net/upnp: Complete service improvements 1/2#5126
Conversation
Self-Hosting-Group
force-pushed
the
complete-improvements
branch
from
4c98364 to
a42ac1d
Compare
|
See 26.1 coming soon. Can we continue here? |
|
If I just copy the syslog filter template, it will not be applied; a |
|
syslog is always restarted post-install for plugins:
Sure, the PR is still in draft mode... you need to signal when you're ready first. |
|
|
||
| 1.8 | ||
|
|
||
| ... |
There was a problem hiding this comment.
yes please, I did forget these
There was a problem hiding this comment.
what about these? and can you bring it out of draft mode please?
Self-Hosting-Group
force-pushed
the
complete-improvements
branch
5 times, most recently
from
a42ac1d to
74fc831
Compare
|
Sorry for the delay. I've just pushed the changes. Since the OPNsense 26.1 release is tomorrow and this PR is ready, it would be great if you could give me a quick comment on the following points. I'll then prepare the missing changelog and remove the draft flag from the PR to be merged.
I did this so that the PR wouldn't be merged unexpectedly too early. Thank you for the review.
|
Yep should be good as is.
Where are you logging to? System log? It may be better to add a separate log file and page for miniupnpd alone. The system log is capped to notice (so won't see info or debug) for historic reasons. |
Self-Hosting-Group
force-pushed
the
complete-improvements
branch
5 times, most recently
from
74fc831 to
65199d4
Compare
Separate log file implemented. Please review. |
|
@fichtner @fraenki Critical issue detected in OPNsense 26.1 and registerAnchor function used in plugin.
|
|
Thanks for the hint. I found it https://forum.opnsense.org/index.php?topic=50520.msg258554#msg258554 |
|
A 26.1_5 release? |
|
This should have been in today’s hotfix, but there likely won’t be another. We’re targeting a 26.1.1 next week for a lot of other reasons. Not sure how early or late in the week that will be. |
|
I would like to better understand the pf daemon backend. Since I know that the daemon does not create plugins/net/upnp/src/etc/inc/plugins.inc.d/miniupnpd.inc Lines 42 to 45 in 85f1bb9 And what do you think of this wording addition in the UI help? |
|
Below are three comments on OPNsense 26.1 that are unrelated to this PR:
|
| global $config; | ||
| $upnp_config = $config['installedpackages']['miniupnpd']['config'][0]; | ||
| if (($upnp_config['log_level'] ?? '') == 'info') { | ||
| $exec_cmd='/usr/local/sbin/miniupnpd -f %s -P %s -v'; | ||
| } elseif (($upnp_config['log_level'] ?? '') == 'debug') { | ||
| $exec_cmd='/usr/local/sbin/miniupnpd -f %s -P %s -vv'; | ||
| } else { | ||
| $exec_cmd='/usr/local/sbin/miniupnpd -f %s -P %s'; | ||
| } | ||
| mwexecfb($exec_cmd, ['/var/etc/miniupnpd.conf', '/var/run/miniupnpd.pid']); |
There was a problem hiding this comment.
this part needs modification post merge
|
feel free to open a new pr |
|
I would prefer to collaborate more so that I don't have to make new PRs again. |
|
7658677 works for me
This costs too much time for me so I need to batch the time to look at this. We don't discuss code in an open PR. An open PR should include all the code you want to be published. From my point of view the scope of this PR is mostly complete. The changelogs are still missing, but it's up to you. |
Yes mostly, but e.g. the improved (more secure) |
In the core removal from 2017 it only had rdr/fw opnsense/core@44e4ae85c04e7dd which is probably the original state of it. The other two were added in 2022: #3165
Normally we either hide these things under an advanced toggle (not possible in legacy code) or we use a simple note "Use with care." if it's security relevant. The best way is to not offer the option if it's not good. ;) Cheers, |
It's still not clear why it's needed. I removed all but kept one registration in the PR.
Yes ;-) But then this user case, for which it was implemented, is not supported: https://redirect.github.com/opnsense/plugins/issues/4608. |
|
I don't know. Looking over the fence I see this in pfSense and I'm inclined to leave it as is for lack of a reason to pull support for something that doesn't matter in practice. |
|
I just want to tidy things up and know for sure, and remove old code that was not carefully considered when it was added. I'll try to remove it from pfSense as well (since it was taken from there). But if miniupnpd doesn't have a |
|
Adding this is easier than removing in any case. It would be nice to make a feature release on 1.9 without potentially breaking changes first then make a single code change effort around the registration which then can also be testing without interference by the community. |
|
I’m considering dropping my community time for this plugin on grounds of difficult communication with you. I’ve fixed a number of things in your PR and previous submissions and I know that burdening you with review is not as effective as with other plugin contributors because it drags these PRs on for weeks. I’m happy to change my approach out of lack of alternatives within my immediate reach. Cheers, |
Self-Hosting-Group
changed the title
- More specific allow third-party mapping UI option - Remove unnecessary `binat` anchor registration - Fix debug logging not treating `-v -v` (follow-up to 7658677) - Update missed changelog Follow-up to opnsense#5126
- More specific allow third-party mapping UI option - Remove unnecessary `binat` anchor registration - Fix debug logging not treating `-v -v` (follow-up to 7658677) - Update missed changelog Follow-up to opnsense#5126
PR: opnsense/plugins#5126 (cherry picked from commit 23d3be4)
2 participants
No description provided.