4. UPNP Filtering

UPNP Filtering

  • R

    Is there a way to disallow a upnp request? If there was a way to block it based on source and the description, that would solve some issues I have.

    A lot of games now are coming with some sort of built in torrent application that isn't needed for the game, and can update just fine without it.  Instead of trying to keep it disabled on computers, it would be nice just block it.

    I know I could either block it on the local computer via windows firewall or my antivirus program, but the pfsense would be better for me?

    Specifically, I had a computer on my home network that has Aion installed.  I looked at my upnp status and found it had 4 ports opened with a description of NCUpdatehelper, which is basically a torrent client.  It would be nice if I could say, source = xxx.xxx.xxx.xxx and description = NCUpdatehelper, nope.

    Thoughts?

    0
  • Rebel Alliance Developer Netgate

    The UPnP settings page has a place to write some UPnP access lists. I don't recall the exact syntax off the top of my head, but it should be in the miniupnpd documentation and there are some examples in the GUI.

    0
  • C

    The GUI example helped me in the past… Since you know the IP, does either the external port or internal port stay the same? If so, you could create a rule like the one I have below.

    deny external port IP internal port

    
deny 443 192.168.0.100 443
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy