You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The default logging level for miniupnpd does not show add/delete/change logs for NAT and Firewall manipulations in the routing log file.
Form a security standpoint, this is highly undesirable. Security Operations Centers will want to monitor this activity in a SIEM (Security Information and Event Manager) since this code often runs on firewalls.
Please add this very critical security functionality for add/delete/change operations, ideally in standard RFC3164 syslog compliant output, and include at a minimum:
internal port
external port
internal IP
external IP
protocol
(Nice to Have) The name of the UPNP requesting agent if available (ex. demonware, etc.)
Thanks
The text was updated successfully, but these errors were encountered:
The request was really about the 'default' logging level, The -v option is known and understood. Ideally, miniupnpd should log firewall and NAT manipulation out of the box without having to take manual action such as restarting the service in verbose mode. Also, the logs are not really in a standard format, and could benefit from some standardization that makes them easier to digest in a SIEM. Things like variable=value, or ext_port=3075. Don't use spaces like "ext port %h" or "external port: %h".
The default logging level for miniupnpd does not show add/delete/change logs for NAT and Firewall manipulations in the routing log file.
Form a security standpoint, this is highly undesirable. Security Operations Centers will want to monitor this activity in a SIEM (Security Information and Event Manager) since this code often runs on firewalls.
Please add this very critical security functionality for add/delete/change operations, ideally in standard RFC3164 syslog compliant output, and include at a minimum:
Thanks
The text was updated successfully, but these errors were encountered: