Re: can the UPnP media port for gupnp-av-cp be configured?
- From: Jim Snyder <jhsnyder gmail com>
- To: Jens Georg <mail jensge org>
- Cc: gupnp-list gnome org
- Subject: Re: can the UPnP media port for gupnp-av-cp be configured?
- Date: Tue, 19 Mar 2013 07:58:14 -0400
On Mon, Mar 18, 2013 at 8:43 AM, Jens Georg
<mail jensge org> wrote:
> gupnp-av-cp uses dynamic ports by default.
>
>
> 1) is it possible to configure the gupnp-av-cp dynamic port to a
> one-time static assignment (er, 8200)? ...
>
>
> ... and if so, how?
>
>
> I've poked around online for documentation, done the Google thing, and
> grepped through system files ... no joy.
There is no way but we can add one.
I'd find that convenient. :-)
Whether anyone else sees a use for a static port is a different question.
> 2) Whether or not gupnp-av-cp can be so configured, how does a network
> admin configure static firewalls on nodes on a local LAN (no router
> traversal / IGD) to deal with dynamic ports?
> Linux, however ...
>
>
> ... I've been looking at packet traces from UPnP sessions with
> minidlna, rygel-as-UPnP renderers, gupnp-av-cp, etc, and I don't see
> how conventional iptables port-based firewalls can be compatible with
> UPnP dynamic ports.
I think the "traditional" way would be a non-trivial conntrack helper to
parse the SSDP packets.
Right, that seems like the cleanest way to open UPnP ports on demand. I prefer to keep firewall mechanisms as simple as possible, on the grounds that the more complex the mechanism, the more likely the mechanism becomes another vulnerability... but there aren't a lot of alternatives.
Thanks for the suggestion..
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
