FreshTomato Wiki

User Tools

Site Tools

Trace:
forward-upnp

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
forward-upnp [2023/06/24 16:33] – -add Forwarded Ports level2 head. Explain columns in its table, formatting hogwildforward-upnp [2023/06/27 16:41] (current) – [UPnP/NAT-PMP] -condense hogwild
Line 1: Line 1:
 ===== UPnP/NAT-PMP ===== ===== UPnP/NAT-PMP =====
  
-UPnP (Universal Plug and Play) is a controversial protocol that allows fully dynamic (automatic) port mapping from LAN IP addresses onto the Internet. UPnP has been criticized for its poor security. With this protocol, each program that uses the network maps its own ports automatically. In the screenshot below, the WhatsApp application has mapped certain ports on FreshTomato's WAN IP/Interface.+UPnP (Universal Plug and Play) is a controversial protocol that allows fully dynamic (automatic) port mapping from LAN IP addresses onto the Internet. It has been criticized for its poor security. With UPnP, each network program maps its own ports automatically. In the screenshot below, WhatsApp has mapped certain ports on FreshTomato's WAN IP/Interface.
  
-UPnP is the original implementation of this dynamic port-mapping protocol. NAT-PMP (NAT Port Mapping Protocol) is a newer, enhanced version of UPnP, designed for better compatibility with NAT routing. NAT-PMP is part of Apple's Bonjour protocol, and is often used for streaming iTunes and other media.+UPnP is the original implementation of this protocol. NAT-PMP (Port Mapping Protocol) is a newer, enhanced version of UPnP, designed for better compatibility with NAT routing. NAT-PMP is part of Apple's Bonjour protocol, and is often used for streaming iTunes and other media.
  
 If you use dynamic port forwarding, you'll probably want to enable both protocols to maintain backward compatibility. If you use dynamic port forwarding, you'll probably want to enable both protocols to maintain backward compatibility.
  
-===== Forwarded Ports ===== 
  
-This section contains a table that displays ports which are currently forwarded (with their external and internal port numbers).+===== Settings =====
  
-The Internal Address column displays the internal IP address which has triggered its own port mapping.+**Enable UPnP:**  Checking this enable UPnP.
  
-The Protocol column displays which protocol (TCP or UDP) is being flowing for the mapping in question.+**Enable NAT-PMP:**  Checking this enables NAT-PMP.
  
-**Enable UPnP:** Enable and Disable UPnP.+**Inactive Rule Cleaning:**  Enabling this sets the timeout period to remove rules counted from the last time traffic was flowing.
  
-**Enable NAT-PMP:** Enable/Disable NAT-PMP.+ \\
  
-**Inactive Rule Cleaning:** This sets the timeout period to remove rules counted from the last time traffic was flowing.+{{::port_forwarding-upnp-settings-2023.2.jpg?816}}
  
-**Cleaning Interval: **This specifies how often the cleaning sub-process is executed.+ \\
  
-[[https://wiki.freshtomato.org/lib/exe/detail.php?id=upnp_nat-pmp&media=41c60df0025cd4247062abe372736c19.png|{{:41c60df0025cd4247062abe372736c19.png}}]]+**Cleaning Threshold:** Here, you set the maximum number of rules to be removed by an Interval.
  
-**Cleaning Interval:**  This specifies how often the cleaning sub-process is executed.+**Secure Mode** Enabling this allows only the "owner LAN IP address" to trigger its own mapping/unmapping. In other words, the client is only allowed to map an incoming port to its own IP address, not to another address.
  
-**Cleaning Threshold:** This sets the maximum number of rules to be removed by an Interval.+**Enable on:**  This allows you to enable UPnp/NATPMP only on certain VLANs.
  
-**Secure Mode**: Allows only the "owner LAN IP" to trigger its own mapping/unmapping. In other words, the client could only map an incoming port to its own IP address, not to another IP address.+**Show in My Network Places:**  If enabled, this makes FreshTomato appear as a gateway in Windows' browsable LAN network (WORKGROUP or HOMEGROUP).
  
-**Enable on**: This allows you to enable UPnp/NATPMP only on certain VLANs. +**Miniupnpd custom config:**  In this field, you can enter custom configuration options not available in the web interface. In the image aboveall UPnP requests/mappings are denied for address 10.10.10.4, the only host on that subnet.\\ \\  \\ 
- + \\  
-**Show in My Network Places**: If enabled, this makes FreshTomato appear as a gateway in Windows' browsable LAN network (WORKGROUP or HOMEGROUP). + \\  
- + \\ 
-**Miniupnpd custom config:** In this field, you can enter custom configuration options not available in the web interface. In the image below, UPnP requests/mappings are denied for a specific IP address only.\\  \\  \\+
  
  
forward-upnp.1687620822.txt.gz · Last modified: 2023/06/24 16:33 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki