#!/bin/sh /etc/rc.common
START=95
+
start() {
- echo "miniupnpd starting ..."
- iptables_flush.sh 2>&- >&-
- killall miniupnpd 2>&-
- iptables_removeall.sh 2>&- >&-
- iptables_init.sh
- # get bitspeed information, if provided
- upnpd_up_bitspeed=$(uci get upnpd.general.up_bitspeed)
- upnpd_down_bitspeed=$(uci get upnpd.general.down_bitspeed)
- bitspeed_str=""
- [ -n "$upnpd_up_bitspeed" ] && [ -n "$upnpd_down_bitspeed" ] && {
- # covert to bytespeed
- let upnpd_up_bytespeed=$upnpd_up_bitspeed*1024/8
- let upnpd_down_bytespeed=$upnpd_down_bitspeed*1024/8
- bitspeed_str="-B $upnpd_down_bytespeed $upnpd_up_bytespeed"
- }
- upnpd_log=$(uci get upnpd.general.log_output)
- if [ "$upnpd_log" = "1" ]; then
- miniupnpd -i $(uci get network.wan.ifname) -a $(uci get network.lan.ipaddr) -p 5000 -U $bitspeed_str -d | logger -t miniupnpd &
+ config_load "upnpd"
+ local extiface intiface upload download logging secure enabled
+
+ config_get extiface config external_iface
+ config_get intiface config internal_iface
+ config_get upload config upload
+ config_get download config download
+ config_get_bool logging config log_output 0
+ config_get_bool secure config secure_mode 0
+ config_get_bool enabled config enabled 0
+
+ include /lib/network
+ scan_interfaces
+
+ local ifname
+ config_get ifname ${extiface:-wan} ifname
+
+ if [ -n "$ifname" ]; then
+ local args="-i $ifname"
+ local iface
+
+ for iface in ${intiface:-lan}; do
+ local ipaddr
+ config_get ipaddr "$iface" ipaddr
+ [ -n "$ipaddr" ] && append args "-a $ipaddr"
+ done
+
+ append args "-p 5000 -U"
+
+ [ -n "$upload" -a -n "$download" ] && \
+ append args "-B $(($download * 1024 * 8)) $(($upload * 1024 * 8))"
+
+ [ "$secure" -gt 0 ] && \
+ append args "-S"
+
+ if [ "$logging" = "1" ]; then
+ [ "$enabled" -gt 0 ] && eval start-stop-daemon -S -x miniupnpd -- $args -d | logger -t miniupnpd &
+ else
+ [ "$enabled" -gt 0 ] && eval start-stop-daemon -S -x miniupnpd -- $args 2>/dev/null
+ fi
+
+ # start firewall
+ local zone
+ config_load firewall
+ config_get zone core "${extiface:-wan}_zone"
+ [ -n "$zone" ] && \
+ ACTION="add" ZONE="$zone" INTERFACE="${extiface:-wan}" DEVICE="$ifname" \
+ . /etc/hotplug.d/firewall/50-miniupnpd
else
- miniupnpd -i $(uci get network.wan.ifname) -a $(uci get network.lan.ipaddr) -p 5000 -U $bitspeed_str
+ logger -t "upnp daemon" "external interface not found, not starting"
fi
}
+
+clear_rule() {
+ local state="$1"
+ local ifname ipaddr
+
+ config_get ifname "$state" ifname
+ config_get ipaddr "$state" ipaddr
+
+ [ -n "$ifname" ] && [ -n "$ipaddr" ] && {
+ iptables -t nat -D prerouting_rule -i $ifname -d $ipaddr -j MINIUPNPD
+ iptables -t filter -D forwarding_rule -i $ifname ! -o $ifname -j MINIUPNPD
+ uci_revert_state upnpd "$state"
+ unset "CONFIG_${state}_ifname"
+ unset "CONFIG_${state}_ipaddr"
+ }
+}
+
stop() {
- iptables_flush.sh 2>&- >&-
- killall miniupnpd 2>&-
- iptables_removeall.sh 2>&- >&-
-}
\ No newline at end of file
+ start-stop-daemon -K -q -x miniupnpd -p /var/run/miniupnpd.pid
+ rm -f /var/run/miniupnpd.pid
+
+ logger -t "upnp" "removing firewall rules"
+
+ config_load upnpd
+ config_foreach clear_rule firewall
+
+ iptables -t nat -F MINIUPNPD 2>/dev/null
+ iptables -t nat -X MINIUPNPD 2>/dev/null
+ iptables -t filter -F MINIUPNPD 2>/dev/null
+ iptables -t filter -X MINIUPNPD 2>/dev/null
+}
+