Menu
What's new
By:
Filters Better Search

Restricting UPnP Access

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sinshiva

sinshiva

Very Senior Member
Out of boredom, i decided to look at the most practical methods for restricting access to the UPnP daemon in the event somebody wanted to ONLY enable UPnP for multiple console devices, etc. I considered iptables initially, then postconf and concluded the most user friendly method is going to be to copy the existing config from /tmp/etc/upnp/config to /jffs/configs/upnp

near the bottom, you'll find a line such as;

Code: 
allow 1024-65535 192.168.1.1/255.255.255.0 1-65535

from what i can see, editting this line to read
Code: 
allow 1024-65535 192.168.1.[B]101[/B]/255.255.255.[B]255[/B] 1-65535

will restrict functionality to an ip of 192.168.1.101 and can be reused like;

Code: 
allow 1024-65535 192.168.1.[B]101[/B]/255.255.255.[B]255[/B] 1-65535
allow 1024-65535 192.168.1.[B]102[/B]/255.255.255.[B]255[/B] 1-65535
allow 1024-65535 192.168.1.[B]103[/B]/255.255.255.[B]255[/B] 1-65535

obviously, one will want to set a static IP configuration on the devices or use static dhcp leases. easy peasy.
 
You must log in or register to reply here.

Similar threads

eibgrad
OpenVPN Client: mishandled route directives
Replies
7
Views
831
eibgrad
eibgrad
theirongiant
UPnP issues: port forwarding page not updating properly, and the UPnP config file retains old "deny" entries after removing static port mappings
Replies
2
Views
2K
theirongiant
theirongiant
Karl Perkins
Suggested upnp.postconf, so that /jffs/config/upnp.add actually works as you think it should
Replies
2
Views
1K
Karl Perkins
Karl Perkins
Yota
Solved UPnP doesn't work on CGNAT/Double NAT
Replies
5
Views
5K
ZANGIEF
Z
R
VPN between Asus RT cannot communicate
Replies
3
Views
1K
raynaud
R
Similar threads
Thread starter Title Forum Replies Date
J iTunes and UPnP media server [RT-AC3100] not functioning after firmware upgrade to version 386.14 Asuswrt-Merlin 3
L is enabling firewall necessary (same for upnp) when on a provider with cgnat? Asuswrt-Merlin 5
D Solved UPnP enabled for Aimesh. Asuswrt-Merlin 5
R Disable Intranet access for a LAN port (not the WiFi Guest network)? Asuswrt-Merlin 13
K Solved "Block internet access" does nothing Asuswrt-Merlin 7
T GT BE98 Pro Guest Network Cannot Disable Intranet Access Asuswrt-Merlin 3
E Wireguard can't access devices behind asus router Asuswrt-Merlin 5
R Addition of Block Internet Access Asuswrt-Merlin 5
ali. Access point mode: unable to use AirPlay Asuswrt-Merlin 3
K How to block LAN access for a wired device on ASUS Merlin (Firmware 3004.388.8_2)? Asuswrt-Merlin 12

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 645 (members: 17, guests: 628)
Top