Bug #6926
openMiniupnp advertising expired IPv6 address
0%
Description
Version 2.3.2_1
With WAN set to DHCP6 and LAN set to track interface, the miniupnp service does not get notified if and when the LAN IPv6 address changes, even after the DHCP6 valid lifetime had elapsed. This leads to miniupnp advertising SSDP packets originating from the correct LAN IPv6 address but with an expired (and potentially re-assigned elsewhere) IPv6 address in the rootDesc.xml LOCATION. Such behavior wreaks havoc on local DLNA devices, and is a security nightmare if a BOFH gets assigned the prefix next.
The simple workaround seems to be to manually restart miniupnp whenever a prefix change has been detected.
I've attached a pcap showing this issue occurring in the field (although I think the DHCP6 lifetime is still valid in this instance). Packet #23 in particular shows the correct source address, but the old LOCATION URL.
Files
Updated by Kris Phillips almost 3 years ago
The miniupnpd component is on version 2.2.1 in pfSense Plus 21.05.2. What version of pfSense was this tested on? Please retest with the latest version of pfSense CE or pfSense Plus and let us know if this is still an issue.