[freenet-dev] UP&P, again
Florent Daignière
nextgens at freenetproject.org
Thu May 24 20:09:03 UTC 2007
* Matthew Toseland <toad at amphibian.dyndns.org> [2007-05-24 20:52:41]:
> On Thursday 24 May 2007 13:30, Florent Daignière wrote:
> > Hi,
> >
> > Just to keep people posted, I've written a plugin to provide basic upnp
> > support to the node... Currently it uses two features of the protocol:
> >
> > 1) external IP address reporting
> > I'm confident that it works in "simple" cases
> >
> > 2) port forwarding of the FNP port
> > Should work, might not persist, might have some forgotten border cases
> >
> > More work has to be done to make it behave "properly", and handle
> > border cases (more than one IGD on the LAN, external IP changes, IGD
> > reboot, ...) but I don't think that it worths the effort.
>
> Thanks for building this. We should support the more common cases IMHO -
> rebooting the IGD, the external IP changing.
I might do it, but not now :)
> If it's easy to support two IGDs
> then it might be nice to do so, but generally that suggests trouble; it may
> be sensible to leave it as disabled, or it may be better to tell the user
> about it.
We tell the user about it and disable the plugin (if they are two
gateways I dunno how to detect which one we are using).
>
> Also I think UP&P should run on every startup, unless we are directly
> connected to the inet.
The ip detection and the port-forwarding parts are separated. If the
plugin is loaded the port will be forwarded.
> Anything that improves connectivity and reduces reliance on STUN servers (an
> obvious thing for an attacker to watch) has to be a good thing.
up&p doesn't replace stun... imho we can't rely only on upnp.
> Have you implemented the "my LAN is reasonably secure" option?
Not yet, it will be in the FirstTimeWizardToadlet.
NextGen$
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070524/61e62260/attachment.pgp
More information about the Devl
mailing list