[packages/miniupnpd] - updated to 2.0
qboosh
qboosh at pld-linux.org
Sun Apr 16 09:07:56 CEST 2017
commit 1879faeb20492917a4709cae8bd7da0b20878648
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sun Apr 16 09:08:07 2017 +0200
- updated to 2.0
miniupnpd.conf | 93 +++++++++++++++++++++++++++++++++++++++++++++++-----------
miniupnpd.spec | 44 ++++++++++++++++++---------
2 files changed, 106 insertions(+), 31 deletions(-)
---
diff --git a/miniupnpd.spec b/miniupnpd.spec
index 1459e3f..d6cf4ad 100644
--- a/miniupnpd.spec
+++ b/miniupnpd.spec
@@ -1,22 +1,29 @@
+# TODO: handle ip*tables_{init,removeall} in PLD init script? (see bundled one)
Summary: Small UPnP Daemon
Summary(pl.UTF-8): Mały demon UPnP
Name: miniupnpd
-Version: 1.7
-Release: 3
+Version: 2.0
+Release: 1
License: BSD
Group: Networking/Daemons
Source0: http://miniupnp.tuxfamily.org/files/%{name}-%{version}.tar.gz
-# Source0-md5: 5af9e8332d34a7b490d0d2ed3e674196
+# Source0-md5: 1c07a215dd9b362e75a9efc05e2fb3b4
Source1: %{name}.init
Source2: %{name}.sysconfig
Source3: %{name}.conf
URL: http://miniupnp.tuxfamily.org/
BuildRequires: iptables-devel >= 1.4.3
+BuildRequires: libmnl-devel >= 1.0.3
+BuildRequires: libnetfilter_conntrack-devel >= 1.0.2
+BuildRequires: libuuid-devel
+BuildRequires: openssl-devel
BuildRequires: rpmbuild(macros) >= 1.228
Requires(post): libuuid
Requires(post): sed >= 4.0
Requires(post,preun): /sbin/chkconfig
Requires: iptables-libs >= 1.4.3
+Requires: libmnl >= 1.0.3
+Requires: libnetfilter_conntrack >= 1.0.2
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
@@ -29,19 +36,24 @@ Mały demon UPnP.
%setup -q
%build
+CPPFLAGS="%{rpmcppflags}" \
+CFLAGS="%{rpmcflags}" \
+LDFLAGS="%{rpmldflags}" \
%{__make} -f Makefile.linux -j1 \
- CC="%{__cc}" \
- CFLAGS="%{rpmcflags} -fno-strict-aliasing -Wall -D_GNU_SOURCE -DIPTABLES_143" \
- LIBS="-lip4tc -lip6tc"
+ CC="%{__cc}"
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man1,/etc/rc.d/init.d,/etc/sysconfig,%{_sysconfdir}/%{name}}
-install miniupnpd $RPM_BUILD_ROOT%{_sbindir}
-cp -p miniupnpd.1 $RPM_BUILD_ROOT%{_mandir}/man1
-install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
-install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
-install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
+
+%{__make} -f Makefile.linux install \
+ DESTDIR=$RPM_BUILD_ROOT \
+ STRIP=:
+
+# replace init script and config file by PLD specific ones
+%{__rm} -r $RPM_BUILD_ROOT/etc/init.d
+install -Dp %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
+install -Dp %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
+cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
%clean
rm -rf $RPM_BUILD_ROOT
@@ -49,7 +61,7 @@ rm -rf $RPM_BUILD_ROOT
%post
if [ ! -f %{_sysconfdir}/miniupnpd/uuid ]; then
echo "Generating UPnP uuid..."
- umask 066
+ umask 077
uuidgen > %{_sysconfdir}/miniupnpd/uuid
fi
@@ -78,4 +90,8 @@ fi
%config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
%dir %{_sysconfdir}/%{name}
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/%{name}.conf
-%{_mandir}/man1/miniupnpd.1*
+%attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/ip6tables_init.sh
+%attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/ip6tables_removeall.sh
+%attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/iptables_init.sh
+%attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/iptables_removeall.sh
+%{_mandir}/man8/miniupnpd.8*
diff --git a/miniupnpd.conf b/miniupnpd.conf
index 233bf52..2cd7f4e 100644
--- a/miniupnpd.conf
+++ b/miniupnpd.conf
@@ -1,42 +1,101 @@
# WAN network interface
ext_ifname=eth0
-# if the WAN interface has several IP addresses, you
+# If the WAN interface has several IP addresses, you
# can specify the one to use below
#ext_ip=
-# there can be multiple listening ips for receiving SSDP traffic.
-# the 1st IP is also used for UPnP Soap traffic.
-#
+# LAN network interfaces IPs / networks
+# There can be multiple listening IPs for SSDP traffic, in that case
+# use multiple 'listening_ip=...' lines, one for each network interface.
+# It can be IP address or network interface name (ie. "eth0")
+# It is mandatory to use the network interface name in order to enable IPv6
+# HTTP is available on all interfaces.
listening_ip=0.0.0.0
-port=5555
+# CAUTION: mixing up WAN and LAN interfaces may introduce security risks!
+# Be sure to assign the correct interfaces to LAN and WAN and consider
+# implementing UPnP permission rules at the bottom of this configuration file
-# bitrates reported by daemon in bits per second
-bitrate_up=1000000
-bitrate_down=10000000
+# Port for HTTP (descriptions and SOAP) traffic. Set to 0 for autoselect.
+http_port=0
+# Port for HTTPS. Set to 0 for autoselect (default)
+https_port=0
-# default presentation url is http address on port 80
+# Path to the UNIX socket used to communicate with MiniSSDPd
+# If running, MiniSSDPd will manage M-SEARCH answering.
+# default is /var/run/minissdpd.sock
+#minissdpdsocket=/var/run/minissdpd.sock
+
+# Enable NAT-PMP support (default is no)
+#enable_natpmp=yes
+
+# Enable UPNP support (default is yes)
+#enable_upnp=no
+
+# PCP
+# Configure the minimum and maximum lifetime of a port mapping in seconds
+# 120s and 86400s (24h) are suggested values from PCP-base
+#min_lifetime=120
+#max_lifetime=86400
+
+# Chain names for netfilter (not used for pf or ipf).
+# default is MINIUPNPD for both
+#upnp_forward_chain=forwardUPnP
+#upnp_nat_chain=UPnP
+#upnp_nat_postrouting_chain=UPnP-Postrouting
+
+# Lease file location
+#lease_file=/var/log/upnp.leases
+
+# Bitrates reported by daemon in bits per second
+# by default miniupnpd tries to get WAN interface speed
+#bitrate_up=1000000
+#bitrate_down=10000000
+
+# Default presentation URL is HTTP address on port 80
+# If set to an empty string, no presentationURL element will appear
+# in the XML description of the device, which prevents MS Windows
+# from displaying an icon in the "Network Connections" panel.
#presentation_url=http://www.mylan/index.php
-# report system uptime instead of daemon uptime
+# Report system uptime instead of daemon uptime
system_uptime=yes
-# notify interval in seconds default is 30 seconds.
+# Notify interval in seconds. default is 30 seconds.
notify_interval=240
-# uuid : generate your own with "make genuuid"
+# Unused rules cleaning.
+# never remove any rule before this threshold for the number
+# of redirections is exceeded. default to 20
+#clean_ruleset_threshold=10
+# Clean process work interval in seconds. default to 0 (disabled).
+# a 600 seconds (10 minutes) interval makes sense
+clean_ruleset_interval=600
+
+# Log packets in pf (default is no)
+#packet_log=no
+
+# UUID, generate your own UUID with "make genuuid"
uuid=fc4ec57e-b051-11db-88f8-0060085db3f6
-# serial and model number the daemon will report to clients
-# in its XML description
+# Daemon's serial and model number when reporting to clients
+# (in XML description)
serial=12345678
model_number=1
# UPnP permission rules
-# (allow|deny) (external port range) ip/mask (internal port range)
+# (allow|deny) (external port range) IP/mask (internal port range)
# A port range is <min port>-<max port> or <port> if there is only
# one port in the range.
-# ip/mask format must be nn.nn.nn.nn/nn
+# IP/mask format must be nnn.nnn.nnn.nnn/nn
+# It is advised to only allow redirection of port >= 1024
+# and end the rule set with "deny 0-65535 0.0.0.0/0 0-65535"
+# The following default ruleset allows specific LAN side IP addresses
+# to request only ephemeral ports. It is recommended that users
+# modify the IP ranges to match their own internal networks, and
+# also consider implementing network-specific restrictions
+# CAUTION: failure to enforce any rules may permit insecure requests to be made!
#allow 1024-65535 192.168.0.0/24 1024-65535
#allow 1024-65535 192.168.1.0/24 1024-65535
+#allow 1024-65535 192.168.0.0/23 22
+#allow 12345 192.168.7.113/32 54321
deny 0-65535 0.0.0.0/0 0-65535
-
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/miniupnpd.git/commitdiff/1879faeb20492917a4709cae8bd7da0b20878648
More information about the pld-cvs-commit
mailing list