As you may or may not know I am working on my smart light project.
One of the goals was to control the light from the internet. In order to that I need to make port forward from the router to my openhab server. One way to do that is using the port forward feature of my router. Another way is by requesting forward using UPNP protocol. My ISP got CGNAT, and regular port forward does not work. I am not sure about it but it seems that UPNP still works despite the CGNAT. After I decided I am using UPNP, I searched for some CLI UPNP utility, and found Miniupnp, Very simple tool. Tried it, didnt work :(
Maybe my router does not support UPNP? that can not be right, I am using uTorrent, and its UPNP process succeeds.
If uTorrent works, and Miniupnp don't, it's time for Wireshark!
First of all I started looking in uTorrent UPNP process, and indeed, everything looks well.
At first look I didnt see anything, but when I compare the data with Miniupnp I saw the bug clearly.
uTorrent starts the upnp discovery process, finds the router, and asks it for upnp services at port 5431. It looks like this
I ended the stream on URLBase for a reason. The router UPNP server return URLBase parameter with its own ip at port #80. But then, instead of switching to port 80, uTorrent continue in port 5431 and the UPNP process succeeds.
Miniupnp actually listen to what my UPNP server has to say, and switches to port 80, and failing as there is no UPNP service there!
One way to fix this problem is to patch Miniupnp
Replacing data->urlbase with some hardcoded url or ignoring the port in the url string,
Which works, but patching Miniupnp is wrong, it's not a problem with miniupnp!
Now that we decided that patching the router UPNP server is the way let's get started.
If you remember, I once managed to compile my router firmware from "source", so going back to firmware "source" will get the UNP server code. Wrong!
Under the firmware there is the open source tools, with their code, and the closed source tools.. with their binaries. Got the UPNP server binary, open it up with hex editor, finds the URLBase string, actually the entire XML response was one string. Removed some "\r\n" in XML response so I can push the right port number instead of 80
I mean it is a real dumb bug. My router firmware is influenced by my ISP, probably my ISP and d'link had miscommunicated and this bug happened on the way.
Hope this trick can help you with UPNP
Thanks for reading!
No comments:
Post a Comment