miniupnp编译与使用

ipv6相关的资料UPnP-gw-WANIPv6FirewallControl-v1-Service.pdf

miniupnpd

# 开启debug模式，了解更加详细
$ ./configure --ipv6 --debug
$ make

配置文件如下，最后./miniupnpd -f miniupnpd.conf -d启动，-d可以看到输出的信息，程序中使用了syslog输出日志，相关日志可以在/var/log/messages查看。

$ vim miniupnpd.conf
# 具体内容如下
ext_ifname=ens33
listening_ip=ens33
http_port=0
ipv6_disable=yes
secure_mode=no
system_uptime=yes
notify_interval=60
clean_ruleset_interval=600
uuid=00000000-0000-0000-0000-000000000000
allow 1024-65535 192.168.0.0/24 1024-65535
# disallow requests whose description string matches the given regex
# deny 1024-65535 192.168.1.0/24 1024-65535 "My evil app ver [[:digit:]]*"
allow 1024-65535 192.168.1.0/24 1024-65535
allow 1024-65535 192.168.0.0/23 22
allow 12345 192.168.7.113/32 54321
deny 0-65535 0.0.0.0/0 0-65535

$ ./miniupnpd -f miniupnpd.conf -d
# 如果是在路由器上，可以不用启动miniupnpd服务端，因为它本身有网关程序

# ipv6模式下报错：可能需要修改源代码，不支持在本设备跑sever再跑client，miniupnpd 需要部署在网关中
miniupnpd[7241]: Received UDP Packet (IPv6)
miniupnpd[7241]: get_lan_for_peer() looking for LAN interface index=2
miniupnpd[7241]: ifname=eth0 index=2 str=192.168.1.2 addr=c0a80102 mask=ffffff00
miniupnpd[7241]: ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1 (ver=1)
miniupnpd[7241]: SSDP M-SEARCH from [fe80::d160:df3c:91b8:1bcf%eth0]:63218 ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
miniupnpd[7241]: Single search found
miniupnpd[7241]: SendSSDPResponse(): 0 bytes to [fe80::d160:df3c:91b8:1bcf%eth0]:63218 ST: HTTP/1.1 200 OK
CACHE-CONTROL: max-age=120
ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
USN: uuid:00000000-0000-0000-0000-000000000000::urn:schemas-upnp-org:device:InternetGatewayDevice:1
EXT:
SERVER: Linux/5.4.170-1.el7.elrepo.x86_64 UPnP/1.1 MiniUPnPd/2.3.1
LOCATION: http://[2408:822a:2901:8780:243c:64ef:3b02:4982]:31877/rootDesc.xml
OPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01
01-NLS: 1675676683
BOOTID.UPNP.ORG: 1675676683
CONFIGID.UPNP.ORG: 1337

miniupnpd[7241]: get_src_for_route_to ([2408:822a:2901:8780:243c:64ef:3b02:4982]:7784)
miniupnpd[7241]: get_lan_for_peer() looking for LAN interface index=1
miniupnpd[7241]: ifname=eth0 index=2 str=192.168.1.2 addr=c0a80102 mask=ffffff00
miniupnpd[7241]: HTTP peer [2408:822a:2901:8780:243c:64ef:3b02:4982]:7784 is not from a LAN, closing the connection

miniupnpc

编译及使用方法。

$ make
# 交叉编译，只能生成静态文件
# export CC=/root/x86_64-linux-musl-cross/bin/x86_64-linux-musl-gcc
# export LDFLAGS=-static
# 文件生成到build目录
$ cd build
# ipv4: 4444是内网端口，9999是映射出来的外网端口
$ ./upnpc-static -i -a 192.168.1.2 4444 9999 TCP
# 本地ipv4报错：
ai_family=2 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
SOAP request : POST /ctl/IPConn HTTP/1.1 - Host: 192.168.130.188:9300
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping" - Content-Length: 599
Headers :
POST /ctl/IPConn HTTP/1.1
Host: 192.168.130.188:9300
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 599
Content-Type: text/xml
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>19091</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44443</NewInternalPort><NewInternalClient>192.168.130.188</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>libminiupnpc</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>

HTTP status code = 500, Reason phrase = Internal Server Error
header='Content-Type', value='text/xml; charset="utf-8"'
header='Connection', value='close'
header='Content-Length', value='406'
Content-Length: 406
header='Server', value='Linux/3.10.0-1160.42.2.el7.x86_64 UPnP/1.1 MiniUPnPd/2.3.1'
header='Ext', value=''
End of HTTP content
HTTP 500 SOAP Response :
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><s:Fault><faultcode>s:Client</faultcode><faultstring>UPnPError</faultstring><detail><UPnPError xmlns="urn:schemas-upnp-org:control-1-0"><errorCode>718</errorCode><errorDescription>ConflictInMappingEntry</errorDescription></UPnPError></detail></s:Fault></s:Body></s:Envelope>
AddPortMapping(19091, 44443, 192.168.130.188) failed with code 718 (ConflictInMappingEntry)

# ipv6模式下报错：可能需要修改miniupnpd的源代码
$ ./upnpc-static -6 -i -m eth0 -A 0 0 ::1 5900 TCP 300
upnpc : miniupnpc library test client, version 2.2.4.
 (c) 2005-2022 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
ipv6: 1
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
scope_id=2
M-SEARCH Reply:
  ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
  USN: uuid:00000000-0000-0000-0000-000000000000::urn:schemas-upnp-org:device:InternetGatewayDevice:1
  Location: http://[2408:822a:2901:8780:243c:64ef:3b02:4982]:31877/rootDesc.xml
NODATA or TIMEOUT
List of UPNP devices found on the network :
 desc: http://[2408:822a:2901:8780:243c:64ef:3b02:4982]:31877/rootDesc.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

parsed url : hostname='[2408:822a:2901:8780:243c:64ef:3b02:4982]' port=31877 path='/rootDesc.xml' scope_id=2
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
address miniwget : 2408:822a:2901:8780:243c:64ef:3b02:4982
recv: Connection reset by peer
error getting XML description http://[2408:822a:2901:8780:243c:64ef:3b02:4982]:31877/rootDesc.xml
No valid UPNP Internet Gateway Device found.

# 网关自带upnpd的情况下，报错，应该是不支持ipv6：
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:service:WANIPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:service:WANIPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:service:WANPPPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:service:WANPPPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: upnp:rootdevice
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: upnp:rootdevice
NODATA or TIMEOUT
No IGD UPnP Device found on the network !

# jsys68eda40ec959 网关自带upnpd的情况下，报错，但至少有几步是成功的了。
# 参考：http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=2494&highlight=request
# enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
#     inet 192.168.68.66  netmask 255.255.255.0  broadcast 192.168.68.255
#     inet6 fe80::5853:69af:fff:d118  prefixlen 64  scopeid 0x20<link>
#     inet6 2408:8214:5810:b1d0::170  prefixlen 128  scopeid 0x0<global>
#     inet6 2408:8214:5810:b1d0:8595:1b54:52da:4450  prefixlen 64  scopeid 0x0<global>
#     ether 68:ed:a4:0e:c9:5a  txqueuelen 1000  (Ethernet)
#     RX packets 1024437260  bytes 334058324758 (311.1 GiB)
#     RX errors 0  dropped 1903  overruns 0  frame 0
#     TX packets 2089120382  bytes 2875319893527 (2.6 TiB)
#     TX errors 10  dropped 0 overruns 0  carrier 0  collisions 1
#
# curl -v -6 -X POST -H "SOAPAction: #AddPinhole" -H "Content-Type: text/xml" http://[fe80::12b6:57de:e4cd:1166%enp3s0]:2869
$ ./upnpc-static -6 -i -m enp3s0 -A "" 0 2408:8214:5810:b1d0::170 5900 TCP 300
upnpc : miniupnpc library test client, version 2.2.4.
 (c) 2005-2022 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
ipv6: 1
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:service:WANIPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:service:WANIPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:service:WANPPPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF05::C] with ST: urn:schemas-upnp-org:service:WANPPPConnection:1
NODATA or TIMEOUT
Sending M-SEARCH request to [FF02::C] with ST: upnp:rootdevice
scope_id=3
M-SEARCH Reply:
  ST: upnp:rootdevice
  USN: uuid:02b0efb6-b1dd-43ad-9fb0-2ea7074cf8b2::upnp:rootdevice
  Location: http://[fe80::12b6:57de:e4cd:1166]:2869/upnphost/udhisapi.dll?content=uuid:02b0efb6-b1dd-43ad-9fb0-2ea7074cf8b2
NODATA or TIMEOUT
List of UPNP devices found on the network :
 desc: http://[fe80::12b6:57de:e4cd:1166]:2869/upnphost/udhisapi.dll?content=uuid:02b0efb6-b1dd-43ad-9fb0-2ea7074cf8b2
 st: upnp:rootdevice

parsed url : hostname='[fe80::12b6:57de:e4cd:1166]' port=2869 path='/upnphost/udhisapi.dll?content=uuid:02b0efb6-b1dd-43ad-9fb0-2ea7074cf8b2' scope_id=3
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
address miniwget : fe80::5853:69af:fff:d118%enp3s0
HTTP status code = 200, Reason phrase = OK
header='Content-Length', value='4282'
Content-Length: 4282
header='Content-Type', value='text/xml; charset="utf-8"'
header='Server', value='Microsoft-Windows/10.0 UPnP/1.0 UPnP-Device-Host/1.0 Microsoft-HTTPAPI/2.0'
header='Date', value='Tue, 07 Feb 2023 10:52:38 GMT'
header='Connection', value='close'
End of HTTP content
urlbase = ''
WAN Device (Common interface config) :
 serviceType = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
primary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
urlbase = ''
WAN Device (Common interface config) :
 serviceType = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
primary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
urlbase = ''
WAN Device (Common interface config) :
 serviceType = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
primary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
urlbase = ''
WAN Device (Common interface config) :
 serviceType = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
primary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
urls->ipcondescURL='http://[fe80::12b6:57de:e4cd:1166%25enp3s0]:2869/'
urls->controlURL='http://[fe80::12b6:57de:e4cd:1166%25enp3s0]:2869/'
urls->controlURL_CIF='http://[fe80::12b6:57de:e4cd:1166%25enp3s0]:2869/'
urls->controlURL_6FC='http://[fe80::12b6:57de:e4cd:1166%25enp3s0]:2869/'
UPnP device found. Is it an IGD ? : http://[fe80::12b6:57de:e4cd:1166%25enp3s0]:2869/
Trying to continue anyway
Local LAN ip address : fe80::5853:69af:fff:d118%enp3s0
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
SOAP request : POST / HTTP/1.1 - Host: [fe80::12b6:57de:e4cd:1166%25enp3s0]:2869
SOAPAction: "#AddPinhole" - Content-Length: 408
Headers :
POST / HTTP/1.1
Host: [fe80::12b6:57de:e4cd:1166%25enp3s0]:2869
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 408
Content-Type: text/xml
SOAPAction: "#AddPinhole"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPinhole xmlns:u=""><RemoteHost></RemoteHost><RemotePort>0</RemotePort><Protocol>6</Protocol><InternalPort>5900</InternalPort><InternalClient>2408:8214:5810:b1d0::170</InternalClient><LeaseTime>300</LeaseTime></u:AddPinhole></s:Body></s:Envelope>

HTTP status code = 400, Reason phrase = Bad Request
header='Content-Type', value='text/html; charset=us-ascii'
header='Server', value='Microsoft-HTTPAPI/2.0'
header='Date', value='Tue, 07 Feb 2023 10:52:38 GMT'
header='Connection', value='close'
header='Content-Length', value='334'
Content-Length: 334
End of HTTP content
HTTP 400 SOAP Response :
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

AddPinhole: ([]:0 -> [2408:8214:5810:b1d0::170]:5900) / Pinhole ID =

# 另外的错误
root@jsys00e26939db0e:/# ./upnpc-static -6 -i -m enp1s0 -A "" 0 2409:8a6c:4f18:3bb0:c136:754c:5910:a90a 5900 TCP 300
upnpc : miniupnpc library test client, version 2.2.4.
 (c) 2005-2022 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
ipv6: 1
Sending M-SEARCH request to [FF02::C] with ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
scope_id=2
M-SEARCH Reply:
  ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
  USN: uuid:20809696-105a-3721-e8b8-30cc21a4b280::urn:schemas-upnp-org:device:InternetGatewayDevice:1
  Location: http://[fe80::1]:52869/gatedescV6.xml
NODATA or TIMEOUT
List of UPNP devices found on the network :
 desc: http://[fe80::1]:52869/gatedescV6.xml
 st: urn:schemas-upnp-org:device:InternetGatewayDevice:1

parsed url : hostname='[fe80::1]' port=52869 path='/gatedescV6.xml' scope_id=2
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
address miniwget : fe80::520a:e96:40e5:c20%enp1s0
HTTP status code = 200, Reason phrase = OK
header='CONTENT-LENGTH', value='3987'
Content-Length: 3987
header='CONTENT-TYPE', value='text/xml'
header='DATE', value='Wed, 08 Feb 2023 02:26:53 GMT'
header='LAST-MODIFIED', value='Tue, 07 Feb 2023 16:53:49 GMT'
header='SERVER', value='Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18'
header='X-User-Agent', value='redsonic'
header='CONNECTION', value='close'
End of HTTP content
urlbase = 'http://[fe80::1]:52869'
WAN Device (Common interface config) :
 serviceType = 'urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1'
 controlURL = '/upnp/control/WANCommonIFC1'
 eventSubURL = '/upnp/control/WANCommonIFC1'
 SCPDURL = '/gateicfgSCPD.xml'
primary WAN Connection Device (IP or PPP Connection):
 servicetype = 'urn:schemas-upnp-org:service:WANIPConnection:1'
 controlURL = '/upnp/control/WANIPConn1'
 eventSubURL = '/upnp/control/WANIPConn1'
 SCPDURL = '/gateconnSCPD.xml'
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = 'urn:schemas-upnp-org:service:WANIPv6FirewallControl:1'
 controlURL = '/upnp/control/WANIPv6FwCtrl1'
 eventSubURL = '/upnp/control/WANIPv6FwCtrl1'
 SCPDURL = '/gatev6fwctrlSCPD.xml'
urlbase = 'http://[fe80::1]:52869'
WAN Device (Common interface config) :
 serviceType = 'urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1'
 controlURL = '/upnp/control/WANCommonIFC1'
 eventSubURL = '/upnp/control/WANCommonIFC1'
 SCPDURL = '/gateicfgSCPD.xml'
primary WAN Connection Device (IP or PPP Connection):
 servicetype = 'urn:schemas-upnp-org:service:WANIPConnection:1'
 controlURL = '/upnp/control/WANIPConn1'
 eventSubURL = '/upnp/control/WANIPConn1'
 SCPDURL = '/gateconnSCPD.xml'
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = 'urn:schemas-upnp-org:service:WANIPv6FirewallControl:1'
 controlURL = '/upnp/control/WANIPv6FwCtrl1'
 eventSubURL = '/upnp/control/WANIPv6FwCtrl1'
 SCPDURL = '/gatev6fwctrlSCPD.xml'
urls->ipcondescURL='http://[fe80::1%25enp1s0]:52869/gateconnSCPD.xml'
urls->controlURL='http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPConn1'
urls->controlURL_CIF='http://[fe80::1%25enp1s0]:52869/upnp/control/WANCommonIFC1'
urls->controlURL_6FC='http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPv6FwCtrl1'
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
SOAP request : POST /upnp/control/WANIPConn1 HTTP/1.1 - Host: [fe80::1%25enp1s0]:52869
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo" - Content-Length: 271
Headers :
POST /upnp/control/WANIPConn1 HTTP/1.1
Host: [fe80::1%25enp1s0]:52869
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 271
Content-Type: text/xml
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#GetStatusInfo"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:GetStatusInfo xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"></u:GetStatusInfo></s:Body></s:Envelope>

HTTP status code = 200, Reason phrase = OK
header='CONTENT-LENGTH', value='454'
Content-Length: 454
header='CONTENT-TYPE', value='text/xml; charset="utf-8"'
header='DATE', value='Wed, 08 Feb 2023 02:26:53 GMT'
header='EXT', value=''
header='SERVER', value='Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18'
header='X-User-Agent', value='redsonic'
End of HTTP content
HTTP 200 SOAP Response :
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<u:GetStatusInfoResponse xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1">
<NewConnectionStatus>Connected</NewConnectionStatus>
<NewLastConnectionError>ERROR_NONE</NewLastConnectionError>
<NewUptime>34382</NewUptime>
</u:GetStatusInfoResponse>
</s:Body>
</s:Envelope>

UPNPIGD_IsConnected2(http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPConn1) = 1
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
SOAP request : POST /upnp/control/WANIPConn1 HTTP/1.1 - Host: [fe80::1%25enp1s0]:52869
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress" - Content-Length: 285
Headers :
POST /upnp/control/WANIPConn1 HTTP/1.1
Host: [fe80::1%25enp1s0]:52869
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 285
Content-Type: text/xml
SOAPAction: "urn:schemas-upnp-org:service:WANIPConnection:1#GetExternalIPAddress"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:GetExternalIPAddress xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"></u:GetExternalIPAddress></s:Body></s:Envelope>

HTTP status code = 200, Reason phrase = OK
header='CONTENT-LENGTH', value='383'
Content-Length: 383
header='CONTENT-TYPE', value='text/xml; charset="utf-8"'
header='DATE', value='Wed, 08 Feb 2023 02:26:53 GMT'
header='EXT', value=''
header='SERVER', value='Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18'
header='X-User-Agent', value='redsonic'
End of HTTP content
HTTP 200 SOAP Response :
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<u:GetExternalIPAddressResponse xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1">
<NewExternalIPAddress>10.64.166.191</NewExternalIPAddress>
</u:GetExternalIPAddressResponse>
</s:Body>
</s:Envelope>

UPNPIGD_addr_is_reserved(10.64.166.191) = true
urlbase = 'http://[fe80::1]:52869'
WAN Device (Common interface config) :
 serviceType = 'urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1'
 controlURL = '/upnp/control/WANCommonIFC1'
 eventSubURL = '/upnp/control/WANCommonIFC1'
 SCPDURL = '/gateicfgSCPD.xml'
primary WAN Connection Device (IP or PPP Connection):
 servicetype = 'urn:schemas-upnp-org:service:WANIPConnection:1'
 controlURL = '/upnp/control/WANIPConn1'
 eventSubURL = '/upnp/control/WANIPConn1'
 SCPDURL = '/gateconnSCPD.xml'
secondary WAN Connection Device (IP or PPP Connection):
 servicetype = ''
 controlURL = ''
 eventSubURL = ''
 SCPDURL = ''
WAN IPv6 Firewall Control :
 servicetype = 'urn:schemas-upnp-org:service:WANIPv6FirewallControl:1'
 controlURL = '/upnp/control/WANIPv6FwCtrl1'
 eventSubURL = '/upnp/control/WANIPv6FwCtrl1'
 SCPDURL = '/gatev6fwctrlSCPD.xml'
urls->ipcondescURL='http://[fe80::1%25enp1s0]:52869/gateconnSCPD.xml'
urls->controlURL='http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPConn1'
urls->controlURL_CIF='http://[fe80::1%25enp1s0]:52869/upnp/control/WANCommonIFC1'
urls->controlURL_6FC='http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPv6FwCtrl1'
Found a (not connected?) IGD : http://[fe80::1%25enp1s0]:52869/upnp/control/WANIPConn1
Trying to continue anyway
Local LAN ip address : fe80::520a:e96:40e5:c20%enp1s0
ai_family=10 ai_socktype=1 ai_protocol=6 (PF_INET=2, PF_INET6=10)
SOAP request : POST /upnp/control/WANIPv6FwCtrl1 HTTP/1.1 - Host: [fe80::1%25enp1s0]:52869
SOAPAction: "urn:schemas-upnp-org:service:WANIPv6FirewallControl:1#AddPinhole" - Content-Length: 476
Headers :
POST /upnp/control/WANIPv6FwCtrl1 HTTP/1.1
Host: [fe80::1%25enp1s0]:52869
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 476
Content-Type: text/xml
SOAPAction: "urn:schemas-upnp-org:service:WANIPv6FirewallControl:1#AddPinhole"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPinhole xmlns:u="urn:schemas-upnp-org:service:WANIPv6FirewallControl:1"><RemoteHost></RemoteHost><RemotePort>0</RemotePort><Protocol>6</Protocol><InternalPort>5900</InternalPort><InternalClient>2409:8a6c:4f18:3bb0:c136:754c:5910:a90a</InternalClient><LeaseTime>300</LeaseTime></u:AddPinhole></s:Body></s:Envelope>

HTTP status code = 500, Reason phrase = Internal Server Error
header='CONTENT-LENGTH', value='457'
Content-Length: 457
header='CONTENT-TYPE', value='text/xml; charset="utf-8"'
header='DATE', value='Wed, 08 Feb 2023 02:26:53 GMT'
header='EXT', value=''
header='SERVER', value='Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18'
header='X-User-Agent', value='redsonic'
End of HTTP content
HTTP 500 SOAP Response :
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">
<errorCode>705</errorCode>
<errorDescription>ProtocolNotSupported</errorDescription>
</UPnPError>
</detail>
</s:Fault>
</s:Body>
</s:Envelope>

AddPinhole([]:0 -> [2409:8a6c:4f18:3bb0:c136:754c:5910:a90a]:5900) failed with code 705 (ProtocolNotSupported)

# 查看gatedescV6
root@jsys00e26939db0e:/# curl -v -6 http://[fe80::1%25enp1s0]:52869/gatedescV6.xml
*   Trying fe80::1:52869...
* Connected to fe80::1 (fe80::1) port 52869 (#0)
> GET /gatedescV6.xml HTTP/1.1
> Host: [fe80::1]:52869
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< CONTENT-LENGTH: 3987
< CONTENT-TYPE: text/xml
< DATE: Wed, 08 Feb 2023 02:49:54 GMT
< LAST-MODIFIED: Tue, 07 Feb 2023 16:53:49 GMT
< SERVER: Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
< X-User-Agent: redsonic
< CONNECTION: close
<
<?xml version="1.0"?>
<root xmlns="urn:schemas-upnp-org:device-1-0">
  <specVersion>
    <major>1</major>
    <minor>0</minor>
  </specVersion>
  <URLBase>http://[fe80::1]:52869</URLBase>
  <device>
    <deviceType>urn:schemas-upnp-org:device:InternetGatewayDevice:1</deviceType>
    <friendlyName>F673AV9a</friendlyName>
    <manufacturer>ZTE</manufacturer>
    <manufacturerURL>http://www.zte.com</manufacturerURL>
    <modelDescription>ZTE Broadband Home Gateway</modelDescription>
    <modelName>F673AV9a</modelName>
    <modelNumber>V1.0</modelNumber>
    <modelURL>http://www.zte.com</modelURL>
    <UDN>uuid:20809696-105a-3721-e8b8-30cc21a4b280</UDN>
    <UPC></UPC>
    <serialNumber>ZTEGCE2B7813</serialNumber>
    <iconList>
      <icon>
        <mimetype>image/gif</mimetype>
        <width>118</width>
        <height>119</height>
        <depth>8</depth>
        <url>/ligd.gif</url>
      </icon>
    </iconList>
    <serviceList>
      <service>
        <serviceType>urn:schemas-microsoft-com:service:OSInfo:1</serviceType>
        <serviceId>urn:microsoft-com:serviceId:OSInfo1</serviceId>
        <controlURL>/upnp/control/OSInfo1</controlURL>
        <eventSubURL>/upnp/event/OSInfo1</eventSubURL>
        <SCPDURL>/gateinfoSCPD.xml</SCPDURL>
      </service>
    </serviceList>
    <deviceList>
      <device>
        <deviceType>urn:schemas-upnp-org:device:WANDevice:1</deviceType>
        <friendlyName>F673AV9a</friendlyName>
        <manufacturer>ZTE</manufacturer>
        <manufacturerURL>http://www.zte.com</manufacturerURL>
        <modelDescription>WAN Device on Linux IGD</modelDescription>
        <modelName>F673AV9a</modelName>
        <modelNumber>V1.0</modelNumber>
        <modelURL>http://www.zte.com</modelURL>
        <UDN>uuid:20809696-205a-3721-e8b8-30cc21a4b280</UDN>
        <UPC></UPC>
        <serialNumber>ZTEGCE2B7813</serialNumber>
        <serviceList>
          <service>
            <serviceType>urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1</serviceType>
            <serviceId>urn:upnp-org:serviceId:WANCommonIFC1</serviceId>
            <controlURL>/upnp/control/WANCommonIFC1</controlURL>
            <eventSubURL>/upnp/control/WANCommonIFC1</eventSubURL>
            <SCPDURL>/gateicfgSCPD.xml</SCPDURL>
          </service>
        </serviceList>
        <deviceList>
          <device>
            <deviceType>urn:schemas-upnp-org:device:WANConnectionDevice:1</deviceType>
            <friendlyName>F673AV9a</friendlyName>
            <manufacturer>ZTE</manufacturer>
            <manufacturerURL>http://www.zte.com</manufacturerURL>
            <modelDescription>WanConnectionDevice ZTE HGW</modelDescription>
            <modelName>F673AV9a</modelName>
            <modelNumber>V1.0</modelNumber>
            <modelURL>http://www.zte.com</modelURL>
            <UDN>uuid:20809696-305a-3721-e8b8-30cc21a4b280</UDN>
            <UPC></UPC>
            <serialNumber>ZTEGCE2B7813</serialNumber>
            <serviceList>
              <service>
                <serviceType>urn:schemas-upnp-org:service:WANIPConnection:1</serviceType>
                <serviceId>urn:upnp-org:serviceId:WANIPConn1</serviceId>
                <controlURL>/upnp/control/WANIPConn1</controlURL>
                <eventSubURL>/upnp/control/WANIPConn1</eventSubURL>
                <SCPDURL>/gateconnSCPD.xml</SCPDURL>
              </service>
              <service>
                <serviceType>urn:schemas-upnp-org:service:WANIPv6FirewallControl:1</serviceType>
                <serviceId>urn:upnp-org:serviceId:WANIPv6FwCtrl1</serviceId>
                <controlURL>/upnp/control/WANIPv6FwCtrl1</controlURL>
                <eventSubURL>/upnp/control/WANIPv6FwCtrl1</eventSubURL>
                <SCPDURL>/gatev6fwctrlSCPD.xml</SCPDURL>
              </service>
            </serviceList>
          </device>
        </deviceList>
      </device>
    </deviceList>
    <presentationURL>http://[fe80::1]</presentationURL>
  </device>
</root>
* Closing connection 0

# 查看ipv6防火墙状态
# jsys00e26939d6b7
root@jsys00e26939db0e:/# ./upnpc-static -6 -i -S
SOAP request : POST /upnp/control/WANIPv6FwCtrl1 HTTP/1.1 - Host: [fe80::1%25enp1s0]:52869
SOAPAction: "urn:schemas-upnp-org:service:WANIPv6FirewallControl:1#GetFirewallStatus" - Content-Length: 286
Headers :
POST /upnp/control/WANIPv6FwCtrl1 HTTP/1.1
Host: [fe80::1%25enp1s0]:52869
User-Agent: Linux/3.10.0-1160.42.2.el7.x86_64, UPnP/1.1, MiniUPnPc/2.2.4
Content-Length: 286
Content-Type: text/xml
SOAPAction: "urn:schemas-upnp-org:service:WANIPv6FirewallControl:1#GetFirewallStatus"
Connection: Close
Cache-Control: no-cache
Pragma: no-cache

Body :
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:GetFirewallStatus xmlns:u="urn:schemas-upnp-org:service:WANIPv6FirewallControl:1"></u:GetFirewallStatus></s:Body></s:Envelope>

HTTP status code = 200, Reason phrase = OK
header='CONTENT-LENGTH', value='412'
Content-Length: 412
header='CONTENT-TYPE', value='text/xml; charset="utf-8"'
header='DATE', value='Wed, 08 Feb 2023 03:08:25 GMT'
header='EXT', value=''
header='SERVER', value='Linux, UPnP/1.0, Portable SDK for UPnP devices/1.6.18'
header='X-User-Agent', value='redsonic'
End of HTTP content
HTTP 200 SOAP Response :
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<u:GetFirewallStatusResponse xmlns:u="urn:schemas-upnp-org:service:WANIPv6FirewallControl:1">
<FirewallEnabled>1</FirewallEnabled>
<InboundPinholeAllowed>1</InboundPinholeAllowed>
</u:GetFirewallStatusResponse>
</s:Body>
</s:Envelope>

FirewallEnabled: 1 & Inbound Pinhole Allowed: 1
GetFirewallStatus:
   Firewall Enabled: Yes
   Inbound Pinhole Allowed: Yes

root@jsys00e26939d6b7:/# ./ipv6firewallcontroltest_centos_normal -m enp1s0
1: urn:schemas-upnp-org:service:WANIPv6FirewallControl:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-305a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:service:WANIPv6FirewallControl:1
2: urn:schemas-upnp-org:service:WANIPConnection:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-305a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:service:WANIPConnection:1
3: urn:schemas-upnp-org:device:WANConnectionDevice:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-305a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:device:WANConnectionDevice:1
4: uuid:20809696-305a-3721-e8b8-30cc21a4b2c0
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-305a-3721-e8b8-30cc21a4b2c0
5: urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-205a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1
6: urn:schemas-upnp-org:device:WANDevice:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-205a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:device:WANDevice:1
7: uuid:20809696-205a-3721-e8b8-30cc21a4b2c0
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-205a-3721-e8b8-30cc21a4b2c0
8: urn:schemas-microsoft-com:service:OSInfo:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-105a-3721-e8b8-30cc21a4b2c0::urn:schemas-microsoft-com:service:OSInfo:1
9: urn:schemas-upnp-org:device:InternetGatewayDevice:1
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-105a-3721-e8b8-30cc21a4b2c0::urn:schemas-upnp-org:device:InternetGatewayDevice:1
10: uuid:20809696-105a-3721-e8b8-30cc21a4b2c0
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-105a-3721-e8b8-30cc21a4b2c0
11: upnp:rootdevice
    http://[fe80::1]:52869/gatedescV6.xml
    uuid:20809696-105a-3721-e8b8-30cc21a4b2c0::upnp:rootdevice

编译出来后，使用upnpc-static进行测试即可。
如果是使用本地电脑虚拟机centos，是不支持ipv6的，需要有global的ipv6地址才行，本地是link的，另外，由于miniupnpd绑定了网卡，所以miniupnpc也要修改程序源码绑定源码才能使用。

#include <net/if.h>
// miniupnpc\src\connecthostport.c 223行
// miniupnpc\src\minissdpc.c 816行
struct ifreq nif = {0};
strcpy(nif.ifr_name, "ens33");
if(setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, (char *)&nif, sizeof(nif)) != 0)
{
    printf("bind ens33 failed\n");
}

测试案例

ipv4

ipv6

测试ipv6是否可用：

ping -6 test-ipv6.com
dig ipv6-test.com  AAAA

目前还没有找到ipv6能成功打洞的设备。
测试命令：./upnpc-static -6 -i -m enp1s0 -A “” 0 2409:8a6c:4f18:3bb0:c136:754c:5910:a90a 5900 TCP 300
测试节点：v6Ip : AND v6HttpPort :0 AND arch:”centos_normal” AND parent :”eds” AND localIp :192
测试记录：
yfserver_jinchaoyun_pass_node_x86_64_glibc 没找到支持的
muhua_node_x86_64_glibc 没找到支持的
xiaolei_pass_node_x86_64_glibc 没找到支持的
yfserver_bailuyun_pass_node_x86_64_glibc 没找到支持的
bidu_pass_node_x86_64_glibc 没找到支持的
lanzheng2_node_x86_64_glibc 没找到支持的
ikuai_router_eds_x86_64_uclibc 没找到支持的
jike_node_x86_64_uclibc 没找到支持的
jinchaoyun_node_armv7_bionic 没找到支持的
yushui_node_x86_64_glibc 之前找到过InternetGatewayDevice有响应的，但是AddPinhole报ProtocolNotSupported

ipv6防火墙设置

问题背景：光猫桥接，让路由器拨号，路由器下在接应用设备，发现应用设备里面ipv6可以访问外网，但是设备里面的服务无法被外网访问。

# 应用设备的ip
eth9      Link encap:Ethernet  HWaddr 00:e0:4c:ab:4b:2e
          inet addr:172.16.1.236  Bcast:172.16.1.255  Mask:255.255.255.0
          inet6 addr: fd91:3c16:14d:0:2e0:4cff:feab:4b2e/64 Scope: Global
          inet6 addr: fd91:3c16:14d:0:31c5:51d1:f5d7:ea41/64 Scope: Global
          inet6 addr: 2408:8256:348a:3011:2e0:4cff:feab:4b2e/64 Scope: Global
          inet6 addr: fe80::2e0:4cff:feab:4b2e/64 Scope: Link
          inet6 addr: 2408:8256:348a:3011:31c5:51d1:f5d7:ea41/64 Scope: Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:119262762 errors:0 dropped:0 overruns:0 frame:0
          TX packets:104102395 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:26609802764 TX bytes:377630646212

解决的办法为，修改路由器的转发策略，让wan=>lan的转发放开。

路由器为openwrt系统

之前没放开的情况下为什么ipv4可以跑？因为有upnp做转发。

手机上可以下载termux进行ipv6公网测试
相关帖子：获取到了 ipv6 地址，为什么不能通过公网访问？

网上总结：

1. 上面有人说了，openwrt 默认就是阻止所有 wan to lan 入站连接的，需要允许访问的再手动添加规则放行
2. 正常情况下 ipv6 的 80/443 端口也是封掉的状态。
   其次，可以开防火墙，一般情况下，openwrt 默认是全部入站阻止的，（大部分市面上的路由器也是这样）。再者，ipv6 被扫到的可能性也不高。

防火墙策略配置参考：
https://65.chat/toss/71.html
https://rongrongbq.moe/2021/08/firewall-and-DDNS-settings-for-IPv6/