firewalls such as shorewall clears all chains after restart, putting upnpd into inconsistent state. upnpd uses iptables to add DNAT entries. upnpd should also start after any firewalls Reproducible: Always Steps to Reproduce: 1. 2. 3.
can i ask you to make the changes to /etc/init.d/upnpd. in the depend() section can you add after iptables so it looks something like depend() { need net after iptables } and report back as to your findings. im afraid i dont have the resources to test right now. if this does the desired effect i shall commit changes
No response in over a year. John, can you mark this RESOLVED/{NEEDINFO|TEST-REQUEST|FIXED} depending on what you want to do with it?
Closing.
I can't say anything about other firewall scripts, but at least with shorewall you can configure shorewall itself to restart upnpd as needed: add to /etc/shorewall/stop: /etc/init.d/upnpd stop add to /etc/shorewall/started: /etc/init.d/upnp restart It should be sufficient to start upnpd with 'start' but 'restart' works just fine here. This has the added benefit that if you stop/start/reload/etc shorewall from commandline without using the init script then upnpd will also be restarted.
