summaryrefslogtreecommitdiff
path: root/data/templates/firewall/upnpd.conf.j2
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2022-08-16 16:19:02 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-08-19 16:46:51 +0000
commit6940bcf8d650eea714075df74b47bf0c99642743 (patch)
tree8f8afc8baccb4121cf1f71687b13b916b6a24983 /data/templates/firewall/upnpd.conf.j2
parentd0858015f121416a042ec847c01fefb733661bab (diff)
downloadvyos-1x-6940bcf8d650eea714075df74b47bf0c99642743.tar.gz
vyos-1x-6940bcf8d650eea714075df74b47bf0c99642743.zip
UPnP: T4611: Rule must be as prefix instead of an address
From the doc miniupnpd IP/mask format must be nnn.nnn.nnn.nnn/nn Comment out invalid option "anchor"
Diffstat (limited to 'data/templates/firewall/upnpd.conf.j2')
-rw-r--r--data/templates/firewall/upnpd.conf.j29
1 files changed, 6 insertions, 3 deletions
diff --git a/data/templates/firewall/upnpd.conf.j2 b/data/templates/firewall/upnpd.conf.j2
index b993052b4..e964fc696 100644
--- a/data/templates/firewall/upnpd.conf.j2
+++ b/data/templates/firewall/upnpd.conf.j2
@@ -71,7 +71,7 @@ min_lifetime={{ pcp_lifetime.min }}
{% if friendly_name is vyos_defined %}
# Name of this service, default is "`uname -s` router"
-friendly_name= {{ friendly_name }}
+friendly_name={{ friendly_name }}
{% endif %}
# Manufacturer name, default is "`uname -s`"
@@ -117,7 +117,10 @@ clean_ruleset_threshold=10
clean_ruleset_interval=600
# Anchor name in pf (default is miniupnpd)
-anchor=VyOS
+# Something wrong with this option "anchor", comment it out
+# vyos@r14# miniupnpd -vv -f /run/upnp/miniupnp.conf
+# invalid option in file /run/upnp/miniupnp.conf line 74 : anchor=VyOS
+#anchor=VyOS
uuid={{ uuid }}
@@ -144,7 +147,7 @@ lease_file=/config/upnp.leases
# CAUTION: failure to enforce any rules may permit insecure requests to be made!
{% for rule, config in rule.items() %}
{% if config.disable is not vyos_defined %}
-{{ config.action }} {{ config.external_port_range }} {{ config.ip }} {{ config.internal_port_range }}
+{{ config.action }} {{ config.external_port_range }} {{ config.ip }}{{ '/32' if '/' not in config.ip else '' }} {{ config.internal_port_range }}
{% endif %}
{% endfor %}
{% endif %}