This tutorial is intented for people who use a linux box as their router and need UPnP for Games or any other services. I had a problem playing Destiny with two Playstation 4 consoles in same house, getting error when tried to join a fireteam: Unable to join target player. Please try again<\/p>\n
I assume PPP0 is your PPPoE Interface and eth0 is your external WAN interface (used by PPPoE) and eth1 your LAN interface<\/p>\n
– Install package<\/strong><\/p>\n apt-get update – Configure<\/strong><\/p>\n \/etc\/upnpd.conf<\/p>\n # To change the interfaces used edit: iptables_location = “\/sbin\/iptables” \/etc\/default\/linux-igd<\/p>\n EXTIFACE=ppp0 – IPTABLES<\/strong><\/p>\n # UPNP (before INPUT) # INPUT – ROUTE – Enable linux-igd (systemctl)<\/strong><\/p>\n systemctl enable linux-igd.service – Check if everything is working<\/strong><\/p>\n iptables -L<\/p>\n Example:<\/p>\n Chain INPUT (policy DROP) Chain FORWARD (policy DROP) Chain OUTPUT (policy ACCEPT) Chain UPNP_FORWARD (1 references) iptables -S<\/p>\n -P INPUT DROP You can use this application to test if your linux box (router gateway) is accepting\/discoverable UPnP requests.<\/p>\n Application (Windows): http:\/\/noeld.com\/dl.asp?filename=upnptest.zip This tutorial is intented for people who use a linux box as their router and need UPnP for Games or any other services. I had a problem playing Destiny.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[560,562,563,559,564,565,561,558],"class_list":["post-358","post","type-post","status-publish","format-standard","hentry","category-linux","tag-debian","tag-destiny","tag-games","tag-iptables","tag-libupnp6","tag-linux-igd","tag-playstation","tag-upnp"],"_links":{"self":[{"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/posts\/358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/comments?post=358"}],"version-history":[{"count":11,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/posts\/358\/revisions"}],"predecessor-version":[{"id":411,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/posts\/358\/revisions\/411"}],"wp:attachment":[{"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/media?parent=358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/categories?post=358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.syshalt.net\/index.php\/wp-json\/wp\/v2\/tags?post=358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\napt-get install libupnp6 libupnp6-dev linux-igd<\/p>\n
\n# \/etc\/default\/linux-igd<\/p>\n
\ndebug_mode = 2
\ncreate_forward_rules = yes
\nforward_rules_append = no
\nforward_chain_name = UPNP_FORWARD
\nprerouting_chain_name = UPNP_PREROUTING
\n#upstream_bitrate = 512000
\n#downstream_bitrate = 512000
\nduration = 86400
\ndescription_document_name = gatedesc.xml
\nxml_document_path = \/etc\/linuxigd
\nlistenport = 0
\nparanoid = 0<\/p>\n
\nINTIFACE=eth1
\nALLOW_MULTICAST=yes
\n#UPNPD_USER=$NAME:$NAME
\n#UPNPD_GROUP=$NAME
\n#CHROOT_DIR=\/var\/chroot\/$NAME
\nforward_chain_name=UPNP_FORWARD
\nprerouting_chain_name=UPNP_PREROUTING<\/p>\n
\niptables -t filter -N UPNP_FORWARD
\niptables -t filter -A FORWARD -j UPNP_FORWARD
\niptables -t nat -N UPNP_PREROUTING
\niptables -t nat -A PREROUTING -j UPNP_PREROUTING<\/p>\n
\niptables -t filter -A INPUT -i eth1 -d 239.0.0.0\/8 -j ACCEPT
\niptables -t filter -A INPUT -i eth1 -p tcp –dport 49152 -j ACCEPT
\niptables -t filter -A INPUT -i eth1 -p udp –dport 1900 -j ACCEPT<\/p>\n
\n<\/strong>route add -net 239.0.0.0 netmask 255.0.0.0 eth1<\/p>\n
\nsystemctl start linux-igd.service<\/p>\n
\ntarget\u00a0\u00a0\u00a0\u00a0 prot opt source\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 destination
\nACCEPT\u00a0\u00a0\u00a0\u00a0 all\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere
\nACCEPT\u00a0\u00a0\u00a0\u00a0 all\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere
\nACCEPT\u00a0\u00a0\u00a0\u00a0 all\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 state RELATED,ESTABLISHED
\nACCEPT\u00a0\u00a0\u00a0\u00a0 icmp —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 icmp echo-request
\nACCEPT\u00a0\u00a0\u00a0\u00a0 tcp\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 tcp dpt:http
\nACCEPT\u00a0\u00a0\u00a0\u00a0 tcp\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 tcp dpt:https<\/p>\n
\ntarget\u00a0\u00a0\u00a0\u00a0 prot opt source\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 destination
\nUPNP_FORWARD\u00a0 all\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere
\nTCPMSS\u00a0\u00a0\u00a0\u00a0 tcp\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 tcp flags:SYN,RST\/SYN TCPMSS clamp to PMTU
\nACCEPT\u00a0\u00a0\u00a0\u00a0 all\u00a0 —\u00a0 192.168.1.0\/24\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 anywhere
\nACCEPT\u00a0\u00a0\u00a0\u00a0 all\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 192.168.1.0\/24\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 state RELATED,ESTABLISHED<\/p>\n
\ntarget\u00a0\u00a0\u00a0\u00a0 prot opt source\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 destination<\/p>\n
\ntarget\u00a0\u00a0\u00a0\u00a0 prot opt source\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 destination
\nACCEPT\u00a0\u00a0\u00a0\u00a0 udp\u00a0 —\u00a0 anywhere\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 192.168.1.104\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 udp dpt:9308<\/p>\n
\n-P FORWARD DROP
\n-P OUTPUT ACCEPT
\n-N UPNP_FORWARD
\n-A INPUT -i lo -j ACCEPT
\n-A INPUT -i eth1 -j ACCEPT
\n-A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
\n-A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT
\n-A INPUT -i ppp0 -p tcp -m tcp –dport 80 -j ACCEPT
\n-A INPUT -i ppp0 -p tcp -m tcp –dport 443 -j ACCEPT
\n-A FORWARD -j UPNP_FORWARD
\n-A FORWARD -p tcp -m tcp –tcp-flags SYN,RST SYN -j TCPMSS –clamp-mss-to-pmtu
\n-A FORWARD -s 192.168.1.0\/24 -o ppp0 -j ACCEPT
\n-A FORWARD -d 192.168.1.0\/24 -i ppp0 -m state –state RELATED,ESTABLISHED -j ACCEPT
\n-A UPNP_FORWARD -d 192.168.1.104\/32 -p udp -m udp –dport 9308 -j ACCEPT<\/p>\n
\nWebsite of author: http:\/\/noeld.com\/programs.asp?cat=dstools<\/p>\n","protected":false},"excerpt":{"rendered":"