NAP,DZM,UPnP How to do Port- Forwarding (Open a Port) in your Router.
1.NAP
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.[1] The technique was originally used for ease of rerouting traffic in IP networks without readdressing every host. In more advanced NAT implementations featuring IP masquerading, it has become a popular and essential tool in conserving global address space allocations in face of IPv4 address exhaustion by sharing one Internet-routable IP address of a NAT gateway for an entire private network.
2.DMZ
n computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, usually a larger network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node can access only what is exposed in the DMZ, while the rest of the organization's network is firewalled. The DMZ functions as a small, isolated network positioned between the Internet and the private network.
The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted.
3.UPnP
Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence on the network and establish functional network services for data sharing, communications, and entertainment. UPnP is intended primarily for residential networks without enterprise-class devices.
4.Install UPnP client on FreeBSD.
let's enter the upnpc command.
Enter this command we can Get Connection status.
Perform this script, your external ip will be displayed.
Enter this command we can List redirections.
create a shell & add a line to crontab auto add port redirection.
edit the upnpc.sh file.
sample:
add these lines to /etc/crontab
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.[1] The technique was originally used for ease of rerouting traffic in IP networks without readdressing every host. In more advanced NAT implementations featuring IP masquerading, it has become a popular and essential tool in conserving global address space allocations in face of IPv4 address exhaustion by sharing one Internet-routable IP address of a NAT gateway for an entire private network.
2.DMZ
n computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, usually a larger network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node can access only what is exposed in the DMZ, while the rest of the organization's network is firewalled. The DMZ functions as a small, isolated network positioned between the Internet and the private network.
The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted.
3.UPnP
Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other's presence on the network and establish functional network services for data sharing, communications, and entertainment. UPnP is intended primarily for residential networks without enterprise-class devices.
4.Install UPnP client on FreeBSD.
$ sudo pkg install miniupnpc
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
miniupnpc: 2.0.20170509
Number of packages to be installed: 1
44 KiB to be downloaded.
Proceed with this action? [y/N]: y
[1/1] Fetching miniupnpc-2.0.20170509.txz: 100% 44 KiB 45.5kB/s 00:01
Checking integrity... done (0 conflicting)
[1/1] Installing miniupnpc-2.0.20170509...
Extracting miniupnpc-2.0.20170509: 100%
let's enter the upnpc command.
$ upnpc
upnpc : miniupnpc library test client, version 2.0.
(c) 2005-2016 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
Usage : upnpc [options] -a ip port external_port protocol [duration]
Add port redirection
upnpc [options] -d external_port protocol <remote host="">
Delete port redirection
upnpc [options] -s
Get Connection status
upnpc [options] -l
List redirections
upnpc [options] -L
List redirections (using GetListOfPortMappings (for IGD:2 only)
upnpc [options] -n ip port external_port protocol [duration]
Add (any) port redirection allowing IGD to use alternative external_port (for IGD:2 only)
upnpc [options] -N external_port_start external_port_end protocol [manage]
Delete range of port redirections (for IGD:2 only)
upnpc [options] -r port1 [external_port1] protocol1 [port2 [external_port2] protocol2] [...]
Add all redirections to the current host
upnpc [options] -A remote_ip remote_port internal_ip internal_port protocol lease_time
Add Pinhole (for IGD:2 only)
upnpc [options] -U uniqueID new_lease_time
Update Pinhole (for IGD:2 only)
upnpc [options] -C uniqueID
Check if Pinhole is Working (for IGD:2 only)
upnpc [options] -K uniqueID
Get Number of packets going through the rule (for IGD:2 only)
upnpc [options] -D uniqueID
Delete Pinhole (for IGD:2 only)
upnpc [options] -S
Get Firewall status (for IGD:2 only)
upnpc [options] -G remote_ip remote_port internal_ip internal_port protocol
Get Outbound Pinhole Timeout (for IGD:2 only)
upnpc [options] -P
Get Presentation url
protocol is UDP or TCP
Options:
-e description : set description for port mapping.
-6 : use ip v6 instead of ip v4.
-u url : bypass discovery process by providing the XML root description url.
-m address/interface : provide ip address (ip v4) or interface name (ip v4 or v6) to use for sending SSDP multicast packets.
-z localport : SSDP packets local (source) port (1024-65535).
-p path : use this path for MiniSSDPd socket.
-t ttl : set multicast TTL. Default value is 2.
Enter this command we can Get Connection status.
$ upnpc -s
upnpc : miniupnpc library test client, version 2.0.
(c) 2005-2016 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://192.168.1.x:49152/gatedesc.xml
st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
Found valid IGD : http://192.168.1.x:49152/upnp/control/WANPPPConn1
Local LAN ip address : 192.168.1.x
Connection Type : IP_Routed
Status : Connected, uptime=63855s, LastConnectionError : ERROR_NONE
Time started : Tue Dec 5 21:35:27 2017
MaxBitRateDown : 1000000000 bps (1000.0 Mbps) MaxBitRateUp 1000000000 bps (1000.0 Mbps)
ExternalIPAddress = xxx.xxx.xxx.xxx
Bytes: Sent: 109135771 Recv: 80344296
Packets: Sent: 462571 Recv: 435902
Perform this script, your external ip will be displayed.
$ upnpc -s | grep ExternalIPAddress | awk '{ print $3 }'
Enter this command we can List redirections.
$ upnpc -l
upnpc : miniupnpc library test client, version 2.0.
(c) 2005-2016 Thomas Bernard.
Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://192.168.1.x:49152/gatedesc.xml
st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
Found valid IGD : http://192.168.1.x:49152/upnp/control/WANPPPConn1
Local LAN ip address : 192.168.1.x
Connection Type : IP_Routed
Status : Connected, uptime=64564s, LastConnectionError : ERROR_NONE
Time started : Tue Dec 5 21:35:27 2017
MaxBitRateDown : 1000000000 bps (1000.0 Mbps) MaxBitRateUp 1000000000 bps (1000.0 Mbps)
ExternalIPAddress = xxx.xxx.xxx.xxx
i protocol exPort->inAddr:inPort description remoteHost leaseTime
0 UDP 54814->192.168.1.x:54814 'Teredo' '' 0
GetGenericPortMappingEntry() returned 713 (SpecifiedArrayIndexInvalid)
create a shell & add a line to crontab auto add port redirection.
$ sudo touch /usr/local/bin/upnpc.sh
$ sudo chown user /usr/local/bin/upnpc.sh
$ chmod +x /usr/local/bin/upnpc.sh
edit the upnpc.sh file.
sample:
#!/bin/sh
if ! /usr/local/bin/upnpc -l | grep "192.168.1.x:22" > /dev/null 2>&1; then
/usr/local/bin/upnpc -e 'ssh' -a 192.168.1.x 22 22 tcp > /dev/null 2>&1
fi
if ! /usr/local/bin/upnpc -l | grep "192.168.1.x:443" > /dev/null 2>&1; then
/usr/local/bin/upnpc -e 'ssl' -a 192.168.1.x 443 443 tcp > /dev/null 2>&1
fi
if ! /usr/local/bin/upnpc -l | grep "192.168.1.x:80" > /dev/null 2>&1; then
/usr/local/bin/upnpc -e 'www' -a 192.168.1.x 80 80 tcp > /dev/null 2>&1
fi
if ! /usr/local/bin/upnpc -l | grep "192.168.1.x:8080" > /dev/null 2>&1; then
/usr/local/bin/upnpc -e 'tomcat' -a 192.168.1.x 8080 8080 tcp > /dev/null 2>&1
fi
if ! /usr/local/bin/upnpc -l | grep "192.168.1.x:8000" > /dev/null 2>&1; then
/usr/local/bin/upnpc -e '8000' -a 192.168.1.x 8000 8000 tcp > /dev/null 2>&1
fi
add these lines to /etc/crontab
# upnpc
* * * * * user /usr/local/bin/upnpc.sh
Comments
Post a Comment