Please find a copy of my post in answer to a question on the General channel. If anyone can help finish the puzzle, much appreciated :
[ QUOTE ]
OK, I beleive I have a solution to the UPNP problem. Below are the details for getting the UPNPD service running on my ASL4 box.
It still doesn't work however due to the problem mentioned at the bottom of this post, if anyone more experienced with ASL can help, please do!!!
1) Download http://www.fastflow.it/floppinux/bering/upnpd-0.92c.lrp
2) Rename to upnpd.tar.gz
3) scp to /tmp
4) ssh on, and su to root
5) move upnpd.tar.gz to /var/chroot-report/opt:
mv /tmp/upnpd.tar.gz /var/chroot-report/opt
6) make a new directory called upnpd and ungztar upnpd:
mkdir upnpd
cd upnpd
tar -xvzf ../upnpd.tar.gz
7) go into the newly created etc directory and copy the file myupnpd.conf to /etc:
cd etc
cp myupnpd.conf /etc
8) edit /etc/myupnpd.conf using your favourite editor and change the lines uprate and downrate to correctly reflect your upload and download speeds in KBits/s
9) copy the linuxigd directory to /etc:
cp -R linuxigd /etc
10) enter the ../usr/sbin and copy upnpd to /usr/sbin:
cd ../usr/sbin
cp upnpd /usr/sbin
11) create a new file called unpnd in /sbin/init.d, containg the following script:
Code:
#!/bin/bash
# $Id: upnpd,v 1.00 2004/01/07 00:20:00 tom Exp $
trap "" HUP
ret_code=0
PNAME="upnpd"
EXT_IF="eth1"
INT_IF="eth0"
PROG="/usr/sbin/upnpd"
case "$1" in
start)
echo ":: Starting $PNAME"
ip route add 239.0.0.0/8 dev $INT_IF
PID=`pidof $PROG`
if [ ! -z "$PID" ] ; then
echo " Already running"
exit 0
fi
$PROG $EXT_IF $INT_IF >/dev/null 2>&1
;;
stop)
echo ":: Stopping $PNAME"
PID=`pidof $PROG`
if [ -z "$PID" ] ; then
echo " Already stopped"
exit 0
fi
killall $PROG
sleep 20
# This timeout is required to ensure all upnpd services have shut down
ip route del 239.0.0.0/8 dev $INT_IF
;;
restart)
echo "Restarting UPNP: "
sh $0 stop
sh $0 start
;;
*)
echo 'Usage: /sbin/init.d/upnpd {start|stop|restart}'
ret_code=1
;;
esac
/sbin/init.d/retcode $ret_code
exit $ret_code;
12) chmod 700 upnpd
13) in rc3.d create two symbolic links named S56upnpd and K56upnpd:
cd rc3.d
ln -s ../upnpd S56upnpd
ln -s ../upnpd k56upnpd
14) create a symbolic link for iptables in /usr/sbin:
cd /usr/sbin
ln -s /usr/local/bin iptables
15) Create (or add to) the file /sbin/init.d/ipfilter.local and add the following lines
Code:
#!/bin/bash
PATH=/usr/local/bin
iptables -D OUTPUT -s 10.10.10.0/24 -d 239.255.255.250/32 -j ACCEPT
iptables -D OUTPUT -s 10.10.10.254/32 -d 239.255.255.250/32 -j ACCEPT
iptables -D INPUT -s 10.10.10.254/32 -d 239.255.255.250/32 -j ACCEPT
iptables -D INPUT -s 10.10.10.0/24 -d 239.255.255.250/32 -j ACCEPT
iptables -I OUTPUT -s 10.10.10.0/24 -d 239.255.255.250/32 -j ACCEPT
iptables -I OUTPUT -s 10.10.10.254/32 -d 239.255.255.250/32 -j ACCEPT
iptables -I INPUT -s 10.10.10.254/32 -d 239.255.255.250/32 -j ACCEPT
iptables -I INPUT -s 10.10.10.0/24 -d 239.255.255.250/32 -j ACCEPT
16) Ensure that your packet filter rules are configured to allow the following:
Internal_Interface -> Internal_Network__ TCP 5000 Allow
Internal_Network__ -> 239.255.255.250/32 UDP 1900 Allow
Internal_Network__ -> Internal_Interface__ TCP 2869 Allow
Internal_Network__ -> Internal_Interface__ UDP 1900 Allow
Internal_Interface -> Internal_Network__ All UDP Allow
Internal_Interface -> 239.255.255.250/32 UDP 1900 Allow
17) Start UPNPD manually by running ./upnpd start
18) Check your Network Connections in XP, and hey presto the Ko-hitsuji Router has appeared. If it hasn't make sure that you have UPNP installed in XP, it doesn't come installed as standard. If all else fails, start to trawl through your packet filter logs to work out what's not working.
Right now we have a problem, on attempting to start a voice connection, the UPNPD service opens up the forwarding ports succesfully.
Unfortunatley, the Astaro middleware kicks in and moves these to FIX_CONNTRACK as LOGDROP.
Can anyone help at this point?
Look forward to hearing from you,
Dan Hart
[/ QUOTE ]
