2.3 and UPNP
-
I'm on 2.3, and have UPNP enabled, no access restrictions, and the correct LAN interfaces selected, but I notice in 2.3 I never see any UPNP info in the log (logging is enabled via the checkbox) other than the messages when it starts up.
I also notice that my XBOX last night has a STRICT NAT, and I would swear it was open or moderate under 2.2.6 (although I can't verify any more).
Lastly, I never see anything in STATUS -> UPNP in terms of current/open sessions.
I also verified the service itself IS running.
Is there a more scientific way to determine if this is working or not?
Jason
-
Well, it is definitely a firewall rule blocking it -
which I don't understand as UPNP is one of those that makes a 'hidden' firewall rule and is supposed to 'just work'….EDIT: that was completely wrong… Sorry I misunderstood.Jason
-
Ok.
Tested extensively, and upnp only works if I make a PASS rule allowing TCP/2189 to the firewall IP.
UPNP is supposed to make a hidden rule for this, and it looks like it does. But clearly it doesn't actually work in 2.3….
EDIT: The above was completely wrong, as cmb pointed out. :/Jason
-
UPNP does not automatically add a rule for 2189 and never has. Some want to restrict what sources can reach UPNP's ports and that wouldn't be possible.
In a default config, the default LAN rule permits that.
-
@cmb:
UPNP does not automatically add a rule for 2189 and never has. Some want to restrict what sources can reach UPNP's ports and that wouldn't be possible.
In a default config, the default LAN rule permits that.
Thanks CMB. I was wrong again. I guess I was reading the status page incorrectly - I saw that miniupnp was binding to port 2189 - but to your point, that isn't a firewall rule… that is just the service bind.
I have been clamping down on my firewall rules, and obviously blocked it when I removed the default PASS rule on the LAN.
As usual, it was user error. Thanks for taking the time to educate me yet again.
Jason