Upgrade to 2.1.3 = No UPnP
-
This works just fine on my box, so it's not simply generally broken. Could somebody who sees this issue try running "sockstat | grep miniupnp" on their box?
-
Specifically, the ports of interest:
root miniupnpd 71895 9 tcp6 *:2189 *:* root miniupnpd 71895 11 tcp4 *:2189 *:* root miniupnpd 71895 12 udp4 *:1900 *:* root miniupnpd 71895 14 udp6 *:1900 *:*… which is exactly what one would expect; the only difference when putting in an IP should be that miniupnpd binds specifically to that IP instead of accepting any traffic.
-
Also, is there any commonality between the configurations where binding to interface causes failure that could explain this? Perhaps the problems only happen if the LAN interface has no IPv6 address?
Subbing igb1 to 192.168.1, made it work, but inconsistently, as the apps report the ports being open only intermittently and then closed again.
Doesn't this point to there being some other issue? Once you replace the listening_ip setting, it should behave exactly as before, so I don't see why you'd still see problems at that point.
-
We had that set before and I removed it a long time ago because it caused problems, looks like it snuck back in. Well intentioned, but broken.
Jim, in case your comment is referring to ticket 1835, I'm not sure this is really related. Setting listening_ip to an interface instead of a v4 address is required for IPv6 support, but does not actually enable said support.
-
I wonder if this issue might be related to this fix (or rather, the lack thereof) that just went into miniupnpd earlier today. That, too, would suggest that the reason I'm not seeing it is that I have IPv6 addresses on my LAN interfaces. Would those of who are affected by the problem mind responding whether they use IPv6 or not?
-
I just posted pull requests for RELENG_2_1 and master that revert to the old behavior by default and add a checkbox to select the new behavior if desired.
-
If you're on 2.1.3, you can use the "System Patches" package to either either revert the original commit, or to apply my fix until a new build is released.
-
Nicely done. :)
Steve
-
Noooo, I was trying to get the prize for most back-to-back posts from the same author, and now you ruined everything! ;)
-
I wonder if this issue might be related to this fix (or rather, the lack thereof) that just went into miniupnpd earlier today. That, too, would suggest that the reason I'm not seeing it is that I have IPv6 addresses on my LAN interfaces. Would those of who are affected by the problem mind responding whether they use IPv6 or not?
I am not having the problem and do not use ipv6.
-
-
No UPnP
Thats a bad thing??? ;D
-
Well, if you're a gamer yes. I have issues with my Onkyo receiver and it's apps. They all use uPnP.
-
Well I am a gamer (in my free time) and never had to use uPnP for anything. So perhaps you can tell me what a receiver needs uPnP for?
Not that I am against fixing the package but I don't see the massive urgency promoted by a few posters, that this is as serious as breaking DNS or even the core packet filter.Greets
-
My Oknyo needs Upnp to communicate with the mobile apps and according to my wife this breakage is WWIII. I also read in this topic that a xbox needs upnp for whatever reason.
-
If it's a matter of life and death, install the "system patches" package, then go to system->patches, click add ("+"), pick a description and put the following into the URL/Commit ID field:
https://github.com/pfsense/pfsense/commit/d973a602abeab78803fce467198c571ba25ec0cbAlso check the "auto-apply" box. Then click save, click "test", and click "apply", go to services->upnp, make sure "Listen on interface instead of interface's IPv4 address" is not checked, click "change", and everything should work as before again.
-
Thanks!!
-
You should be aware that the upnp implementation in pfSense, using miniupnpnd, only opens ports through the firewall. It does not do DLNA service discovery or anything like that. In other words only Internet Gateway Device not anything else listed here: http://en.wikipedia.org/wiki/Universal_Plug_and_Play
You should check what your receiver is doing that requires upnp on pfSense. About the only thing it could be doing is opening itself up general access from the internet.Steve
-
@stephen: That's what I was wondering about. I can understand an XBox needing specific ports for game matchmaking (even that is old-school) but an audio receiver? Those things are the last ones (with smart TVs etc.) I want to have access to the internet. Just my 2c.
-
I imagine it's so the companion app that was mentioned can access the receiver even if the phone is not on the local network. (Now, why you'd want to control a receiver from outside the home, I really don't know.)
