Project

General

Profile

Download (10.1 KB) Statistics
| Branch: | Tag: | Revision:

root/src/usr/local/pkg/miniupnpd.xml @ e33068b7

1 
<?xml version="1.0" encoding="utf-8" ?>
2 
<packagegui>
3 
	<title>Services/UPnP IGD &amp; PCP</title>
4 
	<name>miniupnpd</name>
5 
	<version>20100712</version>
6 
	<include_file>/usr/local/pkg/miniupnpd.inc</include_file>
7 
	<menu>
8 
		<name>UPnP IGD &amp; PCP</name>
9 
		<tooltiptext>Set service settings such as interfaces to listen on.</tooltiptext>
10 
		<section>Services</section>
11 
		<url>/pkg_edit.php?xml=miniupnpd.xml&amp;id=0</url>
12 
	</menu>
13 
	<service>
14 
		<name>miniupnpd</name>
15 
		<rcfile>miniupnpd.sh</rcfile>
16 
		<executable>miniupnpd</executable>
17 
	</service>
18 
	<fields>
19 
		<field>
20 
			<name>Service Description</name>
21 
			<type>listtopic</type>
22 
		</field>
23 
		<field>
24 
			<name>Service Help</name>
25 
			<type>info</type>
26 
			<description>
27 
				<![CDATA[
28 
				Universal Plug and Play Internet Gateway Device (UPnP IGD) and Port Control Protocol (PCP) are
29 
				network protocols which allow local software and devices to configure each other when attaching
30 
				to a network. This includes autonomously creating dynamic NAT rules to redirect and pass
31 
				incoming connections from remote hosts.
32 
				]]>
33 
			</description>
34 
		</field>
35 
		<field>
36 
			<name>Service Settings</name>
37 
			<type>listtopic</type>
38 
			<enablefields>enable_upnp,enable_natpmp,ext_iface,iface_array,download,upload,overridewanip,upnpqueue,logpackets,sysuptime,permdefault</enablefields>
39 
		</field>
40 
		<field>
41 
			<fielddescr>Enable</fielddescr>
42 
			<fieldname>enable</fieldname>
43 
			<type>checkbox</type>
44 
			<enablefields>enable_upnp,enable_natpmp,ext_iface,iface_array,download,upload,overridewanip,upnpqueue,logpackets,sysuptime,permdefault</enablefields>
45 
			<description>Enable port mapping service</description>
46 
			<sethelp>
47 
				<![CDATA[
48 
				Enables the UPnP IGD & PCP daemon for autonomous port mapping.
49 
				Also requires enabling one or both protocols below.
50 
				]]>
51 
			</sethelp>
52 
		</field>
53 
		<field>
54 
			<fielddescr>UPnP IGD</fielddescr>
55 
			<fieldname>enable_upnp</fieldname>
56 
			<type>checkbox</type>
57 
			<description>Allow UPnP IGD Port Mapping</description>
58 
			<sethelp>
59 
				<![CDATA[
60 
				Enables support for client requests using Universal Plug and Play Internet
61 
				Gateway Device (UPnP IGD).
62 
				<br/><br/>
63 
				This protocol is commonly used by game consoles and Microsoft-compatible systems.
64 
				]]>
65 
			</sethelp>
66 
		</field>
67 
		<field>
68 
			<fielddescr>PCP/NAT-PMP</fielddescr>
69 
			<fieldname>enable_natpmp</fieldname>
70 
			<type>checkbox</type>
71 
			<description>Allow PCP/NAT-PMP Port Mapping</description>
72 
			<sethelp>
73 
				<![CDATA[
74 
				Enables support for client requests using Port Control Protocol (PCP) and its
75 
				compatible predecessor NAT Port Mapping Protocol (NAT-PMP).
76 
				<br/><br/>
77 
				These protocols are commonly used by Apple-compatible systems.
78 
				]]>
79 
			</sethelp>
80 
		</field>
81 
		<field>
82 
			<fielddescr>External Interface</fielddescr>
83 
			<fieldname>ext_iface</fieldname>
84 
			<default_value>wan</default_value>
85 
			<type>interfaces_selection</type>
86 
			<hideinterfaceregex>loopback</hideinterfaceregex>
87 
			<description>The WAN interface containing the default gateway.</description>
88 
			<required/>
89 
		</field>
90 
		<field>
91 
			<fielddescr>Internal Interfaces</fielddescr>
92 
			<fieldname>iface_array</fieldname>
93 
			<default_value>lan</default_value>
94 
			<type>interfaces_selection</type>
95 
			<description>
96 
				<![CDATA[
97 
				Select one or more internal interfaces, such as LAN, where UPnP IGD & PCP clients reside.
98 
				<br/><br/>
99 
				Use the CTRL or COMMAND key to select multiple interfaces.
100 
				]]>
101 
			</description>
102 
			<required/>
103 
			<multiple/>
104 
		</field>
105 
		<field>
106 
			<name>External Address Settings</name>
107 
			<type>listtopic</type>
108 
		</field>
109 
		<field>
110 
			<name>External Address Help</name>
111 
			<type>info</type>
112 
			<description>
113 
				<![CDATA[
114 
				This service <strong>must</strong> be able to locate its routable public IP
115 
				address to function properly. If this device is behind NAT, port forwarding may
116 
				be impossible.
117 
				<br/><br/>
118 
				If the <strong>External Interface</strong> has a public IP address, the settings
119 
				in this section may be left empty/disabled. If the interface has a private
120 
				address, the service will refuse to map any ports without additional
121 
				configuration.
122 
				<br/><br/>
123 
				If the <strong>External Interface</strong> is behind unrestricted NAT with
124 
				incoming traffic forwarded from upstream without any filtering, this service can
125 
				still function so long as it can locate its public IP address.
126 
				<br/><br/>
127 
				The service can learn the public IP address and NAT type using an external server
128 
				via the STUN protocol or if the address is static it can be hard-coded using the
129 
				<strong>Override WAN Address</strong> setting.
130 
				]]>
131 
			</description>
132 
		</field>
133 
		<field>
134 
			<fielddescr>Enable STUN</fielddescr>
135 
			<fieldname>enable_stun</fieldname>
136 
			<type>checkbox</type>
137 
			<description>
138 
				Use STUN to determine the external interface address and NAT type
139 
			</description>
140 
			<sethelp>
141 
				<![CDATA[
142 
				Query an external STUN server to locate the routable public IP address for the
143 
				external interface. This is useful for devices behind 1:1 NAT with a dynamic
144 
				public address.
145 
				<br/><br/>
146 
				This also tests inbound NAT connectivity. The service will disable port mapping
147 
				if NAT testing determines inbound connections are not being forwarded to this
148 
				device.
149 
				]]>
150 
			</sethelp>
151 
			<enablefields>stun_host,stun_port</enablefields>
152 
		</field>
153 
		<field>
154 
			<fielddescr>STUN Server</fielddescr>
155 
			<fieldname>stun_host</fieldname>
156 
			<type>input</type>
157 
			<description>
158 
				<![CDATA[
159 
				Hostname or IP address of an external STUN server.
160 
				<br/><br/>
161 
				Example public STUN servers:
162 
				<ul>
163 
					<li>stun.counterpath.com</li>
164 
					<li>stun.cloudflare.com</li>
165 
				</ul>
166 
				]]>
167 
			</description>
168 
		</field>
169 
		<field>
170 
			<fielddescr>STUN Port</fielddescr>
171 
			<fieldname>stun_port</fieldname>
172 
			<type>input</type>
173 
			<default_value>3478</default_value>
174 
			<description>UDP port the STUN Server uses to accept queries (Default: 3478)</description>
175 
		</field>
176 
		<field>
177 
			<fielddescr>Override WAN Address</fielddescr>
178 
			<fieldname>overridewanip</fieldname>
179 
			<description>
180 
				<![CDATA[
181 
				Manually configures a public routable IP address this device can use to accept
182 
				inbound connections.
183 
				<br/><br/>
184 
				This can either be an upstream static routable IP address with traffic forwarded
185 
				to this device via NAT or an alternate routable IP address on this device, such
186 
				as a virtual IP address.
187 
				]]>
188 
			</description>
189 
			<type>input</type>
190 
		</field>
191 
		<field>
192 
			<name>Advanced Settings</name>
193 
			<type>listtopic</type>
194 
		</field>
195 
		<field>
196 
			<fielddescr>Download Speed</fielddescr>
197 
			<fieldname>download</fieldname>
198 
			<description>
199 
				<![CDATA[
200 
				Value to report when clients query the maximum link download speed (Kbit/s).
201 
				<br/><br/>
202 
				The default value is the link speed of the interface.
203 
				]]>
204 
			</description>
205 
			<type>input</type>
206 
		</field>
207 
		<field>
208 
			<fielddescr>Upload Speed</fielddescr>
209 
			<fieldname>upload</fieldname>
210 
			<description>
211 
				<![CDATA[
212 
				Value to report when clients query the maximum link upload speed (Kbit/s).
213 
				<br/><br/>
214 
				The default value is the link speed of the interface.
215 
				]]>
216 
			</description>
217 
			<type>input</type>
218 
		</field>
219 
		<field>
220 
			<fielddescr>Traffic Shaping</fielddescr>
221 
			<fieldname>upnpqueue</fieldname>
222 
			<description>ALTQ traffic shaping queue name for connections passed through port mappings.</description>
223 
			<type>input</type>
224 
		</field>
225 
		<field>
226 
			<fielddescr>Custom Presentation URL</fielddescr>
227 
			<fieldname>presentationurl</fieldname>
228 
			<type>input</type>
229 
			<description>
230 
				<![CDATA[
231 
				URL to report when clients query the management URL for this device.
232 
				<br/><br/>
233 
				The default value is the URL for the GUI on this firewall.
234 
				]]>
235 
			</description>
236 
		</field>
237 
		<field>
238 
			<fielddescr>Custom Model Number</fielddescr>
239 
			<fieldname>modelnumber</fieldname>
240 
			<type>input</type>
241 
			<description>
242 
				<![CDATA[
243 
				Value to report when clients query for the model number of this device.
244 
				<br/><br/>
245 
				The default value is the current firmware version of this device.
246 
				]]>
247 
			</description>
248 
		</field>
249 
		<field>
250 
			<fielddescr>Firewall Logs</fielddescr>
251 
			<fieldname>logpackets</fieldname>
252 
			<type>checkbox</type>
253 
			<description>Log mapped connections</description>
254 
			<sethelp>When set, connections matching dynamic port mapping rules will appear in the firewall log.</sethelp>
255 
		</field>
256 
		<field>
257 
			<fielddescr>Uptime</fielddescr>
258 
			<fieldname>sysuptime</fieldname>
259 
			<type>checkbox</type>
260 
			<description>Report system uptime</description>
261 
			<sethelp>
262 
				When set, if a client asks for the uptime, the service will report the uptime
263 
				of the device (since last boot) instead of the how long the service has been
264 
				running.
265 
			</sethelp>
266 
		</field>
267 
		<field>
268 
			<name>Service Access Control List</name>
269 
			<type>listtopic</type>
270 
		</field>
271 
		<field>
272 
			<fielddescr>Default Deny</fielddescr>
273 
			<fieldname>permdefault</fieldname>
274 
			<type>checkbox</type>
275 
			<description>Deny access to port mapping service by default</description>
276 
			<sethelp>
277 
				When set, clients are denied access unless their port mapping requests match an ACL entry.
278 
			</sethelp>
279 
		</field>
280 
		<field>
281 
			<name>ACL Help</name>
282 
			<type>info</type>
283 
			<description>
284 
				<![CDATA[
285 
				ACL entries grant or deny access to the port mapping service based on several
286 
				criteria. The entries only control access for IPv4 clients, they do not apply
287 
				to IPv6 clients.
288 
				<br/><br/>
289 
				Format: <tt>[allow or deny] [ext port or range] [int ipaddr or ipaddr/CIDR] [int port or range]</tt>
290 
				<br/>
291 
				Example: <tt>allow 1024-65535 192.168.0.0/24 1024-65535</tt>
292 
				]]>
293 
			</description>
294 
		</field>
295 
		<field>
296 
			<fielddescr>ACL Entries</fielddescr>
297 
			<fieldname>none</fieldname>
298 
			<type>rowhelper</type>
299 
			<rowhelper>
300 
				<rowhelperfield>
301 
					<fieldname>permuser</fieldname>
302 
					<type>input</type>
303 
					<size>60</size>
304 
				</rowhelperfield>
305 
			</rowhelper>
306 
		</field>
307 
	</fields>
308 
	<custom_php_command_before_form>
309 
		before_form_miniupnpd($pkg);
310 
	</custom_php_command_before_form>
311 
	<custom_php_validation_command>
312 
		validate_form_miniupnpd($_POST, $input_errors);
313 
	</custom_php_validation_command>
314 
	<custom_php_resync_config_command>
315 
		sync_package_miniupnpd();
316 
	</custom_php_resync_config_command>
317 
</packagegui>
(2-2/2)