Silly hack: Fixing Rainbow Six’s UPNP The Wrong Way 1/3

Rainbow Six Siege is an FPS from Ubisoft released at December 2015. I’ve been playing it surprisingly much after purchasing it in April 2016.

In its first year or two, the game suffered from weird networking issues, mostly affecting only some users. Mine was NAT Type: Strict, which meant that I had trouble connecting to some players’ parties.

I ended up solving that with VPN: instead of PC<->Router<->VDSL modem<->ISP<->Internet<->Ubisoft (and something bad always happening in between), using PC<->VPN<->Internet<->Ubisoft worked fine.

Anyway, at some point I decided to figure out what on earth was wrong with my setup and how I hadn’t noticed it before.

Pfsense gave immediately easy hints pointing to the issue. Convincing-looking forum posts announced that the game required myriad (=more than 3) of TCP and UDP ports, so I wasn’t going to create them manually. Let’s fix the internet(gear) instead. What’s that hostname “?

There we have RainbowSix communicating with UPNP port 2189/TCP.

Now we’re officially running Wireshark instead of playing the game.

There we have the request and following denial.

The SOAP request seems to leave with NewInternalClient empty. Seems familiar from pfsense’s log entries.

Great! The query can easily be replicated with curl. Adding the NewInternalClient value seems to make the difference:

So, instead of figuring out which of my interface ip’s to use for NewInternalClient, RainbowSix.exe left the field empty. Apparently most network gear fill the missing value with IP where the request originated. That sounds pretty reasonable. Should my pfsense’s miniupnpd do the same?

Turns out I’m not the first one here: . Another pfsense/miniupnp user having issues with the same game. Nice coincidence. Looks like I could patch the miniupnp but I don’t want to go under the hood of otherwise vanilla pfsense just for this.

So who’s to blame? There’s no mention in WANIPConnection:1 Service Template Version 1.01 (p. 26) that NewInternalClient is optional. I’m looking at you, RainbowSix.exe.


  • Instead of manually inserting dozen-ish NAT entries, I want this to be automated. The few manual inserts would’ve been the easiest route, though.
  • Instead of patching pfsense’s miniupnpd to contain the compatibility fixing commit, I decide my pfsense box is good enough and all evil is sourced from my PC.
  • Next off: patching RainbowSix.exe’s UPNP request before it leaves the workstation!