Le 23.02.2018 à 13:28, Yangfl a écrit : > Hi, > > In config.h: > /* Uncomment the following line in order to make minissdpd > * listen on 1.2.3.4:1900 instead of *:1900 > * Note : it prevents broadcast packets to be received, > * at least with linux */ > /*#define SSDP_LISTEN_ON_SPECIFIC_ADDR*/ > > It should be OK to enable such option since UPnP actually use > multicast. However there might be some broken clients sending > broadcast. I'm sorry, the comment is misleading, it should read "multicast"
As far as I know, the bind() address for UDP socket is used as a "filter address" : * Binding to the interface address (192.168.0.1) prevent multicast SSDP packets to be received (they are sent to 239.255.255.250) * Binding to 239.255.255.250 prevents SSDP unicast packets to be received as they are sent to 192.168.0.1 anyway binding to 239.255.255.250 wont change the interface miniSSDPd is listening on... The only solution is to bind to ANY, MiniSSDPd then does a packet filtering on each received packet, dropping them if they have wrong receiving interface or wrong sender. Anyway, for better security, one should use iptables to prevent any traffic to come from the internet on UDP port 1900 ! Thomas Bernard
signature.asc
Description: OpenPGP digital signature