bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

miniupnpd:

Browse Source 
- better integration with uci firewall
	- add options to configure external and internal interface
	- trigger add/remove of upnp rules with hotplug
	- use start-stop-daemon in initscript
	- drop miniupnpd iptables heler scripts


git-svn-id: svn://svn.openwrt.org/openwrt/packages@13742 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
jow 2008-12-25 03:25:13 +00:00
parent 958e181b91
commit 3b70e33939
5 changed files with 138 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
net/miniupnpd/Makefile
View File

@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=miniupnpd PKG_NAME:=miniupnpd
PKG_VERSION:=1.1 PKG_VERSION:=1.1
PKG_RELEASE:=2 PKG_RELEASE:=3
PKG_MD5SUM:=a0f6651476721db9b554668c8c83b151 PKG_MD5SUM:=a0f6651476721db9b554668c8c83b151
PKG_SOURCE_URL:=http://miniupnp.free.fr/files PKG_SOURCE_URL:=http://miniupnp.free.fr/files
@ -36,12 +36,12 @@ define Build/Compile
endef endef
define Package/miniupnpd/install define Package/miniupnpd/install
$(INSTALL_DIR) $(1)/usr/bin $(1)/etc/init.d $(1)/etc/config $(1)/etc/hotplug.d/iface $(INSTALL_DIR) $(1)/usr/bin $(1)/etc/init.d $(1)/etc/config $(1)/etc/hotplug.d/iface $(1)/lib/miniupnpd
$(INSTALL_BIN) $(PKG_BUILD_DIR)/miniupnpd $(1)/usr/bin/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/miniupnpd $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/netfilter/*.sh $(1)/usr/bin/
$(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd $(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd
$(INSTALL_DATA) ./files/upnpd.config $(1)/etc/config/upnpd $(INSTALL_DATA) ./files/upnpd.config $(1)/etc/config/upnpd
$(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/20-miniupnpd $(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/20-miniupnpd
$(INSTALL_DATA) ./files/miniupnpd.firewall $(1)/lib/miniupnpd/firewall.sh
endef endef
$(eval $(call BuildPackage,miniupnpd)) $(eval $(call BuildPackage,miniupnpd))

77
net/miniupnpd/files/miniupnpd.firewall Normal file
View File

@ -0,0 +1,77 @@
. /etc/functions.sh
include /lib/network
scan_interfaces
upnp_ipt() {
iptables "$@" 2>/dev/null
}
upnp_firewall_addif() {
local intif
local intip
local coldplug="$1"
config_load upnpd
config_get intif config internal_iface
config_load network
for iface in ${intif:-lan}; do
if [ -n "$coldplug" -o "$iface" == "$INTERFACE" ]; then
config_get intip "$iface" ipaddr
config_get intif "$iface" ifname
[ -n "$intif" -a -n "$intip" ] && {
logger -t "upnp firewall" "adding interface $iface($intip)"
upnp_ipt -t nat -N MINIUPNPD
upnp_ipt -t nat -N miniupnpd_${iface}_rule
upnp_ipt -t nat -A miniupnpd_${iface}_rule -i $intif -d $intip -j MINIUPNPD
upnp_ipt -t nat -A prerouting_rule -j miniupnpd_${iface}_rule
upnp_ipt -t filter -N MINIUPNPD
upnp_ipt -t filter -N miniupnpd_${iface}_rule
upnp_ipt -t filter -A miniupnpd_${iface}_rule -i $intif -o ! $intif -j MINIUPNPD
upnp_ipt -t filter -A forwarding_rule -j miniupnpd_${iface}_rule
}
fi
done
}
upnp_firewall_delif() {
local iface="${1:-$INTERFACE}"
if [ -n "$iface" ]; then
logger -t "upnp firewall" "removing interface $iface"
upnp_ipt -t nat -D prerouting_rule -j miniupnpd_${iface}_rule
upnp_ipt -t nat -F miniupnpd_${iface}_rule
upnp_ipt -t nat -X miniupnpd_${iface}_rule
upnp_ipt -t filter -D forwarding_rule -j miniupnpd_${iface}_rule
upnp_ipt -t filter -F miniupnpd_${iface}_rule
upnp_ipt -t filter -X miniupnpd_${iface}_rule
fi
}
upnp_firewall_start() {
logger -t "upnp firewall" "starting ..."
upnp_firewall_addif coldplug
}
upnp_firewall_stop() {
local intif
config_load upnpd
config_get intif config internal_iface
logger -t "upnp firewall" "stopping ..."
for iface in ${intif:-lan}; do
upnp_firewall_delif "$iface"
done
upnp_ipt -t nat -F MINIUPNPD
upnp_ipt -t nat -X MINIUPNPD
upnp_ipt -t filter -F MINIUPNPD
upnp_ipt -t filter -X MINIUPNPD
}

14
net/miniupnpd/files/miniupnpd.hotplug
View File

@ -1,2 +1,14 @@
#!/bin/sh #!/bin/sh
[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && /etc/init.d/miniupnpd enabled && /etc/init.d/miniupnpd restart
/etc/init.d/miniupnpd enabled && killall -0 miniupnpd 2>/dev/null && {
. /lib/miniupnpd/firewall.sh
[ "$ACTION" = "ifup" ] && {
upnp_firewall_delif
upnp_firewall_addif
}
[ "$ACTION" = "ifdown" ] && {
upnp_firewall_delif
}
}

67
net/miniupnpd/files/miniupnpd.init
View File

@ -1,36 +1,55 @@
#!/bin/sh /etc/rc.common #!/bin/sh /etc/rc.common
START=95 START=95
include /lib/miniupnpd
start() { start() {
local extif
local intif
local upload
local download
local logging
config_load "upnpd" config_load "upnpd"
include /lib/network config_get extif config external_iface
config_get intif config internal_iface
config_get upload config upload
config_get download config download
config_get_bool logging config log_output 0
scan_interfaces scan_interfaces
config_get ifname wan ifname config_get extif ${extif:-wan} ifname
config_get ipaddr lan ipaddr
echo "miniupnpd starting ..." if [ -n "$extif" ]; then
stop logger -t "upnp daemon" "starting ..."
iptables_init.sh
# get bitspeed information, if provided upnp_firewall_start
config_get upnp_up_bitspeed config upload
config_get upnp_down_bitspeed config download local args="-i $extif"
bitspeed_str=""
[ -n "$upnpd_up_bitspeed" ] && [ -n "$upnpd_down_bitspeed" ] && { for iface in ${intif:-lan}; do
# covert to bytespeed local ipaddr
upnpd_up_bytespeed=$(($upnpd_up_bitspeed * 1024 / 8)) config_get ipaddr "$iface" ipaddr
upnpd_down_bytespeed=$(($upnpd_down_bitspeed * 1024 / 8)) [ -n "$ipaddr" ] && append args "-a $ipaddr"
bitspeed_str="-B $upnpd_down_bytespeed $upnpd_up_bytespeed" done
}
config_get log_output config log_output append args "-p 5000 -U"
if [ "$log_output" = "1" ]; then
miniupnpd -i "$ifname" -a "$ipaddr" -p 5000 -U $bitspeed_str -d | logger -t miniupnpd & [ -n "$upload" -a -n "$download" ] && \
append args "-B $(($upload * 1024 / 8)) $(($download * 1024 / 8))"
if [ "$logging" = "1" ]; then
eval start-stop-daemon -S -x miniupnpd -- $args -d | logger -t miniupnpd &
else
eval start-stop-daemon -S -x miniupnpd -- $args
fi
else else
miniupnpd -i "$ifname" -a "$ipaddr" -p 5000 -U $bitspeed_str logger -t "upnp daemon" "external interface not found, not starting"
fi fi
} }
stop() { stop() {
pnpd_pid=$(cat /var/run/miniupnpd.pid) 2>&- >&- logger -t "upnp daemon" "stopping ..."
iptables_flush.sh 2>&- >&- start-stop-daemon -K -q -x miniupnpd -p /var/run/miniupnpd.pid
kill $pnpd_pid 2>&- upnp_firewall_stop
iptables_removeall.sh 2>&- >&-
} }

2
net/miniupnpd/files/upnpd.config
View File

@ -2,3 +2,5 @@ config upnpd config
option log_output 0 option log_output 0
option download 1024 option download 1024
option upload 512 option upload 512
option external_iface wan
option internal_iface lan