Strict rules for allowing uPNP and port forwarding

I’ve been looking at what is required in the Firewall rules for uPNP under XP SP3.

It seems all that’s required is:

Source (router)
Destination (accept a broadcast message through firewall)

…and that’s it! You need to allow explorer and svhost outbound communication over port 5000, but that’s part of the normal functioning of Comodo anyway.

What I don’t understand is, why does it say everywhere (including Windows XP’s own firewall exceptions) that port 2869 is required for inbound TCP? It’s not even used according to all the TCP listeners I’ve ran?

Google says uPNP was switched from port 5000 to port 2869 after SP2, but according to this it’s still using 5000? And port 5000 only requires outbourd TCP access, not an inbound listening port?

Does anyone here know about uPNP and exactly how it works? It’s so hard finding info on the net.