UPNP for 2 devices only

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

creatine

Regular Contributor
I currently have 2 playstation consoles in my home network behind traditional NAT using Merlin FW. The issues arises with certain multiplayer games (Call of Duty) that require an "OPEN" nat type for proper matchmaking, lobby gameplay, etc. I would like to avoid placing both consoles in the DMZ or manually forwarding ports to the consoles (I would require a 2nd public IP). I do not want to activate upnp for all devices; is it possible to activate uPNP only for the 2 consoles ?

Does anyone else have a similar setup ?

 

ColinTaylor

Part of the Furniture
The "allow" range is hard-coded in the config file to be the whole LAN. To change it you would have to write a postconf script that altered that line.
 

creatine

Regular Contributor
Thanks. Your post led me to some additional searching. The solution is "simple". Give my 2 consoles static IP \ DHCP reservations. Create a upnp.postconf in /jffs/scripts/
Then modify the line:

allow 1024-65535 192.168.1.1/255.255.255.0 1-65535

And change the LAN subnet to the individual IPs of my consoles.

Though, I am a complete scripting noob, this is what I have come up with, can you confirm my syntax is correct

Code:
#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

pc_replace "allow 1024-65535 192.168.1.1/255.255.255.0 1-65535" "allow 1024-65535 192.168.1.110/255.255.255.255 1-65535" $CONFIG
pc_insert "allow 1024-65535 192.168.1.1/255.255.255.0 1-65535" "allow 1024-65535 192.168.1.111/255.255.255.255 1-65535" $CONFIG
 

ColinTaylor

Part of the Furniture
The second line needs to be adjusted to match the changes you made in the first, so
Code:
pc_replace "allow 1024-65535 192.168.1.1/255.255.255.0 1-65535" "allow 1024-65535 192.168.1.110/255.255.255.255 1-65535" $CONFIG
pc_insert "allow 1024-65535 192.168.1.110/255.255.255.255 1-65535" "allow 1024-65535 192.168.1.111/255.255.255.255 1-65535" $CONFIG
 

creatine

Regular Contributor
Excellent. I modified the file, restarted the upnp service and now see the following in

cat /tmp/etc/upnp/config


.
.
presentation_url=https://192.168.1.1:8443/
allow 1024-65535 192.168.1.110/255.255.255.255 1-65535
allow 1024-65535 192.168.1.111/255.255.255.255 1-65535

min_lifetime=120
max_lifetime=86400


Thanks for the help.
 

ColinTaylor

Part of the Furniture
Just bear in mind that the script will fail if you change the allowed ports ranges in the GUI or the LAN IP address range.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top