* use '$ddns_rundir' in 'get_service_data' for pipe creation, fix#8971
* add missing local variables in 'get_service_data'
* change DNS server verification with drill in 'verify_host_port',
fix/supersed #8935
* remove needless cat calls in 'verify_host_port'
* set cloudfare TTL to min. 120 seconds, fix#7745
* bump/align package version number
Signed-off-by: Dirk Brenken <dev@brenken.org>
the latest update url format for deSEC is
http(s)://update.dedyn.io/update?username=[USERNAME]&password=[PWD]
Signed-off-by: James Qian <sotux82@gmail.com>
Note: this should prevent wget to writing to /root/.wget-hsts
which can lead to flash memory degradation.
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
This prevents updates from failing if multiple instances of the
script are running in parallel. This fixes#7492.
Signed-off-by: Martin Konrad <info@martin-konrad.net>
* replace shell based urlencoder with an awk variant
* fix write_log function/syslog output in case of an error
* protect answer string with double quotes in update_route53
* remove bogus set/IFS options in update_route53
* clean-up update_route53 a little bit
This patchset finally fix#6977
Many thanks to @mark0n & @a-bali for testing & debugging
Signed-off-by: Dirk Brenken <dev@brenken.org>
Option 'ip_source' was silently ignored during public IP discovery.
Discovery (in spite of chosen 'ip_source') was based only on
'ip_network', 'ip_interface', 'ip_script' or 'ip_url' options (in this
order) if they were set. This could lead to misleading log entries
"Detect local IP on '$ip_source'" pointing to source that wasn't really
used.
Now only option relevant to configured 'ip_source' is taken into
account.
Signed-off-by: Jacek Politowski <dev@jpol.net.pl>
Since certain characters are dangerous to pass as-is to a sub shell,
sanitize the character set and only allow characters that are considered
valid for DNS hosts and filter shell escape characters on generic parameters.
Disable pathname expansion on RUNPROG evals to disable the shell expanding *,
? and [ in the arguments.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
new ddns script for polish service FreeDNS.42.pl where you can
host your own domains for free
Signed-off-by: Michal Lipka <michal@sysadmin.care>
(commits from PR #6150 squashed together)
Currently this 3 variable are used only 1 time in the sh script and cause 10s of delay for them to load... move them to load only if it's required by the command. This also fix luci-app-ddns delay problem derived by calling dns_lucihelper (that use tdns_functions to load data) for the version.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
- Add valid responses "good|nochg" so that ddns-script could recognize "badauth"
error that comes with http 200 code
- Switch url to https scheme. "now-dns.com" always returns 302 redirect
to https:// for all plain-text http requests. Since working via default
plain-text http is not possible anyway, forcing url to https prevents
curl sending unencrypted plain-text credentials via basic auth
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Rewritten Pull for #5885
When ran from the command line, the script prints
error messages like below. They are caused by supplying
empty "$password" and "$URL_PASS" for some log messages
like "130822 : Detect local IP on 'interface'".
The fix is to check if the values are not empty before running
through sed.
/etc/init.d/ddns start
sed: no previous regexp
Reported by Marc Benoit <marcb62185@gmail.com>
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Write *.ip file with current registered IP, whenever "get_registered_IP" is called (used by next luci-app-ddns version)
Changed detection of cURL proxy support #3876
Reread data from ubus if "get_local_ip" from "ip_network" #5004#3338
Fix godaddy_com_v1 #5285
Implement "param_opt" for "cloudflare_com_v4" #5097
Inside logfile "*password*" printed in stead of real password #5281 and others
Add ipv4 service "dnsever.com" #5178
Add ipv4 service "myip.co.ua" #5199
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
gzip create a header by default containing the filename
and the timestamp of the file.
This timestamp will break reproducible builds [0].
[0] https://reproducible-builds.org/docs/timestamps/
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Maintainer: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Run tested: LEDE Reboot 17.01.3 r3533-d0bf257c46
Description:
user.err ddns-scripts: IP update not accepted by DDNS Provider
dynv6.com response "unchanged" is OK
Signed-off-by: Ernest Moshkov <e.moshkov@gmail.com>
Dynu.com already support IPV6 updates using the parameter myipv6, adding to services_ipv6 to enable support in OpenWRT/LEDE
Signed-off-by: Phil John <philjohn@gmail.com>
afraid.org has a new update API with better IPV6 support. It needs to be
specifically enabled for each domain, so the original v1 api has been
Signed-off-by: Thomas Guyot-Sionnest <dermoth@aei.ca>
remove answer checking for dnsexit as their API allows for too many return codes to handle them all.
Signed-off-by: Xavier Douville <zorxd@users.noreply.github.com>
For consistency, use full name instead of $(PKG_NAME) in define and eval
lines for all packages.
I've seen reviews that asked to do this before, and I am asking the same
during reviews now. To avoid this in the future, fix this treewide so
when people use existing packages as example, we will not have to
request this change anymore.
This makes all packages consistent with both LEDE and OpenWrt base
repositories.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- fix ip extraction if knot host is used together with glue records
- fix ip extraction from nslookup if reverse dns record has ip with dot reported at http://forum.lede-project.org/t/ddns-scripts-error/909
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- cloudflare v1 change syntax of option domain to "host.sub@example.com" like already cloudflare v4 and godaddy to prepare logterm remove of public_suffix_list.dat from package
- change Makefile to be backportable to CC15.05 and working on DD
- change ddns.defaults to prepare future releases of ddns-scripts
- minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- no longer build public_suffix_list.dat.gz during build #3678
- replace "\s" with "[[:space:]]" inside Makefile because "\s" ignored by some sed versions
- tools/public_suffix_list.sh still available to rebuild public_suffix_list.dat.gz outside OpenWRT/LEDE build system
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Get public_suffix_list.dat without using secure connection. #3678
File generated during build, because it's the only option to have an
actual version packaged.
Long term Cloudflare_v1 package will be changed to no longer need
public_suffix_list.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Fix return codes, if ip data at Godaddy.com and Cloudflare.com are
already up to date, handle it as succesful update.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- update_cloudflare_com_v4.sh: enclose urls in single quotes
- dynamic_dns_functions.sh: force to return only one ip, if using nslookup to get registered ip
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
modified Makefile to:
- stop service before install when updating reported at http://forum.lede-project.org/t/ddns-scripts-upgrade-issue/456/1
- run uci-defaults for all packages
- modify services files only on new installation
still some commands already covered by default_postinst() etc. but they are in there for backward compatibilty.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- tld_names.dat.gz
- rename to public_suffix_list.dat.gz
- (re)created during build
- new location /usr/share
- move services files to /etc/ddns
- new services
- CloudFlare.com-v4 using API-Version 4 without using public_suffix_list.dat
- GoDaddy.com
- both depending on cURL package
- both with modified syntax for option domain ( NEW: [host[.subdom]@]domain.tld )
- new service
- Now-DNS.com formerly Now-IP.com
- service afraid.org now supports key-auth and basic-auth
- new command line options for dynamic_dns_updater.sh and dynamic_dns_updater.sh
- adapted ddns.init and ddns.hotplug to new command line options
- renaming config options inside section global
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
remove postinst (of main package) from Makefile because all is done inside uci-defaults scripts
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
commands to apply changes introduced during release changes, moved from Makefile postinst to /etc/uci-defaults
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- if local ip cannot be detected or is invalid then do not exit ddns-scripts #2950,
using multiple url's to detect local ip not jet implemented
- change spdns.de update url and add sydyn.de inside services file #2991
- move transfer- and lookup-program detection to dynamic_dns_functions.sh
so run once at startup in stead of at every transfer/lookup
- add khost, drill and hostip to verify_host_port() function
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- fix handling of parameter "is_glue" and "dns_server" to work with luci-app-ddns
- update TLD_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Assuming the following dns zone configuration for kresin.me:
. 1800 IN NS ns.inwx.de.
home.kresin.me. 1800 IN NS gw.home.kresin.me.
gw.home.kresin.me. 60 IN A 198.51.100.1
Using the example, gw.home.kresin.me is a glue record and used as DDNS
record as well. gw.home.kresin.me points to the OpenWrt installation
where the ddns-scripts are running.
Since ns.inwx.de isn't the authoritative server for home.kresin.me,
a query for the the A record of gw.home.kresin.me will be "forwarded"
to and replied by the authoritative server 198.51.100.1. If the
authoritative server can't be reached, the query times out without any
address returned.
The only way to get the A record of the glue record is to use bind
host in verbose output mode, query ns.inwx.de for gw.home.kresin.me and
evaluate the additional section of the response.
To my knowledge, only bind host in verbose output mode shows the
additional section of the response. Therefore, this features depends on
bind host.
It is not possible to use the bind host verbose mode for all queries.
In verbose mode the "has address" line isn't returned. Grepping for the
hostname might fail if the hostname is CNAME. Grepping for the first
occurrence of an ip-address is way to error prone, since it could
return the ip address of a different record type.
Signed-off-by: Mathias Kresin <dev@kresin.me>
- add DNS lookup support for "drill" and "khost" (Knot DNS) #2637
- new service nsupdate.info (IPv4 and IPv6) #2433
- new services dyndnss.net, dyns.net (IPv4 only)
- new services dnshome.de, goip.de, myonlineportal.net (IPv4 and IPv6)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- roll back to "old" update_url of freedns.afraid.org fix for #2445 and openwrt/luci#661
- add provider nubem.com (IPv4 only)
- add provider nettica.com (IPv4 only)
- add provider zerigo.com (IPv4 and IPv6)
- add provider regfish.de (IPv4 and IPv6)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- renamed (lower case) filenames and servicenames for no-ip.com, cloudflare.com and bind_nsupdate including modifing existing configurations #2375
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- new function expand_ipv6()
- expand IPv6 before compare https://dev.openwrt.org/ticket/21725
- Fix split_FQDN() to return host.subdomain correctly #2334
- modified check for musl library used by nslookup #2341#2346 thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- add support for "hostip" to get_registered_ip() as alternative to "Bind host" package https://dev.openwrt.org/ticket/20893#comment:5
- allow to send updates using compiled-in certificate file/path of curl/wget #2242#2243#2245
- add support for uclient-fetch / libustream-ssl.so
- remove /128 prefix-filter in get_local_ip() via interface #2268
- add dyndns.org to services_ipv6 https://forum.openwrt.org/viewtopic.php?id=62103
- readd duckdns.org to services #2251 (lost somewhere in data heaven)
- add zzzz.io service #2302
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
This is necessary when there are multiple records for the same domain,
otherwise the script will overwrite the first one returned by the API.
It has the secondary benefit of allowing faster updates by performing
only one API call instead of two.
In case 'rec_id' is not set the script behaves exactly as before.
Signed-off-by: Leonardo Brondani Schenkel <leonardo@schenkel.net>
Added dy.fi dynamic dns provider into ddns-scripts (ipv4) services file.
Tested-by: Vaasa Hacklab ry <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
Added dy.fi dynamic dns provider into ddns-scripts (ipv4) services file.
Tested-by: Vaasa Hacklab ry <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
- add -V / --version parameter to show version information
- new option lookup_host as host to use by nslookup/host to validate IP address changes, to be separate from [DOMAIN] parameter which produces a lot of questions in the forum and on multi-host updates
- new option param_enc for optional usage inside update_url [PARAMENC] (will be send urlencoded)
- new option param_opt for optional usage inside update_url [PARAMOPT]
- new service strato.de (IPv4 only) requested by ludwig.jaffe@
- new service variomedia.de (IPv4 & IPv6) requested by Wolfgang Oertl #1884
- rewritten function get_service_data to read services/service_ipv6 file
- allow 3rd parameter inside services/service_ipv6 file - here should be the answer of the ddns provider on success. If parameter is set, it's checked by ddns-scripts and report errors to logfile/syslog if failed and retry
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
fixed sed when filtering IP address from nslookup output
because "Server:" block might have multiple address lines.
Thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* fix Makefile to force compression of tld_names.dat reported in OpenWrt Ticket 19597
* change default of retry_count to "0" (retry endless) suggested by Henning Schild
* updated tld_names.dat include changes until 07.05.2015
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* fix problem with lucihelper script reported in OpenWrt Ticket 19419
* rewritten split_FQDN fixing detection errors and using zcat
* updated tld_names.dat and .gz compressed to save space
* add LoopiaDNS (loopia.se) to services_ipv6
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* new service "bind-nsupdate" using nsupdate to directly updates a PowerDNS or Bind server via nsupdate.
suggested by Jan Riechers (Pull #957) many thanks!
* updated tld-names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
new option "use_curl" to force the use of curl if GNU Wget and curl are installed
fix initscript reload(): reload and not restart if killall -1 fails
BusyBox nc not support -v in every compiled version
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
modified source directory structure
- files for production files
- samples for sample files (not installed in final build)
modified Makefile
- separate options for additional provider scripts
- remove comments and empty lines from final build
add IPv4 100.64/10 (RFC 6598) and 169.254/16 (RFC 5735) to the range of default blocked IP's.
new option "bind_network" to force GNU Wget or cURL to use specific network/interface for communication
new "domains.google.com" as IPv4 DDNS provider #822
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
restructure startup of dnymaic_dns_updater.sh
- first run load_all_config_options (it returns 1 if SECTION_ID not found) #779
- set all defaults if necessary
- verify if username and/or password is needed inside update_url #779
- remove wait - will be done by retry_interval and retry_count if communication fails
provider specific update scripts
- verify if username/password are needed
services_ipv6
- added freedns.afraid.org
- IPv6 should work due to their documentation
minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
* remove CHANGELOG from distribution
* fix syslog output printing "\n" or other formating chars
* ddns configuration
- new UCI-config value ddns.global.allow_local_ip "0" or "1"
(default "0") - (OpenWrt Ticket 18642)
* dynamic_dns_functions.sh
- new function split_FQDN() splits a given FQDN into host,
(registerable) domainname, and TLD using
https://publicsuffix.org/list/effective_tld_names.dat
- verify_host_port() use BIND host, if installed
- verify_host_port() not detecting ip, if already given
- fixed regexp for IP detection from nslookup's answer - (OpenWrt
Ticket 16363)
- support ddns.global.allow_local_ip to allow sending non public IP's
to DDNS provider like 127.x, 192.168.x.x or fxxx - (OpenWrt Ticket
18642)
* new file tld_names.dat
- used by dynamic_dns_functions.sh inside split_FQDN() function to
find valid TLD's
* update_cloudflare.sh
- modified subdomain/domain splitting using split_FQDN()
- modified support for AA12.09 (json_get_keys())
- minor fixes and cleanup
- many thanks to Aaron Tanner for testing
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- moved /usr/lib/ddns/dynamic_dns_lucihelper.sh from luci-app-ddns into this package
(Github openwrt/luci issue 251)
(OpenWrt Trac tickets 18326 18347)
- fix: dynamic_dns_update.sh did not loop
(OpenWrt Trac ticket 18336)
- add provider cloudflare.com IPv4 and IPv6 (Thanks to Paul for support and testing)
(OpenWrt Trac ticket 12500)
- modified detection, if dynamic_dns_fuctions are used by dynamic_dns_lucihelper.sh
- redirect stdout of wget,curl,host,nslookup,nc etc to /tmp/ddns_$$.dat and *.err instead of variables
- extended error detection in get_local_ip function
- modified verify of option ip_script to allow parameters, when calling
- add provider selfhost.de IPv4
- add provider no-ip.pl (nothing to do with no-ip.com)
(Github openwrt/packages issue #542)
IPv4 (tested) and also added for
IPv6 (NOT tested) because client IP is autodetected be provider
- add getlocalip_sample.sh as sample script for usage of
option ip_source 'script' together with
option ip_script '/usr/lib/ddns/getlocalip.sh -4'
- cleanup whitespaces at line ends
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
- fixed postinst and prerm in Makefile
- implementation of provider specific update scripts into services and
services_ipv6 file.
first Provider "no-ip.com" - Thanks to DarkStarXxX for
request and testing
- finished uci/ddns wiki at http://wiki.openwrt.org/doc/uci/ddns
- rewritten retry management
- rewritten logging including following Issue 469
https://github.com/openwrt/packages/issues/469
- stop running sections on hotplug ifdown event (like start on ifup)
- implement trap detection
also kill "sleep" child processes
SIGHUP to reload configuration (not really reloading, simply
starting a new process)
/etc/init.d/ddns reload implemented
- code optimization
- new provider LoopiaDNS.se Issue 494
https://github.com/openwrt/packages/issues/494
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Changed the verify of DNS server and proxy at script start to retry the
verify if there are connection problems during verify
plus some minor changes.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
