10/06) there is new version of miniupnpd on it's site, but the changelog doesn't mention any changes that would fix this problem. -
It's seems with this latest package the 100% CPU usage problem is back.
I'm get the old error:```
miniupnpd[10622]: recv (state0): Operation timed outIt seems to happen every couple of days. I have to restart the miniupnpd service and then all is well. The earlier packages seemed to do it as well, but it took longer between times the problem would reappear. I noticed that as of today (Nov 10/06) there is new version of miniupnpd on it's site, but the changelog doesn't mention any changes that would fix this problem.Hmm I've never experienced that. I really have no way to test this on as my box is using DHCP on the WAN interface and the lease is renewed every 12 hours. The packages are resynced when this happens and miniupnpd restarts.
The changes that have been made to the code were fixing a major memory leak (about 40kb leak per add/remove mapping) and additional code to read the bytes/packets in/out and system uptime. No major changes have occurred and I can't see how the changes would affect this.
I will contact Thomas the author of miniupnpd and see what he has to say. The latest version on his site has improved error handling and I was planning to update the pfsense package later today. I will hold off until I receive word from Thomas.
-
I was looking at the code changes for the 20061110 version posted today and it might fix this issue. The error you receive is coming from upnphttp.c line 273: The new version adds the h->state = 100; which would close out that state instead of endlessly looping through it. I will build and update the package to the latest version and you can let me know if it addresses the issue. I sent Thomas another email asking what he thinks. I will let you know the response.
if(n<0)
{
syslog(LOG_ERR, "recv (state0): %m");
h->state = 100;
} -
Thanks for the quick response. I will try out the package when it is available! I'll post my observations. Of course I'll probably have to wait a few days to see if the problem resurfaces.
Thanks!! :D
-
Thanks for the quick response. I will try out the package when it is available! I'll post my observations. Of course I'll probably have to wait a few days to see if the problem resurfaces.
Thanks!! :D
I committed it a 15 min ago so you should be good to go. Just reinstall via package manager installed packages tab.
-
Let us know when/if you put out a binary update for the poor embedded users…
I'm starting to consider building my own "hybrid" system - soekris board, but using a notebook drive or perhaps a microdrive so I can have packages and logging and stuff. I suppose that is better discussed in a different thread though...
-
I have myself experienced this problem but was unable to reproduce it.
This last couple of days, I tested the Daemon behaviour when receiving for ill formed HTTP requests. in some cases I succeded in reproducing the bug.
I improved a lot the handling of unexpected HTTP requests, because it was also possible to make the daemon seg fault very easily.
So yes, I hope I've fixed this cpu usage issue but I cannot be sure.Thanks
Thomas.
That was his response. I forgot to mention that embeddeds can use the sh-update-miniupnpd.sh or reflash. It's been awhile so here are the instructions. The images I update after I commit the miniupnpd changes. The sh-update-miniupnpd.sh script always grabs the latest from the pfSense server.
http://wgnrs.dynalias.com:81/pfsense/pfSense-1.0.1-Embedded-Miniupnpd.img.gz
md5sums for the binaries: http://wgnrs.dynalias.com:81/pfsense/miniupnpd/md5sums
Either use the console terminal or ssh into the box. Select option 8 shell. Enter the following commands. If you use the webgui command prompt you will find the page just hangs.
fetch -o - "http://wgnrs.dynalias.com:81/pfsense/miniupnpd/sh-update-miniupnpd.sh" | sh -The results should like similar to below. The current version prints the md5sum which you can compare to the above file.
- 100% of 868 B 294 kBps /usr/local/sbin/miniupnpd 100% of 50 kB 290 kBps /usr/local/pkg/miniupnpd.inc 100% of 5622 B 1316 kBps /usr/local/pkg/miniupnpd.xml 100% of 2904 B 923 kBps /usr/local/www/status_upnp.php 100% of 4185 B 1029 kBps MD5 (/usr/local/sbin/miniupnpd) = d0c92af435c82b52b591527227f07568 Syncing packages: miniupnpd. -
Hello,
I try to find out what i'm missing here, i have installed the mini upnp on my pfsense firewall but it seem that nothing is happening (no rules created and upnp status is allways empty)
as i'm trying to play with msn messenger and be able to use voice (computer -> computer).
I always getting a lot of feed from the firwall telling me that it block some UDP or SIP or TCP port.Exemple port:
1886: UDP
1892: UDPHere is some of my firewall rules
TCP LAN net * * 1863 * Allow MSN -> ANY
UDP LAN net * * 2001 - 2120 * Allow MSN Voice to Phone -> ANY
TCP/UDP LAN net * * 2869 * Allow UPNP -> ANY
TCP LAN net * * 3689 * Allow Itune music share -> ANY
TCP/UDP LAN net * * 5060 * Allow SIP -> ANY
UDP LAN net * * 6801 * Allow MSN Voice to phone -> ANY
TCP LAN net * * 6891 - 6900 * Allow MSN File Transfert -> ANY
TCP/UDP LAN net * * 6901 * Allow MSN Voice to computer -> ANY
TCP/UDP LAN net * * 7001 * Allow MSN Voice to computer -> ANY
If any one got an idea :) you are welcome
-
First off if your using a upnp application you shouldn't manually create the firewall rules. Miniupnpd will automatically create them behind the scenes. Maybe try turning off the winxp firewall if its enabled and see if that makes a difference. Also try out Azureus and see if its port forwards show up in the status. That will give you a starting point.
-
Hello,
I try to find out what i'm missing here, i have installed the mini upnp on my pfsense firewall but it seem that nothing is happening (no rules created and upnp status is allways empty)
as i'm trying to play with msn messenger and be able to use voice (computer -> computer).
I always getting a lot of feed from the firwall telling me that it block some UDP or SIP or TCP port.Just too make sure, if this is a new install, you will have to go to the Miniupnpd tab under the Services heading (you might need to refresh the browser for it to show up…) and actually set it up to enable it. You'll see the miniupnpd Settings tab, where you choose the interface you want to run on, and a few other options and then click change. Check the Services tab under the Status heading to make sure the service is running...also check the System Logs for any errors. If you've already done all that, then it may be some other problem, but this is something that has caught a few so far...
Hope that's of some use.
-
Have done all that and more and still not working,
can someone tell me the basic firewall rules and nat to enable to make it work, i'm sure it's some problem around this… -
yust the default lan rule
upnp will make all the nat rules for youre pc