You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/net/portmapper
Jordan Whited 25a0091f69
net/portmapper: relax handling of UPnP resp (#6946)
Gateway devices operating as an HA pair w/VRRP or CARP may send UPnP
replies from static addresses rather than the floating gateway address.
This commit relaxes our source address verification such that we parse
responses from non-gateway IPs, and re-point the UPnP root desc
URL to the gateway IP. This ensures we are still interfacing with the
gateway device (assuming L2 security intact), even though we got a
root desc from a non-gateway address.

This relaxed handling is required for ANY port mapping to work on certain
OPNsense/pfsense distributions using CARP at the time of writing, as
miniupnpd may only listen on the static, non-gateway interface address
for PCP and PMP.

Fixes #5502

Signed-off-by: Jordan Whited <jordan@tailscale.com>
2 years ago
..
disabled_stubs.go all: remove old +build tags 2 years ago
igd_test.go all: fix spelling mistakes 2 years ago
pcp.go all: migrate more code code to net/netip directly 2 years ago
pcp_test.go all: use various net/netip parse funcs directly 2 years ago
pcpresultcode_string.go net/portmapper: make PCP/PMP result codes stringers 3 years ago
pmpresultcode_string.go net/portmapper: make PCP/PMP result codes stringers 3 years ago
portmapper.go net/portmapper: relax handling of UPnP resp (#6946) 2 years ago
portmapper_test.go net/netaddr: start migrating to net/netip via new netaddr adapter package 2 years ago
upnp.go net/portmapper: relax handling of UPnP resp (#6946) 2 years ago
upnp_test.go net/portmapper: add test for Huawei router 2 years ago