[HOWTO] Get UPNP working with IPFire

Help on building IPFire & Feature Requests
Post Reply
hellsacolyte
Posts: 13
Joined: April 28th, 2010, 5:03 am

[HOWTO] Get UPNP working with IPFire

Post by hellsacolyte » October 30th, 2012, 10:37 pm

I hope this is the right forum :) If it's not, please move it.

Hello! You may remember me posting about this very same topic quite a while ago. Well as this is my favorite solution, I decided to recently mess with this yet again, no thanks to the recent launch of Assassin's Creed 3 and me needing the network to function 100%. (Ubisoft does NOT list all the ports needed, waste of time) So here is my solution! If there is any issues please bring them up in this thread but I believe this is the correct way of doing things and it has been working flawlessly, including surviving a reboot.

So the first thing you need to do is goto your router configuration page and click the ipfire tab. In that list select and install miniupnpd. Thankfully IPFire takes care of the annoying bit of getting it to boot with the firewall, so the next step is one simple line and you will be done!

Connect to your machine via whichever method you like, I used SSH.

Then change directory to /etc/sysconfig/, after doing that run your favorite text editor (I choose VI) and open the file rc.local.

At the end of the file paste this line,

Code: Select all

iptables -I FORWARD 15 -j UPNPFW


The result should look like this

Image

The command states that you are INSERTING in the FORWARD chain, the UPNPFW entry. The number is the position and I simply chose it to be around the other tables like PORTFWACCESS but after all the special DROPs and before the final DROP. You're free to change the number but I can't guarantee that it will continue to function fully.

Hope this small tutorial was of some help for those with multiple Xbox's and PS3's in the same house gaming like me. It also works with my QoS as far as I can tell by watching and testing!

User avatar
tmkoeln
Posts: 732
Joined: February 26th, 2012, 11:34 am
Location: Köln/Cologne
Contact:

Re: [HOWTO] Get UPNP working with IPFire

Post by tmkoeln » October 31st, 2012, 6:31 am

Yes it is a way, but keep in mind, that UPNP in the flavor of opening ports could put your network at risk...

tmkoeln
@Köln/Koln/Cologne (Productive System) @ netcologne 100 Mbit VDSL2
Image
@Wesseling (Productive System) @ netcologne 100 Mbit VDSL2
Image

hellsacolyte
Posts: 13
Joined: April 28th, 2010, 5:03 am

Re: [HOWTO] Get UPNP working with IPFire

Post by hellsacolyte » October 31st, 2012, 12:57 pm

I'm well aware of that but there really is no other way to use multiple systems without that security risk. A lot of applications and games don't advertise their full port list. Try using Assassin's Creed Revelations on the PC with the ports provided on Ubisoft's support site. You never actually get an Open NAT with it. Very unfortunate but this atleast solves those issues.

User avatar
tmkoeln
Posts: 732
Joined: February 26th, 2012, 11:34 am
Location: Köln/Cologne
Contact:

Re: [HOWTO] Get UPNP working with IPFire

Post by tmkoeln » November 2nd, 2012, 1:18 pm

Never had any problems with Anno 2070/AC Brotherhood and AC Revelations for PC with firewall modus 2, maybe you should try modus 2.

tmkoeln
@Köln/Koln/Cologne (Productive System) @ netcologne 100 Mbit VDSL2
Image
@Wesseling (Productive System) @ netcologne 100 Mbit VDSL2
Image

hellsacolyte
Posts: 13
Joined: April 28th, 2010, 5:03 am

Re: [HOWTO] Get UPNP working with IPFire

Post by hellsacolyte » November 3rd, 2012, 6:42 pm

Doesn't that just make the firewall more restrictive? Where I have to also forward the outgoing ports?

Also, what does the PORTFWMANGLE in the mangle chain do? Would it be needed to have UPNPFW also somehow make it's presence known there also? I haven't been able to find an answer and I wouldn't think it needs too but I figured I would check as the ports don't show external IP's on the IPTables page under NAT, whereas the manual port forwards do, so I feel as if something may possibly be not quite right.

Hopefully a dev can shed a little light or somebody who knows more then I do?

Thanks!

hellsacolyte
Posts: 13
Joined: April 28th, 2010, 5:03 am

Re: [HOWTO] Get UPNP working with IPFire

Post by hellsacolyte » November 4th, 2012, 3:09 am

Upon further reading it seems I was thinking Mode 1. But since I am using Mode 0, the way I read things is that Mode 2 allows everything by default like Mode 0 with the ability to add exceptions. Which does not change the issues Ubisoft's port listings have.

Have you looked at your NAT type for those? It's always Moderate as they leave undisclosed ports. You can still connect to matches but a Moderate NAT type does not allow you to play with players who may have a Strict NAT. Open is obviously the best and it seems on these ill-documented titles, if they support UPnP to unfortunately give them what they want.

I have been having great success with what I typed above but like my previous post said, I would like to know about the Mangle section pertaining to UPnP.

Thanks!

Post Reply