UPnP (Universal Plug and Play) is a set of networking protocols that simplifies network interoperability for network-enabled devices and software. In particular, this software provides some interoperability with Windows networks and some desktop software.
UPnP should only be used on a home or trusted network. Avoid using this software on office, school other other untrusted networks. To quote the author of the UPnP implementation used in ClearOS:
There are many opponents against UPnP. However, we feel that Open Source is all about giving people choices, and letting intelligent people make intelligent decisions about its use. A lot of us really need this daemon, and can live with the consequences because we are simply connecting a home network to the internet through one IP.
UPnP version 1.0 is inherently flawed. What appears to have happened is that in Microsoft's first UPnP implementation they weren't concerned with security or any advanced controls. Simply all they wanted was connectivity. So we are stuck with this for now. The UPnP server, by itself, does no security checking. If it receives a UPnP request to add a portmapping for some IP address inside the firewall, it just does it. Theoretically this could open up ports on some other system.
To install UPnP support, run the following command:
yum --enablerepo=clearos-contribs install miniupnpd
In ClearOS 5.x, run:
yum --enablerepo=base-extras install linuxigd
There's not much to configure with the UPnP system. In the Webconfig system, go to the System|Resources|Services in the menu. You will be able start/stop the UPnP service and change its boot policy.
It appears that there is an issue with linuxigd when multiple clients request the same port, for example when you have several XBox's on the same network. Multiple firewall rules are created but only the first request actually works. There is an alternative UPnP called MiniUpnp Daemon, and can be found on the forum here:-