Enable the LinuxNAT server to support UPnP

Source: Internet
Author: User
Article Title: Enable the LinuxNAT server to support UPnP. Linux is a technology channel of the IT lab in China. Including desktop applications, Linux system management, kernel research, embedded systems, open source, and other basic classification references:
UPnP on your Linux 2.4 firewall how-to by bijl
Allow Linux NAT server to support UPnP by lonestar
What kind of dinner does UPnP offer us? by Sharon Crawford


Note: If you have a high requirement on network security or a high requirement on Controllable networks, do not install and configure UPnP support. Otherwise, the network NAT ing will be chaotic, leading to many problems. We recommend that you use UPnP for a small network or a home network.

Recently, some P2P software is often used. It is very troublesome to manually set NAT on a Linux server. However, it seems that many P2P software support UPnP, if you can enable Linux to support UPnP, it will be much easier! So I searched for an article on how to enable Linux to support UPnP on the Internet, so I wrote this article.

1. What is UPnP?

1. Introduction to UPnP
--------------
The UPnP (Universal Plug and Play) technology expands Plug and Play, which simplifies the networking process of smart devices in the home or enterprise. After devices connected to the network physically by using UPnP technology, they can automatically connect to each other through the network, and the connection process does not require user participation.

The UPnP specification is based on the TCP/IP protocol and other Internet protocols for communication between devices. This is why it is called "Universal"-UPnP technology does not rely on specific device drivers, but uses standard protocols. UPnP devices can automatically configure network addresses, declare their presence in a network subnet, and exchange descriptions of devices and services. Windows XP-based computers can act as an UPnP control point to discover and control devices through the program interface.

Compared with the previous plug-and-play, this technology does not seem to have any revolutionary significance. Adding plug-and-play technology to the operating system makes it easier to install, configure, and add peripherals on a single computer. However, UPnP brings a more delicious "big meal" to family users or non-professional users in small office environments. They can use UPnP to play multiplayer games for real-time communication (Internet calls, teleconference) and other technologies such as remote assistance using Windows XP.

2. NAT traversal Technology
------------------
NAT traversal technology allows network applications to detect whether they are located after an UPnP-capable NAT device. Then, these programs will get the shared global routable IP address, configure port ing to forward data packets from the NAT external port to the internal port used by the Application -- all of this is done automatically, and you do not need to manually map the port or perform other work. NAT traversal technology allows network devices or point-to-point applications to dynamically enable and close the communication ports with external services to communicate with external services through the NAT gateway.

2. Deploying UPnP support in Linux

Assume that the Linux kernel version is 2.4.x and the Internet interface is ppp0, the Intranet interface is eth0, and iptables has been enabled to set NAT.

In Linux, the deployment of UPnP mainly uses the combination of two software: UPnP SDK for Linux and LinuxIGD.

:
UPnP SDK for Linux: http://sourceforge.net/projects/upnp/
LinuxIGD: http://linux-igd.sourceforge.net/

Note: To download upnpsdk-1.0.4.tar.gz, Versions later than 1.0.4 cannot work together with LinuxIGD!

A. installation:
----------
1. unpackage UPnP SDK
# Tar xzvf upnpsdk-1.0.4.tar.gz

2. modify source code
To enable Windows MSN Messenger to communicate normally under UPnP, you must modify the source code:
# Cd upnpsdk-1.0.4
# Vi src/ssdp/ssdplib. c
Set the following parameters for rows 406th:

SelfAddr. sin_addr.s_addr = inet_addr (SSDP_IP );

Changed:

SelfAddr. sin_addr.s_addr = htonl (INADDR_ANY );

3. Compile and install the UPnP SDK
# Make
# Make install

4. unpackage Linux-IGD
# Tar xzvf linuxigd-0.92.tgz

5. Compile and install Linux-IGD
# Cd linux-igd
# Make
# Make install

B. Configuration
--------
1. Add multicast routes
# Route add-net 239.0.0.0 netmask route 0.0.0 eth0

2. A Soft link is recommended for iptables.
# Cd/usr/sbin
# Ln-s/sbin/iptables ./

Start UPnP
# Upnpd ppp0 eth0

Diagnose UPnP running status
# Tail/var/log/messages

If you can see:

Dec 14 16:01:49 doorway -- MARK --
Dec 14 16:02:15 doorway upnpd:
The Linux UPnP Internet Gateway Device Ver 0.92 by Dime (dime@gulfsales.com)

Dec 14 16:02:15 doorway upnpd:
Special Thanks for Intel's Open Source SDK and original author Genmei Mori's work.

UPnP is successfully started.

C. Test
--------
Take the P2P network TV PPLive that supports UPnP as an example. Open the UPnP support option in PPLive and connect to a channel.
Run the following command in Linux:
# Tail/var/log/debug-f

If you can see:

Dec 14 16:56:33 doorway upnpd: AddPortMap: RemoteHost: (null) Prot: 17 ExtPort: 3226 Int: 10.0.0.2.3226
Dec 14 16:56:33 doorway upnpd: AddPortMap: RemoteHost: (null) Prot: 6 ExtPort: 3226 Int: 10.0.0.2.3226
Dec 14 16:56:33 doorway upnpd: AddPortMap: RemoteHost: (null) Prot: 6 ExtPort: 3156 Int: 10.0.0.2.3156
Dec 14 16:56:33 doorway upnpd: AddPortMap: RemoteHost: (null) Prot: 6 ExtPort: 3156 Int: 10.0.0.2.3156

It indicates that the PPLive has mapped the port to the UPnP request. If you see such a word, it means that UPnP is fully working.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.