HTTP being exposed via UPNP
Re: HTTP being exposed via UPNP
Just wondering how things are going on investigating this issue?
Re: HTTP being exposed via UPNP
We have identified the problem and are working on resolving it. Please wait for future version updates.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Re: HTTP being exposed via UPNP
Thanks for the update, and looking forward to the patch.
Re: HTTP being exposed via UPNP
I noticed this was marked as potentially fixed in 5.1.40 ("Fixed the issue with UPnP port mapping") but I've waited a few versions before updating, and I'm not on 5.1.79.
It's still not fixed from what I can tell, and TOS is requesting port 5443 to be opened. I've tested and confirmed it's accessible from anywhere.
I'll continue to block with a custom miniupnp rule, but this should not be happening - unless there's a toggle setting for it somewhere in the UI that I've not come across yet.
It's still not fixed from what I can tell, and TOS is requesting port 5443 to be opened. I've tested and confirmed it's accessible from anywhere.
I'll continue to block with a custom miniupnp rule, but this should not be happening - unless there's a toggle setting for it somewhere in the UI that I've not come across yet.
Re: HTTP being exposed via UPNP
That should have said "I'm *now* on 5.1.79"
Re: HTTP being exposed via UPNP
The problem has been fixed. Your router may have cache issues that affect its actual performance. Please restart the router to clean them up.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Technical team: support(at)terra-master.com (for technical support)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Re: HTTP being exposed via UPNP
Sorry, I have to disagree.
My router (a pi4 running Ubuntu) uses miniupnpd for handling UPnP requests, so it's very easy to see the requests being made, and/or to restart either the pi or the service if I want to start clean.
Active requests are stored in /var/log/upnp.leases and here's a snippet prior to booting the NAS:
The NAS - using 192.168.0.98 is then booted, and the following will appear:
A simple test (eg via a phone on 4G) proves it's visible from external IPs.
As I said, I can block this using miniupnpd, but I shouldn't have to.
My router (a pi4 running Ubuntu) uses miniupnpd for handling UPnP requests, so it's very easy to see the requests being made, and/or to restart either the pi or the service if I want to start clean.
Active requests are stored in /var/log/upnp.leases and here's a snippet prior to booting the NAS:
Code: Select all
UDP:2003:192.168.0.7:2003:1698518341:DemonwarePortMapping
UDP:2005:192.168.0.8:2005:1698585895:DemonwarePortMapping
UDP:50804:192.168.0.33:50804:1698657834:Teredo 192.168.0.33:50804->50804 UDP
Code: Select all
TCP:5443:192.168.0.98:5443:1699097725:http_ssl
As I said, I can block this using miniupnpd, but I shouldn't have to.
Code: Select all
deny 0-65535 192.168.0.98/32 0-65535
- crisisacting
- Posts: 266
- Joined: 20 Jan 2022, 16:42
Re: HTTP being exposed via UPNP
{L_BUTTON_AT}imilne
Is that request happening even with UPNP disabled on the NAS?
Re: HTTP being exposed via UPNP
{L_BUTTON_AT}imilne
The only UPnP option I can find is under Network|Discovery Service: "Enable UPnP discovery service" and that's definitely disabled. There's also the Remote Access and Remote Assistance apps that are both disabled. Grep-ing the file system and logs finds a few instances of 5443 used here and there but nothing jumps out at me to suggest what service might be making the UPnP call.crisisacting wrote: ↑29 Oct 2023, 00:25 Is that request happening even with UPNP disabled on the NAS?
Re: HTTP being exposed via UPNP
No comments from Terramaster?