Help us test new feature: "auto add router NAT rule"

jksjks
edited April 2017 in KiwiSDR Discussion
The v1.65 release has a new feature. If you enable, it will attempt to install the necessary NAT rule on your firewall / router to open port 8073 (or other) automatically. This will hopefully save a lot of new Kiwi owners the hassle and complexity of figuring out how to get into their router and add the rule manually. Of course this is more for the residential/consumer owner and not for controlled-network corporate/business environments.

Not all routers have the necessary UPnP protocol support. To help us understand how often this solution works please give it a try and let us know if it works for you. Proceed as follows.

1. Wait for v1.65 to be installed or restart your Kiwi to force an install.
2. On your router manually delete the NAT rule you initially added to open the port to the Internet.
3. Go the the Network tab on the admin page and change the "auto add NAT rule" option from "no" to "yes".
4. Press the cyan-colored "server restart" button when it appears.
5. When the admin page reloads go back to the Network tab and check the status displayed after the color-coded message "Automatic add of NAT rule on firewall / router:"
6. It should be one of
Green - "succeeded" (NAT1)
Yellow - "rule already exists" (NAT3)
Orange - "no device found" (NAT2)
Red - "command failed" (NAT4)
nothing is displayed if "auto add" button is set to "no" (NAT0)
7. A status code (NAT1, NAT2, ...) will be displayed on sdr.hu as well if your Kiwi is publicly available.
8. Let us know your result and the model of your router.
9. If you got green "succeeded" then on your router check that the NAT rule was automatically added and that Internet connections can be made.
10. If any other status appears then manually put back the NAT rule on your router.
11. There is a longer message displayed in the Kiwi log (see admin Log tab) detailing the communications with your router.

Thanks for helping us with this testing.

Comments

  • NAT4   Cisco RV325
  • Hmm, a little surprised you got a NAT4. That means the code had problems invoking the "upnpc" command on the Beagle that the v1.65 Makefile should have installed.

  • on the Netgear DG834 modem the UPnP is ok with the auto assign of the 8073 port, but have no indication in the NETWORK admin page
    of the KIWI other than buttons YES  and NO in green\grey.
    Maybe because I have not disabled the manual port in the router-firewall ?
    73
    Phil IC8POF

  • edited April 2017
    My error... NAT2
  • jksjks
    edited April 2017
    Hi Phil,
    Could you go to the "Log" tab on the admin page and cut & paste here the messages that will be similar to the following. Thanks!

    Fri Mar 31 23:00:13 2017 0:00:05 ....      upnpc : miniupnpc library test client. (c) 2006-2010 Thomas Bernard
    Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
    for more information.
    List of UPNP devices found on the network :
     desc: http://192.168.1.1:5431/dyndev/uuid:000e8fac-1b57-571b-ac8f-0e000eac570000
     st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
    
    Found valid IGD : http://192.168.1.1:5431/uuid:000e8fac-1b57-571b-ac8f-0e000eac570002/WANIPConnection:1
    Local LAN ip address : 192.168.1.103
    ExternalIPAddress = 103.26.16.225
    InternalIP:Port = 192.168.1.103:8073
    external 103.26.16.225:8073 TCP is redirected to internal 192.168.1.103:8073
    
    Fri Mar 31 23:00:13 2017 0:00:05 ....      ### upnpc  -a 192.168.1.103 8073 8073 TCP 2>&1: NAT port mapping in local network firewall/router created
  • John,
    April fools, right?

    Anyway I have "Automatic add of NAT rule on firewall / router: no device found".
    Using an ASUS RT-N16 router flashed with:
    Firmware: DD-WRT v24-sp2 (08/12/10) mega
    Time: 20:54:45 up 21:23, load average: 0.00, 0.00, 0.00
    WAN IP: 67.215.36.150

    Just for curiosity I deleted the port info on the network page and tried that. Couldn't get back in and had to manual edit the admin.json file to get the ports back. 
    Ron - KA7U
  • No, but for good April 1 content you want this: 

  • edited April 2017
    ...... I waited to be out of 1st of april ehehe...

    HI here is the COPY\PASTE  of my KIWI log when I switched the AUTO_NAT rule:
    ---------------- LOG crop from ic8pof   ON--------------------
    Sun Apr  2 15:46:06 2017 0:00:05 ....      upnpc : miniupnpc library test client. (c) 2005-2014 Thomas Bernard
    Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
    for more information.
    List of UPNP devices found on the network :
     desc: http://192.168.0.1:49152/gateway.xml
     st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
    
     desc: http://192.168.0.111:2869/upnphost/udhisapi.dll?content=uuid:2668f54f-7b4c-489f-b2bb-15b67f58046c
     st: upnp:rootdevice
    
     desc: http://192.168.0.50:49152/wps_device.xml
     st: upnp:rootdevice
    
    Found a (not connected?) IGD : http://192.168.0.1:49152/upnp/control/WANIPConnection
    Trying to continue anyway
    Local LAN ip address : 192.168.0.91
    ExternalIPAddress = 80.183.88.15
    InternalIP:Port = 192.168.0.91:8073
    external 80.183.88.15:8073 TCP is redirected to internal 192.168.0.91:8073 (duration=0)
    
    Sun Apr  2 15:46:06 2017 0:00:05 ....      ### upnpc -e KiwiSDR -a 192.168.0.91 8073 8073 TCP 2>&1: NAT port mapping in local network firewall/router created
    Sun Apr  2 15:46:06 2017 0:00:05 ....      task dyn_DNS:P2:T02 exited by returning
    Sun Apr  2 15:46:22 2017 0:00:21 .... [00] isLocal_IP: flg=0x18 fam=10 socktype=1 proto=6 addrlen=28 ::ffff:192.168.0.111
    Sun Apr  2 15:46:22 2017 0:00:21 .... [00] isLocal_IP TRUE IPv4/4_6 remote_ip ::ffff:192.168.0.111 ip_client ::ffff:192.168.0.111/0xc0a8006f ip_server[IPv4] 192.168.0.91/0xc0a8005b nm /24 0xffffff00
    Sun Apr  2 15:46:22 2017 0:00:21 .... [00] PWD admin: config pwd set FALSE, auto-login TRUE
    Sun Apr  2 15:46:22 2017 0:00:21 .... [00] PWD admin: no config pwd set, but is_local
    Sun Apr  2 15:46:22 2017 0:00:21 .... [00] PWD admin allow override: sent from ::ffff:192.168.0.111
    ---------- log crop OFF--------------
    As written before the function work at once appearing in the router upnp settings, see pic
    73
    Phil
     




    Attachments:
    https://forum.kiwisdr.com/uploads/Uploader/51/536ffc522e2e9dd4964506d89666ee.jpg
  • Hi there,

    Disabled the port-forwarding firewall rule and switched on UPnP on KiwiSDR.
    The result is:
    Automatic add of NAT rule on firewall / router: succeeded


    SDR.HU status:

    KiwiSDR v1.65 NAT1

    Router model: OPNSENSE with os-upnp plugin enabled.

    Ivan

  • after digging through the docs/setup....

    enabled uPNP

    Cisco RV325 succeeded   
  • Good catch there James!  I too have a uPNP switch on the router. Now the result is:
    Automatic add of NAT rule on firewall / router: succeeded
    Ron - KA7U
  • One note about autocreated UPnP rules.

    The presense of the necessary UPnP rules should be checked by KiwiSDR process periodically.
    In case of router reboot the rules should be recreated otherwise KiwiSDR would 'think' the network is OK while it isn't.
  • I have a BT Home Hub 5 which I had previously manually configured to port forward.

    When I removed the existing rules and tried the auto option the port forwarding seemed to setup OK, but the separate firewall rule didn't seem to load, so I had to add it manually.

    I'm not sure if this was because of the previous config or something else I may (or may not) have done, so I can't be sure it's associated with the Kiwi auto setup.

    Either way, I don't really want to have to mess with the router settings again (such as a full reset), as I've got other stuff that also requires port forwarding and is very fussy about the config.

    Regards,

    Martin - G8JNJ


  • WA2ZKD/KA7U: Interesting your routers require you to enable UPnP. Security feature I guess. Kinda defeats the purpose of lessening the setup burden.

    ic8pof: If you are seeing the message "NAT port mapping in local network firewall/router created" in the log then the next time you go to the network tab after restarting the server you should get the green message that says:
    Automatic add of NAT rule on firewall / router: succeeded
    You won't see the message immediately after changing the button from "no" to "yes". You have to restart the server first.

    UR5VIB: excellent point about router reboots. I had not considered that.

    G8JNJ: I'm not sure what you mean by "separate firewall rule didn't seem to load". The Kiwi only sends a single NAT rule (port forwarding) via UPnP. No other firewall related rules if those are required by your router. You would still have to configure those manually.


    UR5VIBSerge
  • The Cisco RV325 is a small business device so trades off user-friendly for feature-set and security
Sign In or Register to comment.