git.openwrt.org Git - feed/packages.git/commit

author	Jo-Philipp Wich <jo@mein.io>
	Tue, 6 Sep 2022 17:42:18 +0000 (19:42 +0200)
committer	Jo-Philipp Wich <jo@mein.io>
	Tue, 6 Sep 2022 18:28:11 +0000 (20:28 +0200)
commit	f1c69d0e6cea3dc33e3cc86e22812afb8ecb1032
tree	de54766618ef41ed87d2539281ca79a9c87677b1	tree \| snapshot
parent	6dd38447d5a067637039f050b763826834e7a8a9	commit \| diff

miniupnpd: rework firewall4 integration

- Bump to the latest Git version in order to increase the package version
   for simpler opkg upgrade of the broken version

- (Re-)Introduce PKG_RELEASE into the package, omitting it may lead to
   opkg segmentation faults under certain circumstances

- Utilize automatic include hooks to drop the isolated miniupnpd table
   in favor to chains within the main inet fw4 table, otherwise PCP is
   unreliable as the upnp table might accept traffic which is later
   rejected by fw4

- Install a fw4 script hook to restart miniupnpd on fw4 restarts and
   reloads in order to repopulate the upnp chains with forward rules

- Register the used miniupnpd configuration file and the firewall uci
   configuration as change sources, otherwise `/etc/init.d/miniupnpd reload`
   has no effect if the firewall or upnpd config was changed

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

net/miniupnpd/Makefile		diff \| blob \| history
net/miniupnpd/files/firewall4.include	[new file with mode: 0644]	blob
net/miniupnpd/files/miniupnpd.defaults.nftables	[new file with mode: 0644]	blob
net/miniupnpd/files/miniupnpd.init		diff \| blob \| history
net/miniupnpd/files/nftables.d/chain-post/dstnat/20-miniupnpd.nft	[new file with mode: 0644]	blob
net/miniupnpd/files/nftables.d/chain-post/forward/20-miniupnpd.nft	[new file with mode: 0644]	blob
net/miniupnpd/files/nftables.d/chain-post/srcnat/20-miniupnpd.nft	[new file with mode: 0644]	blob
net/miniupnpd/files/nftables.d/table-post/20-miniupnpd.nft	[new file with mode: 0644]	blob