|
1
|
<?xml version="1.0" encoding="utf-8" ?>
|
|
2
|
<packagegui>
|
|
3
|
<title>Services/UPnP & NAT-PMP</title>
|
|
4
|
<name>miniupnpd</name>
|
|
5
|
<version>20100712</version>
|
|
6
|
<include_file>/usr/local/pkg/miniupnpd.inc</include_file>
|
|
7
|
<menu>
|
|
8
|
<name>UPnP & NAT-PMP</name>
|
|
9
|
<tooltiptext>Set UPnP & NAT-PMP settings such as interfaces to listen on.</tooltiptext>
|
|
10
|
<section>Services</section>
|
|
11
|
<url>/pkg_edit.php?xml=miniupnpd.xml&id=0</url>
|
|
12
|
</menu>
|
|
13
|
<service>
|
|
14
|
<name>miniupnpd</name>
|
|
15
|
<rcfile>miniupnpd.sh</rcfile>
|
|
16
|
<executable>miniupnpd</executable>
|
|
17
|
</service>
|
|
18
|
<fields>
|
|
19
|
<field>
|
|
20
|
<name>UPnP & NAT-PMP Settings</name>
|
|
21
|
<type>listtopic</type>
|
|
22
|
<enablefields>enable_upnp,enable_natpmp,ext_iface,iface_array,download,upload,overridewanip,upnpqueue,logpackets,sysuptime,permdefault</enablefields>
|
|
23
|
</field>
|
|
24
|
<field>
|
|
25
|
<fielddescr>Enable</fielddescr>
|
|
26
|
<fieldname>enable</fieldname>
|
|
27
|
<type>checkbox</type>
|
|
28
|
<enablefields>enable_upnp,enable_natpmp,ext_iface,iface_array,download,upload,overridewanip,upnpqueue,logpackets,sysuptime,permdefault</enablefields>
|
|
29
|
<description>Enable UPnP & NAT-PMP</description>
|
|
30
|
</field>
|
|
31
|
<field>
|
|
32
|
<fielddescr>UPnP Port Mapping</fielddescr>
|
|
33
|
<fieldname>enable_upnp</fieldname>
|
|
34
|
<type>checkbox</type>
|
|
35
|
<description>Allow UPnP Port Mapping</description>
|
|
36
|
<sethelp>This protocol is often used by Microsoft-compatible systems.</sethelp>
|
|
37
|
</field>
|
|
38
|
<field>
|
|
39
|
<fielddescr>NAT-PMP Port Mapping</fielddescr>
|
|
40
|
<fieldname>enable_natpmp</fieldname>
|
|
41
|
<type>checkbox</type>
|
|
42
|
<description>Allow NAT-PMP Port Mapping</description>
|
|
43
|
<sethelp>This protocol is often used by Apple-compatible systems.</sethelp>
|
|
44
|
</field>
|
|
45
|
<field>
|
|
46
|
<fielddescr>External Interface</fielddescr>
|
|
47
|
<fieldname>ext_iface</fieldname>
|
|
48
|
<default_value>wan</default_value>
|
|
49
|
<type>interfaces_selection</type>
|
|
50
|
<hideinterfaceregex>loopback</hideinterfaceregex>
|
|
51
|
<description>Select only the primary WAN interface (interface with the default gateway). Only one interface may be chosen.</description>
|
|
52
|
<required/>
|
|
53
|
</field>
|
|
54
|
<field>
|
|
55
|
<fielddescr>Interfaces</fielddescr>
|
|
56
|
<fieldname>iface_array</fieldname>
|
|
57
|
<default_value>lan</default_value>
|
|
58
|
<type>interfaces_selection</type>
|
|
59
|
<description>Select the internal interfaces, such as LAN, where UPnP/NAT-PMP clients reside. Use the CTRL or COMMAND key to select multiple interfaces.</description>
|
|
60
|
<required/>
|
|
61
|
<multiple/>
|
|
62
|
</field>
|
|
63
|
<field>
|
|
64
|
<fielddescr>Download Speed</fielddescr>
|
|
65
|
<fieldname>download</fieldname>
|
|
66
|
<description>Set the Maximum Download Speed in Kbits/second.</description>
|
|
67
|
<type>input</type>
|
|
68
|
</field>
|
|
69
|
<field>
|
|
70
|
<fielddescr>Upload Speed</fielddescr>
|
|
71
|
<fieldname>upload</fieldname>
|
|
72
|
<description>Set the Maximum Upload Speed in Kbits/second.</description>
|
|
73
|
<type>input</type>
|
|
74
|
</field>
|
|
75
|
<field>
|
|
76
|
<fielddescr>Override WAN address</fielddescr>
|
|
77
|
<fieldname>overridewanip</fieldname>
|
|
78
|
<description>Use an alternate WAN address to accept inbound connections, such as an IP Alias or CARP Virtual IP address.</description>
|
|
79
|
<type>input</type>
|
|
80
|
</field>
|
|
81
|
<field>
|
|
82
|
<fielddescr>Traffic Shaping</fielddescr>
|
|
83
|
<fieldname>upnpqueue</fieldname>
|
|
84
|
<description>Enter the ALTQ traffic shaping queue in which the connections should be placed.</description>
|
|
85
|
<type>input</type>
|
|
86
|
</field>
|
|
87
|
<field>
|
|
88
|
<fielddescr>Log packets</fielddescr>
|
|
89
|
<fieldname>logpackets</fieldname>
|
|
90
|
<type>checkbox</type>
|
|
91
|
<description>Log packets handled by UPnP & NAT-PMP rules.</description>
|
|
92
|
</field>
|
|
93
|
<field>
|
|
94
|
<fielddescr>Uptime</fielddescr>
|
|
95
|
<fieldname>sysuptime</fieldname>
|
|
96
|
<type>checkbox</type>
|
|
97
|
<description>Use system uptime instead of UPnP & NAT-PMP service uptime.</description>
|
|
98
|
</field>
|
|
99
|
<field>
|
|
100
|
<fielddescr>Default Deny</fielddescr>
|
|
101
|
<fieldname>permdefault</fieldname>
|
|
102
|
<type>checkbox</type>
|
|
103
|
<description>Deny access to UPnP & NAT-PMP by default.</description>
|
|
104
|
</field>
|
|
105
|
<field>
|
|
106
|
<name>STUN Configuration</name>
|
|
107
|
<type>listtopic</type>
|
|
108
|
</field>
|
|
109
|
<field>
|
|
110
|
<name>STUN Help</name>
|
|
111
|
<type>info</type>
|
|
112
|
<description>
|
|
113
|
The External interface must have a public IP address. Otherwise it is behind NAT and port
|
|
114
|
forwarding is impossible. In some cases the External interface can be behind unrestricted NAT 1:1
|
|
115
|
when all incoming traffic is forwarded and routed to the External interface without any filtering.
|
|
116
|
In these cases UPnP service needs to know the public IP address and it can be learned by asking an
|
|
117
|
external server via STUN protocol. The following option enables retrieving the external public IP
|
|
118
|
address from a STUN server and detection of the NAT type.
|
|
119
|
</description>
|
|
120
|
</field>
|
|
121
|
<field>
|
|
122
|
<fielddescr>Enable STUN</fielddescr>
|
|
123
|
<fieldname>enable_stun</fieldname>
|
|
124
|
<type>checkbox</type>
|
|
125
|
<description>Enable retvieving external IP address from STUN server.</description>
|
|
126
|
<enablefields>stun_host,stun_port</enablefields>
|
|
127
|
</field>
|
|
128
|
<field>
|
|
129
|
<fielddescr>STUN Server</fielddescr>
|
|
130
|
<fieldname>stun_host</fieldname>
|
|
131
|
<type>input</type>
|
|
132
|
<description>
|
|
133
|
<![CDATA[
|
|
134
|
STUN Server, either hostname or IP address.</br></br>
|
|
135
|
|
|
136
|
Some public STUN servers:</br>
|
|
137
|
stun.sipgate.net</br>
|
|
138
|
stun.xten.com</br>
|
|
139
|
stun.l.google.com (on non standard port 19302)</br>
|
|
140
|
]]>
|
|
141
|
</description>
|
|
142
|
</field>
|
|
143
|
<field>
|
|
144
|
<fielddescr>STUN Port</fielddescr>
|
|
145
|
<fieldname>stun_port</fieldname>
|
|
146
|
<type>input</type>
|
|
147
|
<default_value>3478</default_value>
|
|
148
|
<description>STUN UDP port (Default: 3478)</description>
|
|
149
|
</field>
|
|
150
|
<field>
|
|
151
|
<name>UPnP Access Control Lists</name>
|
|
152
|
<type>listtopic</type>
|
|
153
|
</field>
|
|
154
|
<field>
|
|
155
|
<name>ACL Help</name>
|
|
156
|
<type>info</type>
|
|
157
|
<description>
|
|
158
|
These entries control access to the UPnP service. Client systems may be granted or denied access based on several criteria.
|
|
159
|
<br /><br />
|
|
160
|
Format: [allow or deny] [ext port or range] [int ipaddr or ipaddr/CIDR] [int port or range]
|
|
161
|
<br />Example: allow 1024-65535 192.168.0.0/24 1024-65535</description>
|
|
162
|
</field>
|
|
163
|
<field>
|
|
164
|
<fielddescr>ACL Entries</fielddescr>
|
|
165
|
<fieldname>none</fieldname>
|
|
166
|
<type>rowhelper</type>
|
|
167
|
<rowhelper>
|
|
168
|
<rowhelperfield>
|
|
169
|
<fieldname>permuser</fieldname>
|
|
170
|
<type>input</type>
|
|
171
|
<size>60</size>
|
|
172
|
</rowhelperfield>
|
|
173
|
</rowhelper>
|
|
174
|
</field>
|
|
175
|
<field>
|
|
176
|
<fielddescr>Custom presentation URL</fielddescr>
|
|
177
|
<fieldname>presentationurl</fieldname>
|
|
178
|
<type>input</type>
|
|
179
|
<description>If left blank the default value of the WebGUI of this firewall will be used.</description>
|
|
180
|
</field>
|
|
181
|
<field>
|
|
182
|
<fielddescr>Custom model number</fielddescr>
|
|
183
|
<fieldname>modelnumber</fieldname>
|
|
184
|
<type>input</type>
|
|
185
|
<description>If left blank the default value of the firmware version of pfSense will be used.</description>
|
|
186
|
</field>
|
|
187
|
</fields>
|
|
188
|
<custom_php_command_before_form>
|
|
189
|
before_form_miniupnpd($pkg);
|
|
190
|
</custom_php_command_before_form>
|
|
191
|
<custom_php_validation_command>
|
|
192
|
validate_form_miniupnpd($_POST, $input_errors);
|
|
193
|
</custom_php_validation_command>
|
|
194
|
<custom_php_resync_config_command>
|
|
195
|
sync_package_miniupnpd();
|
|
196
|
</custom_php_resync_config_command>
|
|
197
|
</packagegui>
|