openwrt · Self-Hosting-Group · Nov 27, 2025 · Nov 27, 2025 · Nov 27, 2025 · Nov 27, 2025
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=miniupnpd
-PKG_VERSION:=2.3.7
+PKG_VERSION:=2.3.9
 PKG_RELEASE:=1
 
-PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files
+PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp/releases/download/miniupnpd_$(subst .,_,$(PKG_VERSION))
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_HASH:=fbdd5501039730f04a8420ea2f8f54b7df63f9f04cde2dc67fa7371e80477bbe
+PKG_HASH:=66cb3c3d697ab2bb3a61d3c48628166d6ba328d7c2dbeb95898fdf2a3202af7b
 
 PKG_MAINTAINER:=
 PKG_LICENSE:=BSD-3-Clause
@@ -80,22 +80,28 @@ CONFIGURE_ARGS = \
 	--portinuse \
 	--firewall=$(BUILD_VARIANT) \
 	--disable-fork \
+	--disable-pppconn \
+	--vendorcfg \
 	--regex
 
 TARGET_CFLAGS += $(FPIC)
 TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
 
 ifeq ($(BUILD_VARIANT),iptables)
+ifeq ($(filter $(ARCH),mips mipsel),)
 	TARGET_CFLAGS += -flto
 endif
+endif
 
 define Package/miniupnpd/install/Default
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/miniupnpd $(1)/usr/sbin/miniupnpd
 	$(INSTALL_BIN) ./files/miniupnpd.init $(1)/etc/init.d/miniupnpd
+	$(INSTALL_BIN) ./files/upnpd-migration.uci-defaults $(1)/etc/uci-defaults/99-miniupnpd-upnpd-migration
 	$(INSTALL_CONF) ./files/upnpd.config $(1)/etc/config/upnpd
 	$(INSTALL_DATA) ./files/miniupnpd.hotplug $(1)/etc/hotplug.d/iface/50-miniupnpd
 endef

diff --git a/net/miniupnpd/files/firewall3.include b/net/miniupnpd/files/firewall3.include
@@ -20,39 +20,39 @@ iptables_prepend_rule() {
 	local chain="$3"
 	local target="$4"
 
-	$iptables "$IPTARGS" -t "$table" -I "$chain" $($iptables "$IPTARGS" -t "$table" --line-numbers -nL "$chain" | \
+	$iptables "$IPTARGS" -t "$table" -I "$chain" $($iptables "$IPTARGS" -t "$table" --line-numbers -nL "$chain" |
 		sed -ne '$s/[^0-9].*//p') -j "$target"
 }
 
 ADDED=0
 
 add_extzone_rules() {
-    local ext_zone="$1"
-
-    [ -z "$ext_zone" ] && return
-
-    # IPv4 - due to NAT, need to add both to nat and filter table
-    # need to insert as penultimate rule for input & forward & postrouting since final rule might be a fw3 REJECT
-    iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_input" MINIUPNPD
-    iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
-    $IPTABLES -t nat -A "zone_${ext_zone}_prerouting"  -j MINIUPNPD
-    iptables_prepend_rule "$IPTABLES" nat "zone_${ext_zone}_postrouting" MINIUPNPD-POSTROUTING
-
-    # IPv6 if available - filter only
-    [ -x $IP6TABLES ] && {
-	iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_input" MINIUPNPD
-	iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
-    }
-    ADDED=$(($ADDED + 1))
+	local ext_zone="$1"
+
+	[ -z "$ext_zone" ] && return
+
+	# IPv4 - due to NAT, need to add both to nat and filter table
+	# need to insert as penultimate rule for input & forward & postrouting since final rule might be a fw3 REJECT
+	iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_input" MINIUPNPD
+	iptables_prepend_rule "$IPTABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
+	$IPTABLES -t nat -A "zone_${ext_zone}_prerouting" -j MINIUPNPD
+	iptables_prepend_rule "$IPTABLES" nat "zone_${ext_zone}_postrouting" MINIUPNPD-POSTROUTING
+
+	# IPv6 if available - filter only
+	[ -x $IP6TABLES ] && {
+		iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_input" MINIUPNPD
+		iptables_prepend_rule "$IP6TABLES" filter "zone_${ext_zone}_forward" MINIUPNPD
+	}
+	ADDED=$(($ADDED + 1))
 }
 
 # By default, user configuration is king.
 
-for ext_iface in $(uci -q get upnpd.config.external_iface); do
-    add_extzone_rules $(fw3 -q network "$ext_iface")
+for ext_iface in $(uci -q get upnpd.settings.external_iface); do
+	add_extzone_rules $(fw3 -q network "$ext_iface")
 done
 
-add_extzone_rules $(uci -q get upnpd.config.external_zone)
+add_extzone_rules $(uci -q get upnpd.settings.external_zone)
 
 [ "$ADDED" -ne 0 ] && exit 0
 
@@ -66,7 +66,7 @@ network_find_wan wan_iface
 network_find_wan6 wan6_iface
 
 for ext_iface in $wan_iface $wan6_iface; do
-    # fw3 -q network fails on sub-interfaces => map to device first
-    network_get_device ext_device $ext_iface
-    add_extzone_rules $(fw3 -q device "$ext_device")
+	# fw3 -q network fails on sub-interfaces => map to device first
+	network_get_device ext_device $ext_iface
+	add_extzone_rules $(fw3 -q device "$ext_device")
 done
diff --git a/net/miniupnpd/files/miniupnpd.hotplug b/net/miniupnpd/files/miniupnpd.hotplug
@@ -1,41 +1,33 @@
+#!/bin/sh
 /etc/init.d/miniupnpd enabled || exit 0
 
-# If miniupnpd is not running:
-# - check on _any_ event (event updates may contribute to network_find_wan*)
-
-# If miniupnpd _is_ running:
-# - check only on ifup (otherwise lease updates etc would cause
-#   miniupnpd state loss)
+# If daemon is:
+# - not running: check on any event (event updates may contribute to network_find_wan*)
+# - running: check only on ifup (otherwise lease updates etc. would cause daemon state loss)
 
 [ "$ACTION" != "ifup" ] && /etc/init.d/miniupnpd running && exit 0
+uci -q get upnpd.settings.config_file >/dev/null && exit 0
 
 tmpconf="/var/etc/miniupnpd.conf"
-external_iface=$(uci -q get upnpd.config.external_iface)
-external_iface6=$(uci -q get upnpd.config.external_iface6)
-external_zone=$(uci -q get upnpd.config.external_zone)
+external_iface=$(uci -q get upnpd.settings.external_iface)
+external_iface6=$(uci -q get upnpd.settings.external_iface6)
+external_zone=$(uci -q get upnpd.settings.external_zone)
 [ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"
 
 . /lib/functions/network.sh
-
-if [ -n "$external_iface" ] ; then
+if [ -n "$external_iface" ]; then
 	network_get_device ifname "$external_iface"
+elif [ -n "$external_zone" ]; then
+	ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
 else
-	if [ -n "$external_zone" ] ; then
-		ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
-	else
-		network_find_wan external_iface && \
-			network_get_device ifname "$external_iface"
-	fi
+	network_find_wan external_iface && network_get_device ifname "$external_iface"
 fi
-if [ -n "$external_iface6" ] ; then
+if [ -n "$external_iface6" ]; then
 	network_get_device ifname6 "$external_iface6"
+elif [ -n "$external_zone" ]; then
+	ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
 else
-	if [ -n "$external_zone" ] ; then
-		ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
-	else
-		network_find_wan6 external_iface6 && \
-			network_get_device ifname6 "$external_iface6"
-	fi
+	network_find_wan6 external_iface6 && network_get_device ifname6 "$external_iface6"
 fi
 
 [ "$DEVICE" != "$ifname" ] && [ "$DEVICE" != "$ifname6" ] && exit 0