I’ve written a UPnP implementation in pure Java. It’s not complete, but it’s enough for controlling a uPnP-compatible router with. So far it has wrappers for IGD (Internet Gateway Device).
It should be reasonably easy to use, but let me know if there’s any problems. I’ve not documented much of it so far.
You are possibly the coolest rocking bloke to ever to exist! ;D
Thanks - this is great. Finally an easy option for you average player out there.
Kev
Yeah, but they don’t have IGD support built in. And I fancied a challenge, too…
Anyway, the code’s there if you want it!
What does UPnP exactly do?
I understand you can open a port for incomming network connections, so it doesnt get blocked by firewalls or something? That would be sweet! But what if the router doesn’t support UPnP?
If the router doesn’t support it you can’t use it - fair enough. However, most consumer routers (your average newbie user) come with it turned on it seems. So you can provide a button in the game to say “Configure Your Router for Hosting” - and it just sorts itself out - genius 
Kev
ofcourse many people turn it off, including myself.
JK
It allows the software to open up holes in your firewall for its use automatically.
Very handy… but also very scary as there is, to my knowledge, no security. Any prgoram that manages to run on your computer can reconfigure yuour firewall out from under you.
Which is why a great many people disable it.
I’m not a security specialist…
But if I were a worm or a trojan … I’d love that feature…
Yep, no security at all in UPnP. But the way I see it, is that users who know enough to disable UPnP are the ones who know enough to be able to open a port in their router if you ask them to (and if they trust you, obviously). The main advantage of UPnP is that the program can do that if the user doesn’t have the knowhow to do it themselves.
Well put that way Id have to agree it has some val;ue…
IF you are going to design your game so it needs the firewall reconfigured for it, its nice to provide the possability that it might be able to dop the work for you.
The other appraoch, which I admit is more constricting, is to stick with techniques which will work through a firewall without special holes opened up…
Jeff and I disagree on this… and I don’t want to debate that again
But just to offer another view… my argument for enabling UPnP is basically that if you are a worm or a trojan you already have to be running on my machine behind the firewall to use the UPnP feature… so the system the firewall is supposedly protecting is already compromised. Like locking the door after you let in the burglar. The advantage is that this limits some zombies from functioning AFTER they have installed themselves on your machine.
So disabling UPnP is one more level of protection, but in my opinion the incremental protection it offers doesn’t always outweigh the benefit to most home users that keep their virus checker up-to-date. I believe Jeff’s position is that he wants every bit of protection he can get and he knows how to configure the firewall should he need to.
I certainly agree that it would be better if UPnP offered some form of security… but I bet if you would have to enter your router login information for an application to use UPnP that you probably just crossed the line to the set of users that know how to configure the firewall anyway. If I was a trojan/worm I would just keep a list of the known default router passwords (admin/admin?), since the users that are likely to get burned by this sort of thing probably didn’t change the default password on their equipment anyway
I think it’s worth offering as an option in network games and as stated above, users that disable UPnP are probably knowledgeable enough to open ports, as long as you document what needs to be done.
I want reliable and ordered transport - but it doesn’t need to be awfully quick - so TCP is the correct solution. I want players to be able to run their own servers - which could potentially be behind a consumer router. This isn’t a made up scenario - its true for my “current” project.
UPnP provides me a great option. The only other option is write a manual on how to forward ports from routers to internal boxes - given that most these consumer routers double up as DHCP servers the IP of the host can change from time to time so the user might have to even reconfigure the forwarding each time.
What other option is there? (short of reimplementing TCP using UDP, adding a central lookup server and using punch through and session handshakes - all of which is just too prone to error)
If there was someway to secure UPnP i’d be happier. I keep expecting to find there is and just no one noticed yet
Kev
AFAIK UPnP was originally created by Microsoft - or at least they had a lot of influence on it…