aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZiMing Mo <msylgj@immortalwrt.org>2022-03-23 02:56:28 +0800
committerRosen Penev <rosenp@gmail.com>2022-04-14 19:01:03 -0700
commitb3b911e99238282a768bce962bc2a271f84229ac (patch)
treef7b1e347b41605cb23c0d6595a219f978e1d054e
parenta2a3bbcad7ef88066816c99893e8ab4ea3480e3b (diff)
miniupnpd: bump to latest git source
Signed-off-by: ZiMing Mo <msylgj@immortalwrt.org>
Diffstat
5 files changed, 49 insertions, 38 deletions
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
index 2a1372755..45950ccc9 100644
--- a/net/miniupnpd/Makefile
+++ b/net/miniupnpd/Makefile
@@ -8,12 +8,15 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=miniupnpd
-PKG_VERSION:=2.2.3
+PKG_VERSION:=2.3.0
PKG_RELEASE:=$(AUTORELEASE)
-PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=f89c310ce9575183af3fec61af65e548f85114133df8caaaa9e204c13b7a9da5
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp.git
+PKG_SOURCE_DATE:=2022-03-20
+PKG_SOURCE_VERSION:=fda61180e07abd222623e54b9239557bbffbc21d
+PKG_MIRROR_HASH:=f81a5b920f1bddb5673a2455461d4dca20d17138f5488713c5a759f2a64e9f18
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)/miniupnpd
PKG_MAINTAINER:=
PKG_LICENSE:=BSD-3-Clause
@@ -26,6 +29,9 @@ PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/version.mk
+TAR_OPTIONS+= --strip-components 1
+TAR_CMD=$(HOST_TAR) -C $(1)/.. $(TAR_OPTIONS)
+
define Package/miniupnpd/Default
SECTION:=net
CATEGORY:=Network
@@ -109,6 +115,10 @@ endef
define Package/miniupnpd-nftables/install
$(call Package/miniupnpd/install/Default,$1)
+ $(INSTALL_DIR) $(1)/usr/share/miniupnpd
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/miniupnpd_functions.sh $(1)/usr/share/miniupnpd/miniupnpd_functions.sh
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_init.sh $(1)/usr/share/miniupnpd/nft_init.sh
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_removeall.sh $(1)/usr/share/miniupnpd/nft_removeall.sh
endef
$(eval $(call BuildPackage,miniupnpd-iptables))
diff --git a/net/miniupnpd/files/miniupnpd.hotplug b/net/miniupnpd/files/miniupnpd.hotplug
index 63d6114b6..607a32bdc 100644
--- a/net/miniupnpd/files/miniupnpd.hotplug
+++ b/net/miniupnpd/files/miniupnpd.hotplug
@@ -13,6 +13,7 @@ tmpconf="/var/etc/miniupnpd.conf"
external_iface=$(uci -q get upnpd.config.external_iface)
external_iface6=$(uci -q get upnpd.config.external_iface6)
external_zone=$(uci -q get upnpd.config.external_zone)
+[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"
. /lib/functions/network.sh
@@ -20,7 +21,7 @@ if [ -n "$external_iface" ] ; then
network_get_device ifname "$external_iface"
else
if [ -n "$external_zone" ] ; then
- ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
+ ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
else
network_find_wan external_iface && \
network_get_device ifname "$external_iface"
@@ -30,7 +31,7 @@ if [ -n "$external_iface6" ] ; then
network_get_device ifname6 "$external_iface6"
else
if [ -n "$external_zone" ] ; then
- ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
+ ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
else
network_find_wan6 external_iface6 && \
network_get_device ifname6 "$external_iface6"
diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init
index cc13e0440..1b0466672 100644
--- a/net/miniupnpd/files/miniupnpd.init
+++ b/net/miniupnpd/files/miniupnpd.init
@@ -5,6 +5,8 @@ START=94
STOP=15
USE_PROCD=1
PROG=/usr/sbin/miniupnpd
+NFT_SCRIPTS_DIR=/usr/share/miniupnpd
+[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"
upnpd_get_port_range() {
local var="$1"; shift
@@ -98,7 +100,7 @@ upnpd() {
network_get_device ifname "$external_iface"
else
if [ -n "$external_zone" ] ; then
- ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
+ ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
else
network_find_wan external_iface && \
network_get_device ifname "$external_iface"
@@ -108,7 +110,7 @@ upnpd() {
network_get_device ifname6 "$external_iface6"
else
if [ -n "$external_zone" ] ; then
- ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
+ ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
else
network_find_wan6 external_iface6 && \
network_get_device ifname6 "$external_iface6"
@@ -176,7 +178,12 @@ upnpd() {
if [ -n "$ifname" ]; then
# start firewall
- iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
+ if [ "Z$FW" = "Zfw4" ]; then
+ $NFT_SCRIPTS_DIR/nft_init.sh 2>/dev/null
+ fw4 reload
+ else
+ iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
+ fi
else
logger -t "upnp daemon" "external interface not found, not starting"
fi
@@ -189,11 +196,16 @@ upnpd() {
}
stop_service() {
- iptables -t nat -F MINIUPNPD 2>/dev/null
- iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
- iptables -t filter -F MINIUPNPD 2>/dev/null
+ if [ "Z$FW" = "Zfw4" ]; then
+ $NFT_SCRIPTS_DIR/nft_removeall.sh 2>/dev/null
+ fw4 reload
+ else
+ iptables -t nat -F MINIUPNPD 2>/dev/null
+ iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
+ iptables -t filter -F MINIUPNPD 2>/dev/null
- [ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
+ [ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
+ fi
}
start_service() {
diff --git a/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch
deleted file mode 100644
index c6f24b282..000000000
--- a/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 51a422407b22f0cb7188ea4bfb3867b2bbfcfe68 Mon Sep 17 00:00:00 2001
-From: Stijn Tintel <stijn@linux-ipv6.be>
-Date: Sun, 7 Nov 2021 20:24:29 +0200
-Subject: [PATCH] miniupnpd/configure: don't hardcode iptables
-
-The OpenWrt Makefile that builds miniupnpd passes the firewall argument
-to the configure script, so this is not needed and it is blocking us
-from using nftables instead, which will be the default backend for
-firewall4 to be used in the next OpenWrt stable release.
-
-Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
----
- configure | 1 -
- 1 file changed, 1 deletion(-)
-
---- a/configure
-+++ b/configure
-@@ -387,7 +387,6 @@ case $OS_NAME in
- OpenWRT)
- OS_URL=http://www.openwrt.org/
- echo "#define USE_IFACEWATCHER 1" >> ${CONFIGFILE}
-- FW=iptables
- ;;
- OpenEmbedded)
- OS_URL=http://www.openembedded.org/
diff --git a/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch b/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch
new file mode 100644
index 000000000..2ca00a778
--- /dev/null
+++ b/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch
@@ -0,0 +1,13 @@
+--- a/netfilter_nft/scripts/nft_init.sh
++++ b/netfilter_nft/scripts/nft_init.sh
+@@ -19,8 +19,8 @@ echo "Creating nftables structure"
+ cat > /tmp/miniupnpd.nft <<EOF
+ table inet $TABLE {
+ chain forward {
+- type filter hook forward priority 0;
+- policy drop;
++ type filter hook forward priority -25;
++ policy accept;
+
+ # miniupnpd
+ jump $CHAIN
Powered by cgit, Themed by Ted Yin.