Hi. I try not to use uPnP but sometimes a client might be failing because of a closed port and it is annoying to figure it out.
So i was wondering... is there something that do nothing but listen and logs uPnP requests? So if anything is not working properly, i just look at the logs and immediately know what to open up?
...not to mention getting to know if there's something malicious running on the clients trying to open things it is not supposed to.
upnp is indeed considered a security risk. The wikipedia article has several mentions of flaws and vulnerabilities.
There are two major issues with the standard from a security standpoint (not counting any general implementation flaws):
The first generation of the standard could request ports be opened/forwarded to any host on the network by any other host. This means that an infected PC could, for example, poke holes in the firewall aimed at another PC, thus allowing remote exploitation of other vulnerabilities in a given OS. This was fixed in the subsequent revisions (OpenWrt has a "secure" or "strict" mode or something like that) such that a host can only ask for ports forwarded to itself.
Even notwithstanding the issue above, there is no user/admin notification of or control over the ports being opened/forwarded. Therefore, a bit of malware could open ports on the local machine, and in that case it could have specifically started services for whatever purpose it wants.
If you are worried about unauthorized network traffic on LAN, you have bigger issues than uPnP.
Sadly it's the only option for things like multiple Xboxes playing p2p networked games.
I think miniupnpd is not automatically enabled after install, and you could even create the config to have it disabled before installing it, if you are truly worried about a LAN device opening a port the very second you install uPnP.