From b61c4543cbdef8eb34ba1e59f617593180249738 Mon Sep 17 00:00:00 2001 From: Kevin Cernekee Date: Thu, 5 Jan 2017 13:42:20 -0800 Subject: conntrackd: cthelper: ssdp: Track UPnP eventing The UPnP Device Architecture spec provides a way for devices to connect back to control points, called "Eventing" (chapter 4). This sequence can look something like: 1) Outbound multicast M-SEARCH packet (dst: 1900/udp) - Create expectation for unicast reply from to source port 2) Inbound unicast reply (there may be several of these from different devices) - Find the device's URL, e.g. LOCATION: http://192.168.1.123:1400/xml/device_description.xml - Create expectation to track connections to this host:port (tcp) 3) Outbound connection to device's web server (there will be several of these) - Watch for a SUBSCRIBE request - Find the control point's callback URL, e.g. CALLBACK: - Create expectation to open up inbound connections to this host:port 4) Inbound connections to control point's web server - The device will send NOTIFY HTTP requests to inform the control point of new events. These can continue indefinitely. Each NOTIFY request arrives on a new TCP connection and may have a different source port. Add the necessary code to create expectations for each of these connections and rewrite the IP in the CALLBACK URL. Tested with and without NAT. Signed-off-by: Kevin Cernekee Signed-off-by: Pablo Neira Ayuso --- doc/helper/conntrackd.conf | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/helper/conntrackd.conf b/doc/helper/conntrackd.conf index a827b93..7eae8bc 100644 --- a/doc/helper/conntrackd.conf +++ b/doc/helper/conntrackd.conf @@ -84,7 +84,15 @@ Helper { QueueNum 5 QueueLen 10240 Policy ssdp { - ExpectMax 1 + ExpectMax 8 + ExpectTimeout 300 + } + } + Type ssdp inet tcp { + QueueNum 5 + QueueLen 10240 + Policy ssdp { + ExpectMax 8 ExpectTimeout 300 } } -- cgit v1.2.3