Project

General

Profile

Actions

Bug #6926

open

Miniupnp advertising expired IPv6 address

Added by Leland Roach almost 5 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
UPnP/NAT-PMP
Target version:
-
Start date:
11/13/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

Version 2.3.2_1

With WAN set to DHCP6 and LAN set to track interface, the miniupnp service does not get notified if and when the LAN IPv6 address changes, even after the DHCP6 valid lifetime had elapsed. This leads to miniupnp advertising SSDP packets originating from the correct LAN IPv6 address but with an expired (and potentially re-assigned elsewhere) IPv6 address in the rootDesc.xml LOCATION. Such behavior wreaks havoc on local DLNA devices, and is a security nightmare if a BOFH gets assigned the prefix next.

The simple workaround seems to be to manually restart miniupnp whenever a prefix change has been detected.

I've attached a pcap showing this issue occurring in the field (although I think the DHCP6 lifetime is still valid in this instance). Packet #23 in particular shows the correct source address, but the old LOCATION URL.


Files

miniupnp - old ipv6.pcap (46.3 KB) miniupnp - old ipv6.pcap Leland Roach, 11/13/2016 12:17 PM

No data to display

Actions

Also available in: Atom PDF