Starting from the AsteriskNow 1.7 CD image we built a router/gateway. One of the more complicated parts was the install of miniupnpd to handle UPnP and NAT-PMP. The project homepge is miniupnp.free.fr. As of this writing the current stable version is 1.6.
The INSTALL instruction file included in the tgz distribution is a very good start. You will need to install iptables-devel. According to the miniupnp.tuxfamily.org forums you may need to:
what you need to do is determine the exact version of iptables you have installed:
rpm -q iptables
rpm -q iptables-develThen download the source from netfilter.org, and copy the include/libiptc directory to your /usr/include/libiptc directory (create it if it’s not there)
The INSTALL notes will guide you through the little bit that needs to be configured fro interfaces and ports.
The forum discussion mentioned above also includes a replacement /etc/init.d/miniupnpd script for Red Hat/CentOS. This allows for start, stop and status in the same manner as other services. You may need to copy the netfilter/iptables_display.sh script to the /etc/miniupnpd folder.
use chkconfig --add miniupnpd to add to startup.
#!/bin/sh
#
# "$Id: miniupnpd.init.d.rhel,v 1.00 2008/10/25 03:16:12 pmcgee Exp $"
#
# Startup/Shutdown/Restart script for miniupnpd daemon (init.d)
# on Red Hat Enterprise Linux
#
# Linux chkconfig stuff:
#
# chkconfig: 2345 90 30
# description: startup/shutdown/reset script for miniupnpd \
# on Red Hat Enterprise Linux
#
# processname: miniupnpd
# pidfile: /var/run/miniupnpd.pid
# configpath: /etc/miniupnpd/
# configfile: miniupnpd.conf
# Source function library.
. /etc/init.d/functions
# Include user config file if available
if [ -f /etc/sysconfig/miniupnpd ]; then
. /etc/sysconfig/miniupnpd
fi
# assign default values if nothing specific in /etc/sysconfig/miniupnpd
prog=${BINARY-"miniupnpd"}
binpath=${BINPATH-"/usr/sbin/"}
pidfile=$"${PIDPATH-"/var/run/"}$prog.pid"
configpath=${CONFIGPATH-"/etc/miniupnpd/"}
configfile=${CONFIGFILE-"miniupnpd.conf"}
iptinit=${IPTABLES_INIT-"iptables_init.sh"}
iptrm=${IPTABLES_REMOVE-"iptables_removeall.sh"}
iptshow=${IPTABLES_SHOW-"iptables_display.sh"}
ARGS=$"-f $configpath$configfile"
PROG=$"$binpath$prog"
IPT_INIT=$"$configpath$iptinit"
IPT_DELE=$"$configpath$iptrm"
IPT_SHOW=$"$configpath$iptshow"
RETVAL=0
start() {
echo -n $"Starting miniupnpd ($PROG): "
$IPT_INIT > /dev/null 2>&1
$PROG $ARGS && success || failure
RETVAL=$?
echo
}
stop() {
echo -n $"Stopping miniupnpd ($PROG): "
if [ -n "`pidfileofproc $PROG`" ] ; then
killproc $PROG
else
failure $"Stopping miniupnpd ($PROG)"
fi
RETVAL=$?
$IPT_DELE > /dev/null 2>&1
echo
}
mystatus() {
status $PROG
RETVAL=$?
echo
echo -n "Dumping IPTABLES Information: "
if [ -f $IPT_SHOW ]; then
echo
$IPT_SHOW
else
failure $"IP Tables display script not found"
fi
echo
}
# Parse CLI arguments
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload|force-reload)
stop
sleep 2
start
;;
status)
mystatus
;;
*)
echo $"Usage: $0 {start|stop|restart|status}"
RETVAL=1
esac
exit $RETVAL
After install we tested using a Transmission as the client. We also tested the resulting firewall against several online scanner with good results.