Do UPnP rules not expire?
-
Do you still see the error in the upnp logs showing it failing to remove the forward though?
It looks like the forward is being opened without a leasetime and I'm unsure what should happen in that situation. I can create a similar lease manually by defining 0s specifically:
steve@steve-NUC9i9QNX:~$ upnpc -l upnpc : miniupnpc library test client, version 2.2.3. (c) 2005-2021 Thomas Bernard. Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/ for more information. List of UPNP devices found on the network : desc: http://172.21.16.1:2189/rootDesc.xml st: urn:schemas-upnp-org:device:InternetGatewayDevice:1 Found valid IGD : http://172.21.16.1:2189/ctl/IPConn Local LAN ip address : 172.21.16.8 Connection Type : IP_Routed Status : Connected, uptime=1291945s, LastConnectionError : ERROR_NONE Time started : Mon Dec 9 00:31:38 2024 MaxBitRateDown : 1000000000 bps (1000.0 Mbps) MaxBitRateUp 1000000000 bps (1000.0 Mbps) ExternalIPAddress = 45.89.45.8 i protocol exPort->inAddr:inPort description remoteHost leaseTime 0 UDP 8889->172.21.16.8:8889 'Test2' '' 0 GetGenericPortMappingEntry() returned 713 (SpecifiedArrayIndexInvalid)I'll see what happens.
-
Also by omitting a lease time value.
I wonder if it should add a default and is not....
-
Mmm, this thread seems pretty revealing: https://miniupnp.tuxfamily.org/forum/viewtopic.php?p=5727#5727
Seems like the behaviour you're seeing is expected is the client opens forward with no lease time.
-
@stephenw10
Yes that forum thread explains the behavior. I cannot do anything except removing mapped port manually. From a security point of view the consoles have their own IP assigned so it is ok if the mapped port are there until I remove them manually. Only consoles have access to UPnP service with proper “allow” and IP, other IP are denied by default in the Service ACL.
Thanks for help and time. -
Mmm, I tried added min and max lifetime options to the conf and it made absolutely no difference I could see!
