Page 2 of 3

Re: HTTP being exposed via UPNP

Posted: 09 Jun 2023, 17:04
by imilne
Just wondering how things are going on investigating this issue?

Re: HTTP being exposed via UPNP

Posted: 09 Jun 2023, 21:37
by TMzethar
We have identified the problem and are working on resolving it. Please wait for future version updates.

Re: HTTP being exposed via UPNP

Posted: 09 Jun 2023, 22:35
by imilne
Thanks for the update, and looking forward to the patch.

Re: HTTP being exposed via UPNP

Posted: 23 Oct 2023, 18:30
by imilne
I noticed this was marked as potentially fixed in 5.1.40 ("Fixed the issue with UPnP port mapping") but I've waited a few versions before updating, and I'm not on 5.1.79.

It's still not fixed from what I can tell, and TOS is requesting port 5443 to be opened. I've tested and confirmed it's accessible from anywhere.

I'll continue to block with a custom miniupnp rule, but this should not be happening - unless there's a toggle setting for it somewhere in the UI that I've not come across yet.

Re: HTTP being exposed via UPNP

Posted: 24 Oct 2023, 23:17
by imilne
That should have said "I'm *now* on 5.1.79"

Re: HTTP being exposed via UPNP

Posted: 25 Oct 2023, 18:28
by TMzethar
The problem has been fixed. Your router may have cache issues that affect its actual performance. Please restart the router to clean them up.

Re: HTTP being exposed via UPNP

Posted: 28 Oct 2023, 19:42
by imilne
Sorry, I have to disagree.

My router (a pi4 running Ubuntu) uses miniupnpd for handling UPnP requests, so it's very easy to see the requests being made, and/or to restart either the pi or the service if I want to start clean.

Active requests are stored in /var/log/upnp.leases and here's a snippet prior to booting the NAS:

Code: Select all

UDP:2003:192.168.0.7:2003:1698518341:DemonwarePortMapping
UDP:2005:192.168.0.8:2005:1698585895:DemonwarePortMapping
UDP:50804:192.168.0.33:50804:1698657834:Teredo 192.168.0.33:50804->50804 UDP
The NAS - using 192.168.0.98 is then booted, and the following will appear:

Code: Select all

TCP:5443:192.168.0.98:5443:1699097725:http_ssl
A simple test (eg via a phone on 4G) proves it's visible from external IPs.

As I said, I can block this using miniupnpd, but I shouldn't have to.

Code: Select all

deny 0-65535 192.168.0.98/32 0-65535

Re: HTTP being exposed via UPNP

Posted: 29 Oct 2023, 00:25
by crisisacting
{L_BUTTON_AT}imilne

Is that request happening even with UPNP disabled on the NAS?

Re: HTTP being exposed via UPNP

Posted: 29 Oct 2023, 01:54
by imilne
{L_BUTTON_AT}imilne
crisisacting wrote: 29 Oct 2023, 00:25 Is that request happening even with UPNP disabled on the NAS?
The only UPnP option I can find is under Network|Discovery Service: "Enable UPnP discovery service" and that's definitely disabled. There's also the Remote Access and Remote Assistance apps that are both disabled. Grep-ing the file system and logs finds a few instances of 5443 used here and there but nothing jumps out at me to suggest what service might be making the UPnP call.

Re: HTTP being exposed via UPNP

Posted: 07 Nov 2023, 18:43
by imilne
No comments from Terramaster?