But that's not for an address, that's for an interface name. IIRC the two places where that is checked, it's checked against the interface name, like "eth0" or "wlan0".

If that's supposed to be an interface name then there is a bug in content/browser/renderer_host/pepper/pepper_socket_utils.cc - it sends result of net::IPEndPoint::ToString() as an interface name

The parameter is called "iface". It's supposed to be an interface name.

+avallee, can you comment? (AFAICT you added firewall support in pepper API)

Another related issue I see is that firewall ports are not open for WebRTC connections (see https://codesearch.chromium.org/chromium/src/content/browser/renderer_host/p2p/socket_host_udp.cc?sq=package:chromium&dr=CSs )
Is there a tracking bug for that issue?

Should the Pepper callsite just be passing "", to open the port up across all interfaces?

If that's what you want to do, then yes.

I wonder how this ever worked. Why wasn't it failing before?

Looking at the code, what I wrote about using the address was wrong.

Either it should just open the port on all interfaces or else needs to match the ip back to an interface name somewhere.

pending fix https://codereview.chromium.org/2650793003/

Jorge, I filed bug 684040 to investigate why everything still worked dispute this bug.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/58b74d7b4bbc0f48f47e2fc4f408e79571a650c5

commit 58b74d7b4bbc0f48f47e2fc4f408e79571a650c5
Author: sergeyu <sergeyu@chromium.org>
Date: Tue Jan 24 00:21:59 2017

Fix Pepper socket API to open incoming ports in the firewall.

Previously the API would request ports to be opened passing IP address
as an interface name. Updated it to pass an empty string, so the port
gets open on all interfaces.

BUG= 682339 

Review-Url: https://codereview.chromium.org/2650793003
Cr-Commit-Position: refs/heads/master@{#445556}

[modify] https://crrev.com/58b74d7b4bbc0f48f47e2fc4f408e79571a650c5/content/browser/renderer_host/pepper/pepper_socket_utils.cc