said by nweaver:We'd love to.
Please email netalyzr-help@icsi.berkeley.edu
We also have a beta test version which may help as well.
Thanks!
Sending you the packet captures probably won't be necessary.
Once I did the packet captures I could see that the UPnP response was coming from a recently installed Netgear WNR1002v2-VC wireless router that was supplied to me at no cost by my ISP Comcast (how could I refuse a free router?). It is a residential grade wireless router that I am only using as an access point. It seems that even though I disabled UPnP in its html setup menu, it was still responding to UPnP queries (it also seems that you get what you pay for).
After I temporarily disabled the LAN switch port that it used, I no longer got the UPnP broken message in the test results. My next step was to manually create a real UPnP block rule for my local PC firewalls instead of relying on the GUI menu check box that claimed to disable UPnP (but which obviously only disabled inbound UPnP traffic). With that rule in place, your test now tags my UPnP support as "Not found" instead of "Broken" even with the "Broken" Netgear WiFi router back on the network. "Not found" is good, if I had seen "Not found" in the original test I ran, this sub-thread would not even exist.
As for the 01-00-5e-7f-ff-fa MAC address, that appears to just be the default MAC address used for multi-cast UPnP (and also my ignorance showing because I had never really done anything with UPnP except to disable it). Now, thanks to your test I can really be sure that it is disabled.
Anyway, your test's conclusion that a device was incorrectly answering a UPnP probe was correct. It just was not the default gateway router that was replying. That my PC's firewall was blocking UPnP replies, but allowing outbound UPnP queries just added to the situation because your test could not see the replies from my WiFi router (which it should not have been sending anyway). Thanks for a good network test and the education on what the UPnP "Broken" test result actually meant (it helped me to tighten up my network security one more notch).