UPNP Filtering
-
Is there a way to disallow a upnp request? If there was a way to block it based on source and the description, that would solve some issues I have.
A lot of games now are coming with some sort of built in torrent application that isn't needed for the game, and can update just fine without it. Instead of trying to keep it disabled on computers, it would be nice just block it.
I know I could either block it on the local computer via windows firewall or my antivirus program, but the pfsense would be better for me?
Specifically, I had a computer on my home network that has Aion installed. I looked at my upnp status and found it had 4 ports opened with a description of NCUpdatehelper, which is basically a torrent client. It would be nice if I could say, source = xxx.xxx.xxx.xxx and description = NCUpdatehelper, nope.
Thoughts?
-
The UPnP settings page has a place to write some UPnP access lists. I don't recall the exact syntax off the top of my head, but it should be in the miniupnpd documentation and there are some examples in the GUI.
-
The GUI example helped me in the past… Since you know the IP, does either the external port or internal port stay the same? If so, you could create a rule like the one I have below.
deny external port IP internal port
deny 443 192.168.0.100 443