[ previous ] [ next ] [ threads ]
 
 From:  "Giobbi, Ryan" <rgiobbi at AGOC dot com>
 To:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>, "Peter Allgeyer" <allgeyer at web dot de>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>, "Chris Buechler" <cbuechler at gmail dot com>
 Subject:  RE: [m0n0wall] Re: UPnP as a possible future option?
 Date:  Mon, 5 Dec 2005 08:06:49 -0500
Which daemon are you referring to? You should check out the Shorewall
mailing list - they don't seem to have the same problem. 

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Monday, December 05, 2005 4:19 AM
To: Peter Allgeyer; Giobbi, Ryan
Cc: m0n0wall at lists dot m0n0 dot ch; Chris Buechler
Subject: RE: [m0n0wall] Re: UPnP as a possible future option?

I last year builded a linux firewall for a client which wanted to have
UPNP for there LAN to the internet connection.

I told him the danger of this but he still wanted to have this (and he
payed for it) so I did it.

After running that box for a half year now it turns out to be very
unstable with the free UPNP daemon running (the UPNP daemon just crashes
at certain points leaving the ports open).

I also patched the daemon to also cleanup certain ports and added some
security checks but even then the rest of the daemons are unstable...

I don't think it's a good idea to have unstable software on a firewall
that tries to be stable...

J. 

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------

-----Oorspronkelijk bericht-----
Van: Peter Allgeyer [mailto:allgeyer at web dot de]
Verzonden: donderdag 1 december 2005 12:10
Aan: Giobbi, Ryan
CC: m0n0wall at lists dot m0n0 dot ch; Chris Buechler
Onderwerp: RE: [m0n0wall] Re: UPnP as a possible future option?

Am Mittwoch, den 30.11.2005, 20:54 -0500 schrieb Giobbi, Ryan:
> In all seriousness, let me explain something.  Open source works when 
> people contribute what they want to see in a project.  It *DOES NOT* 
> work when people do nothing but bitch, moan and complain about what 
> they want and don't do anything about it.  Want uPNP?  Make an image 
> with support that works, and submit the code to Manuel and/or the dev 
> list. Obviously from past threads, those of us that contribute 
> couldn't give a shit less if uPNP is supported or not.  The other 
> alternative is to offer up $X for whoever can implement uPNP.  If X is

> sufficiently large, someone will do it.  This isn't a whining 
> competition with the winner getting whatever feature they want.
> 
> If it doesn't make it into the base system, I would gladly host the 
> uPNP-enabled images on my site, and link to them from the 
> documentation, so the effort wouldn't be for naught.
> 
> sorry, tired as hell of this and similar crap that people want to moan

> about but do nothing to resolve.

Thanks, Chris (or Ryan?). Exactly what I'm thinking of it.

BR,
  PIT


------------------------------------------------------------------------
---
 copyleft(c) by |           People disagree with me. I just ignore them.
 Peter Allgeyer |   _-_     -- Linus Torvalds, regarding the use of C++
                | 0(o_o)0   for the Linux kernel
---------------oOO--(_)--OOo--------------------------------------------
---



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch