Actions
Feature #4320
closed
Enable port-in-use checking in miniupnpd
Start date:
01/27/2015
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Description
The miniupnpd port has a build-time option that forces it to check if the requested external port is already in use locally on the firewall. This prevents client mappings from interfering with services running on the firewall. This can be enabled by adding CHECK_PORTINUSE to the build options in the pfsense-tools repo; see attached patch.
Files
Updated by Daniel Becker over 7 years ago
This might actually be considered a bug rather than a feature, as without this change, miniupnpd will happily let LAN-side clients make e.g. web interface unreachable.
Updated by Daniel Becker over 7 years ago
The effect that I see most often is Macs on the LAN adding a mapping for external port 4500 (for BTMM) and breaking IPsec in the process.
Updated by Renato Botelho over 6 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 7d790fc310e3273122659b3d96186f16ac300972.
Updated by Chris Buechler over 6 years ago
- Status changed from Feedback to Resolved
Actions