Trace: using_openvz using_udev_rules_to_fix_device_filename using_vm_console_from_command_line install_centos_5.4_as_guest install_guest_addition_on_centos_5 fix_boot_error_from_voyage-util rebuild_kernel setup_collectd_monitoring setup_dlna_server setup_igd_daemon
Table of Contents

Setup IGD daemon

We use miniupnpd from http://miniupnp.free.fr/.

Compile

This requires iptables compiled tree

Compile iptables

Get source and extract: 

cd build
mkdir iptables
cd iptables
apt-get source iptables
tar zxvf iptables_1.4.8.orig.tar.bz2 -C ../

Now go to iptables source and compile with static option 

cd ../iptables-1.4.8
./configure --enable-static
make

Compile miniupnpd

cd build
tar zxvf miniupnpd-1.6.20110730.tar.gz
cd  miniupnpd-1.6.20110730/ 
make -f Makefile.linux config.h
IPTABLESPATH=../iptables-1.4.8 make -f Makefile.linux

Install and config

Copy resulting binary miniupnpd to voyage box /usr/sbin/.

Main config file

Create /etc/miniupnpd/miniupnpd.conf: 

# WAN network interface
ext_ifname=eth0

# LAN network interfaces IPs / networks
listening_ip=192.168.0.1/24

# port for HTTP (descriptions and SOAP) traffic. set 0 for autoselect.
port=0

minissdpdsocket=/var/run/minissdpd.sock

# enable NAT-PMP support (default is no)
enable_natpmp=no

# enable UPNP support (default is yes)
enable_upnp=yes


# bitrates reported by daemon in bits per second
bitrate_up=1000000
bitrate_down=10000000

# "secure" mode : when enabled, UPnP client are allowed to add mappings only
# to their IP.
#secure_mode=yes
secure_mode=no

# If set to an empty string, no presentationURL element will appear
presentation_url=""

# report system uptime instead of daemon uptime
system_uptime=yes

# notify interval in seconds. default is 30 seconds.
notify_interval=60

# unused rules cleaning.
clean_ruleset_interval=600

# uuid : generate your own with "make genuuid"
uuid=fc4ec57e-b051-11db-88f8-0060085db3f6

# serial and model number the daemon will report to clients
# in its XML description
serial=20111007
model_number=2

# UPnP permission rules
# (allow|deny) (external port range) ip/mask (internal port range)

allow 1024-65535 192.168.0.0/24 1024-65535
#allow 1024-65535 192.168.1.0/24 1024-65535
deny 0-65535 0.0.0.0/0 0-65535

Init script

Create init script /etc/init.d/miniunpnd: 

#!/bin/sh
### BEGIN INIT INFO
# Provides:          miniupnpd
# Required-Start:    $network $local_fs $remote_fs minissdpd
# Required-Stop:     $network $local_fs $remote_fs
# Should-Start:      $all
# Should-Stop:       $all
# Default-Start:     2
# Default-Stop:      0 1 6
# Short-Description: UPnP Internet Gateway Device daemo
### END INIT INFO

MINIUPNPD=/usr/sbin/miniupnpd
ARGS='-f /etc/miniupnpd/miniupnpd.conf'

IPTABLES_CREATE=/etc/miniupnpd/iptables_init.sh
IPTABLES_REMOVE=/etc/miniupnpd/iptables_removeall.sh
IPTABLES_FLUSH=/etc/miniupnpd/iptables_flush.sh

test -f $MINIUPNPD || exit 0

. /lib/lsb/init-functions

case "$1" in
start)  log_daemon_msg "Starting miniupnpd" "miniupnpd"
		#$IPTABLES_CREATE > /dev/null 2>&1
	$IPTABLES_FLUSH > /dev/null 2>&1
        start-stop-daemon --start --quiet --pidfile /var/run/miniupnpd.pid --startas $MINIUPNPD -- $ARGS $LSBNAMES
        log_end_msg $?
        ;;
stop)   log_daemon_msg "Stopping miniupnpd" "miniupnpd"
        start-stop-daemon --stop --quiet --pidfile /var/run/miniupnpd.pid
        log_end_msg $?
        #$IPTABLES_REMOVE > /dev/null 2>&1
        $IPTABLES_FLUSH > /dev/null 2>&1
        ;;
restart|reload|force-reload)
        log_daemon_msg "Restarting miniupnpd" "miniupnpd"
        start-stop-daemon --stop --retry 5 --quiet --pidfile /var/run/miniupnpd.pid
        #$IPTABLES_REMOVE > /dev/null 2>&1
		#$IPTABLES_CREATE > /dev/null 2>&1
				$IPTABLES_FLUSH > /dev/null 2>&1
        start-stop-daemon --start --quiet --pidfile /var/run/miniupnpd.pid --startas $MINIUPNPD -- $ARGS $LSBNAMES
        log_end_msg $?
        ;;
*)      log_action_msg "Usage: /etc/init.d/miniupnpd {start|stop|restart|reload|force-reload}"
        exit 2
        ;;
esac

:

scripts required by init script

Create /etc/miniupnpd/iptables_flush.sh: 

#!/bin/sh
IPTABLES=/sbin/iptables

#flush all rules owned by miniupnpd
$IPTABLES -t nat -F MINIUPNPD
$IPTABLES -t filter -F MINIUPNPD

Add firewall chains

Add these rules to firewall start up script: 

#adding the MINIUPNPD chain for nat
$IPTABLES -t nat -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t nat -A PREROUTING -i $EXTCARD -j MINIUPNPD

#adding the MINIUPNPD chain for filter
$IPTABLES -t filter -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t filter -A FORWARD -i $EXTCARD ! -o $EXTCARD -j MINIUPNPD
voyage/setup_igd_daemon.txt · Last modified: 2011-11-09 16:01 by admin
Back to top
GNU Free Documentation License 1.3
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0