[ previous ] [ next ] [ threads ]
 
 From:  Kris Maglione <bsdaemon at comcast dot net>
 To:  Fernando Costa <cusquinho at gmail dot com>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] UPNP
 Date:  Wed, 19 Oct 2005 17:35:07 -0400
Fernando Costa wrote:

>Hey,
>
>Is there any work regarding UPNP support? This shouldent be so
>complex, and its a great feature for windows behind nat boxes.
>  
>
I wouldn't agree that it's a 'great feature', and I agree with the
others who say it is a security hole. At this point, though, it's a
standard that's being implemented, and it works. I think that in certain
circumstances, it could be useful, given limite. I would have no
objection to it being included in m0n0wall, as long is there is an
interface which allows rules to be set (i.e. what computers can forwatd
what port ranges, etc.).

The only places that I see a good use for this are in p2p apps like
BitTorrent (which, by the way, was not designed for movie downloads) and
Skype (I don't know how Skype works, but I don't imagine that 2 NAT'd
clients can communicate directly, at least without uPNP).

Anyway, there is a library which could be used with the client/server
architecture which will hopefully be implemented in the future:
http://upnp.sourceforge.net/