uPnP discovery also requests UDP ports

Question

uPnP discovery also requests UDP ports

Closed this issue 3 years ago · 4 comments

I looked at my router's uPnP entries and found entries for both TCP:9981-9984 and UDP:9981-9984. AFAIK, siad should only be requesting TCP ports and not UDP ports.

Answer 1 · 2021-09-26T15:18:03.000Z

The go-upnp package always forwards both TCP and UDP to make things easier for the client. Granted, we wrote that package many years ago; I'm not sure I would make that same design decision today. If you feel strongly about it, I'm not opposed to adding ForwardTCP and ForwardUDP methods to go-upnp. But to be clear, the behavior you're observing is normal.

Answer 2 · 2021-09-26T15:37:11.000Z

I don't feel that strongly. It just feels incorrect that it is grabbing ports it does not need. It is the only app I've seen doing this. Anyway, more important to me while I have a block of IPs, is #42. I would possibly class this as a low priority bug.

Answer 3 · 2021-10-02T08:50:18.000Z

I have just seen on Discord #Announcements the problem with the DDOS attack last summer and your recommendation to Block UDP traffic on port 9981-9983. Sia only uses TCP., but it is Sia itself which is opening the ports if you are behind a uPnP enabled router. Perhaps this issue should have its priority raised?

Answer 4 · 2021-10-02T15:31:32.000Z

Hmm, fair. IIRC it was often the routers themselves that were being overwhelmed, so hard to say if not forwarding UDP to siad would have made a big difference. But it certainly couldn't have hurt. I'll go ahead and implement this.