diff options
| -rw-r--r-- | data/templates/firewall/upnpd.conf.j2 | 9 | ||||
| -rw-r--r-- | interface-definitions/service-upnp.xml.in | 7 |
2 files changed, 12 insertions, 4 deletions
diff --git a/data/templates/firewall/upnpd.conf.j2 b/data/templates/firewall/upnpd.conf.j2 index b993052b4..e964fc696 100644 --- a/data/templates/firewall/upnpd.conf.j2 +++ b/data/templates/firewall/upnpd.conf.j2 @@ -71,7 +71,7 @@ min_lifetime={{ pcp_lifetime.min }} {% if friendly_name is vyos_defined %} # Name of this service, default is "`uname -s` router" -friendly_name= {{ friendly_name }} +friendly_name={{ friendly_name }} {% endif %} # Manufacturer name, default is "`uname -s`" @@ -117,7 +117,10 @@ clean_ruleset_threshold=10 clean_ruleset_interval=600 # Anchor name in pf (default is miniupnpd) -anchor=VyOS +# Something wrong with this option "anchor", comment it out +# vyos@r14# miniupnpd -vv -f /run/upnp/miniupnp.conf +# invalid option in file /run/upnp/miniupnp.conf line 74 : anchor=VyOS +#anchor=VyOS uuid={{ uuid }} @@ -144,7 +147,7 @@ lease_file=/config/upnp.leases # CAUTION: failure to enforce any rules may permit insecure requests to be made! {% for rule, config in rule.items() %} {% if config.disable is not vyos_defined %} -{{ config.action }} {{ config.external_port_range }} {{ config.ip }} {{ config.internal_port_range }} +{{ config.action }} {{ config.external_port_range }} {{ config.ip }}{{ '/32' if '/' not in config.ip else '' }} {{ config.internal_port_range }} {% endif %} {% endfor %} {% endif %} diff --git a/interface-definitions/service-upnp.xml.in b/interface-definitions/service-upnp.xml.in index a129b7260..50cb47f39 100644 --- a/interface-definitions/service-upnp.xml.in +++ b/interface-definitions/service-upnp.xml.in @@ -197,10 +197,15 @@ <help>The IP to which this rule applies (REQUIRE)</help> <valueHelp> <format>ipv4</format> + <description>The IPv4 address to which this rule applies</description> + </valueHelp> + <valueHelp> + <format>ipv4net</format> <description>The IPv4 to which this rule applies</description> </valueHelp> <constraint> - <validator name="ipv4-address" /> + <validator name="ipv4-address"/> + <validator name="ipv4-host"/> </constraint> </properties> </leafNode> |