Support for Multiple Instances of miniupnpd and Interface Selection for Input/Output

Hello,

I would like to propose adding support for running multiple instances of miniupnpd as well as the ability to select specific input and output interfaces for each instance. Currently, miniupnpd only supports a single instance with a predefined set of interfaces, which can be limiting for more complex network setups, such as Multi-WAN or routing with multiple tunnels (e.g., 6in4, 6to4).

Proposed Changes:

  1. Multi-instance miniupnpd Support: Add the ability to run multiple instances of miniupnpd, each with its own configuration. This will allow users to manage port forwarding flexibly across different WAN interfaces.

  2. Input and Output Interface Selection: In each miniupnpd instance, provide options to specify individual interfaces for inbound and outbound traffic. For example, the ability to designate one interface for incoming connections (WAN) and another for outgoing traffic (LAN).

Justification:

These changes will give users with complex network topologies more flexibility, especially those utilizing multiple WAN interfaces or tunnel connections. This will also simplify UPnP management for home users with multiple internet connections and different traffic types, improving both security and control over network resources.

Thank you in advance for considering this request and for your ongoing work!

Best regards...

1 Like

You should probably make your request over at https://miniupnp.tuxfamily.org/

Unless the features you want are already in miniupnpd and are just not exposed by the OpenWRT implementation.

1 Like

UPNP IGD does not provide anything for IP6 or outside tcp/udp. So your supposed limitation is inherent property of reality.

You can generate multiple config files and run multiple instances. What "support" are you looking for?

2 Likes

Thanks for support.

1 Like

I don't know many home user's with multiple wan connections and most would only care it works not which wan it use, and one can use routing tables or mwan3 to take care of that.
even if someone had multiple wan's most would be setup with a fixed line with 4g or 5g failover.

You can specify Multiple input interfaces for lan segments with different port ranges I have a kids and adults lan I can do that below is my config:

config perm_rule
	option action 'allow'
	option ext_ports '1024-65535'
	option int_addr '192.168.1.0/24'
	option int_ports '1024-65535'
	option comment 'Allow high ports adults lan'

config perm_rule
	option ext_ports '0-65535'
	option int_addr '192.168.1.0/24'
	option int_ports '0-65535'
	option comment 'Default deny adults lan'
	option action 'deny'

config perm_rule
	option action 'allow'
	option ext_ports '1024-65535'
	option int_addr '192.168.2.0/24'
	option int_ports '1024-65535'
	option comment 'Allow high ports kids lan'

config perm_rule
	option ext_ports '0-65535'
	option int_addr '192.168.2.0/24'
	option int_ports '0-65535'
	option comment 'Default deny kids lan'
	option action 'deny'

miniupnpd supports IPv6 “pinholes”.

1 Like