Sorry for my wrong title. The proper one is multiple external interfaces.
According to the miniUPnP project's configulation,miniUPnP is able to run on multiple interfaces (both wan and lan).
But at this time neither LuCI nor UCI cannot configure which net interface(s) miniUPnP running on.
You want to be able to specify the "wan" interface from luci/ uci commands?
the option external_iface can be used to force the wan device from uci commands but it is not required as it defaults is to autodetect the first interface with a default route, which usually is wan .
Technically miniupnpd can run on wan but this would be a massive security risk.
on my router I have dual dnsmasq instances and run miniupnpd on both as below using the option internal_iface.
option external_iface 'wan'
option internal_iface 'adults_lan kids_lan'
But I need multiple external interfaces now. It seems that I need to edit my title.
then add them in the way @professor_jonny suggested ?
Doesn't work at all:
The UCI config looks like this:
config upnpd 'config'
option enabled '1'
option download '75000'
option upload '15000'
option external_iface 'pppoe-vwan0 pppoe-vwan1 pppoe-vwan2 pppoe-vwan3'
option external_iface6 'pppoe-vwan0 pppoe-vwan1 pppoe-vwan2 pppoe-vwan3'
option internal_iface 'lan'
option port '5000'
option upnp_lease_file '/var/run/miniupnpd.leases'
option uuid 'd27e0d94-e8cd-44e4-a840-67bdc97c55c5'
config perm_rule
option action 'allow'
option ext_ports '1024-65535'
option int_addr '0.0.0.0/0'
option int_ports '1024-65535'
option comment 'Allow high ports'
config perm_rule
option action 'deny'
option ext_ports '0-65535'
option int_addr '0.0.0.0/0'
option int_ports '0-65535'
option comment 'Default deny'
However, the auto-gen miniupnp.conf looks like this:
ext_ifname=
ext_ifname6=
listening_ip=br-lan
enable_natpmp=yes
enable_upnp=yes
secure_mode=yes
system_uptime=yes
force_igd_desc_v1=no
ext_perform_stun=no
ipv6_disable=no
bitrate_down=614400000
bitrate_up=122880000
lease_file=/var/run/miniupnpd.leases
port=5000
uuid=d27e0d94-e8cd-44e4-a840-67bdc97c55c5
allow 1024-65535 0.0.0.0/0 1024-65535 #Allow high ports
deny 0-65535 0.0.0.0/0 0-65535 #Default deny
upnp_table_name=fw4
upnp_nat_table_name=fw4
upnp_forward_chain=upnp_forward
upnp_nat_chain=upnp_prerouting
upnp_nat_postrouting_chain=upnp_postrouting
The external interface gone.
then change the miniupnp.conf via cli, see if it works, if you manually start the service afterwards.
I use a dedicated miniupnp.conf to start miniupnp service and it works fine. It looks like this:
ext_ifname=pppoe-vwan0
ext_ifname=pppoe-vwan1
ext_ifname=pppoe-vwan2
ext_ifname=pppoe-vwan3
ext_ifname6=pppoe-vwan0
ext_ifname6=pppoe-vwan1
ext_ifname6=pppoe-vwan2
ext_ifname6=pppoe-vwan3
listening_ip=br-lan
enable_natpmp=yes
enable_upnp=yes
secure_mode=yes
system_uptime=yes
force_igd_desc_v1=no
ext_perform_stun=no
ipv6_disable=no
bitrate_down=614400000
bitrate_up=122880000
lease_file=/var/run/miniupnpd.leases
port=5000
uuid=d27e0d94-e8cd-44e4-a840-67bdc97c55c5
allow 1024-65535 0.0.0.0/0 1024-65535 #Allow high ports
deny 0-65535 0.0.0.0/0 0-65535 #Default deny
upnp_table_name=fw4
upnp_nat_table_name=fw4
upnp_forward_chain=upnp_forward
upnp_nat_chain=upnp_prerouting
upnp_nat_postrouting_chain=upnp_postrouting
Are all those external interfaces active at the same time ? as it is only going to use the first active one.
I don't believe it will forward from the lan associated with the particular wan interface it is not that cleaver.
It does say the external interfaces need to be on a separate line's unlike the internal.