diff options
| author | Josef Schlehofer <pepe.schlehofer@gmail.com> | 2022-04-22 17:19:51 +0200 |
|---|---|---|
| committer | Josef Schlehofer <pepe.schlehofer@gmail.com> | 2022-04-22 17:20:39 +0200 |
| commit | 0bc25077b37d74065fd107dc9f85fbb11ccba56b (patch) | |
| tree | 3f39ac9a839e03fd56a07cb81fbd65021c696d92 /net/miniupnpd | |
| parent | 0248058f6ba0ab1aad8a6c816354486067e5e521 (diff) | |
Revert "miniupnpd: bump to latest git source"
This was reverted because the commit does more things than just "bump to
latest git source". Also, it was not properly reviewed/tested.
See: https://github.com/openwrt/packages/pull/18133#issuecomment-1106346788
This reverts commit b3b911e99238282a768bce962bc2a271f84229ac.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Diffstat (limited to 'net/miniupnpd')
| -rw-r--r-- | net/miniupnpd/Makefile | 18 | ||||
| -rw-r--r-- | net/miniupnpd/files/miniupnpd.hotplug | 5 | ||||
| -rw-r--r-- | net/miniupnpd/files/miniupnpd.init | 26 | ||||
| -rw-r--r-- | net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch | 25 | ||||
| -rw-r--r-- | net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch | 13 |
5 files changed, 38 insertions, 49 deletions
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile index 45950ccc9..2a1372755 100644 --- a/net/miniupnpd/Makefile +++ b/net/miniupnpd/Makefile @@ -8,15 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=miniupnpd -PKG_VERSION:=2.3.0 +PKG_VERSION:=2.2.3 PKG_RELEASE:=$(AUTORELEASE) -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp.git -PKG_SOURCE_DATE:=2022-03-20 -PKG_SOURCE_VERSION:=fda61180e07abd222623e54b9239557bbffbc21d -PKG_MIRROR_HASH:=f81a5b920f1bddb5673a2455461d4dca20d17138f5488713c5a759f2a64e9f18 -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)/miniupnpd +PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_HASH:=f89c310ce9575183af3fec61af65e548f85114133df8caaaa9e204c13b7a9da5 PKG_MAINTAINER:= PKG_LICENSE:=BSD-3-Clause @@ -29,9 +26,6 @@ PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/version.mk -TAR_OPTIONS+= --strip-components 1 -TAR_CMD=$(HOST_TAR) -C $(1)/.. $(TAR_OPTIONS) - define Package/miniupnpd/Default SECTION:=net CATEGORY:=Network @@ -115,10 +109,6 @@ endef define Package/miniupnpd-nftables/install $(call Package/miniupnpd/install/Default,$1) - $(INSTALL_DIR) $(1)/usr/share/miniupnpd - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/miniupnpd_functions.sh $(1)/usr/share/miniupnpd/miniupnpd_functions.sh - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_init.sh $(1)/usr/share/miniupnpd/nft_init.sh - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_removeall.sh $(1)/usr/share/miniupnpd/nft_removeall.sh endef $(eval $(call BuildPackage,miniupnpd-iptables)) diff --git a/net/miniupnpd/files/miniupnpd.hotplug b/net/miniupnpd/files/miniupnpd.hotplug index 607a32bdc..63d6114b6 100644 --- a/net/miniupnpd/files/miniupnpd.hotplug +++ b/net/miniupnpd/files/miniupnpd.hotplug @@ -13,7 +13,6 @@ tmpconf="/var/etc/miniupnpd.conf" external_iface=$(uci -q get upnpd.config.external_iface) external_iface6=$(uci -q get upnpd.config.external_iface6) external_zone=$(uci -q get upnpd.config.external_zone) -[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3" . /lib/functions/network.sh @@ -21,7 +20,7 @@ if [ -n "$external_iface" ] ; then network_get_device ifname "$external_iface" else if [ -n "$external_zone" ] ; then - ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1) + ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1) else network_find_wan external_iface && \ network_get_device ifname "$external_iface" @@ -31,7 +30,7 @@ if [ -n "$external_iface6" ] ; then network_get_device ifname6 "$external_iface6" else if [ -n "$external_zone" ] ; then - ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1) + ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1) else network_find_wan6 external_iface6 && \ network_get_device ifname6 "$external_iface6" diff --git a/net/miniupnpd/files/miniupnpd.init b/net/miniupnpd/files/miniupnpd.init index 1b0466672..cc13e0440 100644 --- a/net/miniupnpd/files/miniupnpd.init +++ b/net/miniupnpd/files/miniupnpd.init @@ -5,8 +5,6 @@ START=94 STOP=15 USE_PROCD=1 PROG=/usr/sbin/miniupnpd -NFT_SCRIPTS_DIR=/usr/share/miniupnpd -[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3" upnpd_get_port_range() { local var="$1"; shift @@ -100,7 +98,7 @@ upnpd() { network_get_device ifname "$external_iface" else if [ -n "$external_zone" ] ; then - ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1) + ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1) else network_find_wan external_iface && \ network_get_device ifname "$external_iface" @@ -110,7 +108,7 @@ upnpd() { network_get_device ifname6 "$external_iface6" else if [ -n "$external_zone" ] ; then - ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1) + ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1) else network_find_wan6 external_iface6 && \ network_get_device ifname6 "$external_iface6" @@ -178,12 +176,7 @@ upnpd() { if [ -n "$ifname" ]; then # start firewall - if [ "Z$FW" = "Zfw4" ]; then - $NFT_SCRIPTS_DIR/nft_init.sh 2>/dev/null - fw4 reload - else - iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload - fi + iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload else logger -t "upnp daemon" "external interface not found, not starting" fi @@ -196,16 +189,11 @@ upnpd() { } stop_service() { - if [ "Z$FW" = "Zfw4" ]; then - $NFT_SCRIPTS_DIR/nft_removeall.sh 2>/dev/null - fw4 reload - else - iptables -t nat -F MINIUPNPD 2>/dev/null - iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null - iptables -t filter -F MINIUPNPD 2>/dev/null + iptables -t nat -F MINIUPNPD 2>/dev/null + iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null + iptables -t filter -F MINIUPNPD 2>/dev/null - [ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null - fi + [ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null } start_service() { diff --git a/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch new file mode 100644 index 000000000..c6f24b282 --- /dev/null +++ b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch @@ -0,0 +1,25 @@ +From 51a422407b22f0cb7188ea4bfb3867b2bbfcfe68 Mon Sep 17 00:00:00 2001 +From: Stijn Tintel <stijn@linux-ipv6.be> +Date: Sun, 7 Nov 2021 20:24:29 +0200 +Subject: [PATCH] miniupnpd/configure: don't hardcode iptables + +The OpenWrt Makefile that builds miniupnpd passes the firewall argument +to the configure script, so this is not needed and it is blocking us +from using nftables instead, which will be the default backend for +firewall4 to be used in the next OpenWrt stable release. + +Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> +--- + configure | 1 - + 1 file changed, 1 deletion(-) + +--- a/configure ++++ b/configure +@@ -387,7 +387,6 @@ case $OS_NAME in + OpenWRT) + OS_URL=http://www.openwrt.org/ + echo "#define USE_IFACEWATCHER 1" >> ${CONFIGFILE} +- FW=iptables + ;; + OpenEmbedded) + OS_URL=http://www.openembedded.org/ diff --git a/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch b/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch deleted file mode 100644 index 2ca00a778..000000000 --- a/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/netfilter_nft/scripts/nft_init.sh -+++ b/netfilter_nft/scripts/nft_init.sh -@@ -19,8 +19,8 @@ echo "Creating nftables structure" - cat > /tmp/miniupnpd.nft <<EOF - table inet $TABLE { - chain forward { -- type filter hook forward priority 0; -- policy drop; -+ type filter hook forward priority -25; -+ policy accept; - - # miniupnpd - jump $CHAIN |