I'm having problems with UPnP, it works but the rules stay active even after turning off my PC. I need the rules to be deleted periodically as I play on both PC and Xbox - mainly using port 3074 udp.
I'm currently using the following settings:
I'm having problems with UPnP, it works but the rules stay active even after turning off my PC. I need the rules to be deleted periodically as I play on both PC and Xbox - mainly using port 3074 udp.
I'm currently using the following settings:
No updates since upstream has no https site with checksums.
States are set to expire in 1h or 15min, there is no check for client up or down.
I believe they are not supposed to. Router is not checking if those ports are used or not. By default it starts periodically (adjusted by clean_ruleset_interval
in /etc/config/miniupnpd) cleaning rules when they reach 20 in number (adjusted by clean_ruleset_threshold
in /etc/config/miniupnpd). Client software is supposed to close those ports. You can try checking it with, let's say, Transmission BT client.
Hi. I tried modifying clean_ruleset_interval
and clean_ruleset_threshold
, but it didn't work. I left it at 10
and 1
- respectively, but the rules remained active, even without traffic.
It seems that only the rules created by qBittorrent are deleted after I close the program.
And which program does not clean them? UPNP IGD is not supposed to track LAN clients.
Mostly games. e.g, Call of Duty (3074), Forza (3074, 524), GTA (6672) etc.
Newer miniupnpd sets shorter default timeouts, but this is how upnp is supposed to work that NAT user can open incoming connections. In very historical implementations that was forever.
IGDv1 only allowed for an infinite lease time, requiring either the device to reboot, thus cleaning its internal redirect table, or for the client that requested the redirect to clean them up when they are done.
IGDv2 introduced lease times, but most applications don't make use of it in order to support older devices, running IGDv1 only software. But even with NewLeaseDuration set to something other than 0 (infinite), the client is still supposed to clean it up if they are done before the lease expires.
As far as I am aware, Clean rules threshold
and Clean rules interval
specify how often miniupnpd clean EXPIRED rules, not rules still in effect, which is the case for all infinite-leased rules.
If badly programmed/crashed clients leaving open redirects behind is a problem for you, I recommended setting up a daily/weekly miniupnpd service restart and/or a device reboot.
IGDv2 states the following ( https://upnp.org/resources/documents/UPnPIGD2vsIGD1d10032009.pdf ):
PortmappingLeaseTime can have values between 1 to 604800
seconds
If control point uses value 0 to indicate infinite lease time
mapping, it is required that gateway uses maximum value instead
Assuming miniupnpd honors that, it should clean an infinite entry within a week after it was added.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.