Hello everybody,
I'm trying to migrate from the working-but-soon-to-be-deprecated dyndns service to the new-but-barely-working ddclient for the 4th or 5th time. I'm using cloudflare with a DNS token and dual stack.
If I use the ddclient backend, it works, but it doesn't work dual stack, so it's useless for me. If I try the opnsense backend, which apparently supports dual stack, it refuses to start. I have applied the patch f920b48a94, as suggested in this link (https://forum.opnsense.org/index.php?topic=32014.msg162767#msg162767), but it doesn't fix anything.
I would like to post some logs or something, but there's nothing, nor in the ddclient logs, nor in the backend logs, nor in the console. If I try to start it from the console with /usr/local/sbin/pluginctl -s ddclient start it says Service `ddclient' has been started. but it doesn't really do it. /usr/local/sbin/pluginctl -s ddclient status says ddclient is not running.
What version of opnsense are you running? Using 23.1.6 with CloudFlare token and ddclient backend, I needed to turn verbose logging on in order to see anything happening. I am not using IP v6.
Quote from: julsssark on April 30, 2023, 05:26:37 PM
What version of opnsense are you running? Using 23.1.6 with CloudFlare token and ddclient backend, I needed to turn verbose logging on in order to see anything happening. I am not using IP v6.
I'm using the last version, and verbose logging is on
I could not get the OPNsense backend to work with a CloudFlare token using only v4. It would generate this error:
Account XXX [cloudflare - XXX ddns] error receiving ZoneID [[{"code": 6003, "message": "Invalid request headers", "error_chain": [{"code": 6102, "message": "Invalid format for X-Auth-Email header"}, {"code": 6103, "message": "Invalid format for X-Auth-Key header"}]}]]
That looks like a different problem. I don't get any log or info.
Scrap os-ddclient. Doesn't work. Use the legacy plug-in. Every time it gets updated it gets worse. I had to switch back. Going with ddclient is a losing battle. I heard next OPNsense release the devs are removing the legacy from the repository. Big mistake. Get it while you can.
Excuse me, but why are the devs getting rid of something that just works with a piece of garbage code that barely works. Doesn't make sense to me.
Quote from: dcol on April 30, 2023, 11:08:41 PM
Scrap os-ddclient. Doesn't work. Use the legacy plug-in. Every time it gets updated it gets worse. I had to switch back. Going with ddclient is a losing battle. I heard next OPNsense release the devs are removing the legacy from the repository. Big mistake. Get it while you can.
Excuse me, but why are the devs getting rid of something that just works with a piece of garbage code that barely works. Doesn't make sense to me.
Yeah, OK, whatever, ddclient is here to stay, so I would like to migrate. Any help?
Don't trust the logs. Check on the portal of your dynDNS service or via pingin your domain name if the update works. I downgrade ddclient for the time being, but the package lock will not survive the 23.7 upgrade...
Quote from: chemlud on May 01, 2023, 09:42:49 PM
Don't trust the logs. Check on the portal of your dynDNS service or via pingin your domain name if the update works. I downgrade ddclient for the time being, but the package lock will not survive the 23.7 upgrade...
As I said in the post title, other than there are no logs, it doesn't even start, so it's not doing anything in the server.
yepp, I know, iirc franco posted a patch some days ago to get it starting. simply use the original ddclient. Dual stack? No use here. :D
> As I said in the post title, other than there are no logs, it doesn't even start, so it's not doing anything in the server.
What is this based on? A red light in a GUI widget?
The bug really only applies there, not even the ddclient MVC page. And I don't see any ps output backing up the claim further.
In any case 23.1.7 will be out this week with said fix.
Cheers,
Franco
Quote from: franco on May 02, 2023, 07:08:00 AM
> As I said in the post title, other than there are no logs, it doesn't even start, so it's not doing anything in the server.
What is this based on? A red light in a GUI widget?
Well, yes. What else?
Quote from: franco on May 02, 2023, 07:08:00 AM
The bug really only applies there, not even the ddclient MVC page. And I don't see any ps output backing up the claim further.
I would have posted a ps output if I was asked. Here's it then, output of ps axu. Note the lack of anything ddclient related:
root@firewall:~ # ps axu
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 11 378.2 0.0 0 64 - RNL 26Apr23 39508:32.50 [idle]
root 40771 1.4 1.6 198336 131912 - S 26Apr23 121:43.52 /usr/local/bin/python3 /usr/local/opnsense/scripts/unbound/logger.py (python3.9)
root 39846 0.2 0.4 61568 35932 - S Sun11 0:03.42 /usr/local/bin/php-cgi
root 0 0.0 0.0 0 1488 - DLs 26Apr23 176:18.33 [kernel]
root 1 0.0 0.0 11408 1016 - SLs 26Apr23 0:00.11 /sbin/init
root 2 0.0 0.0 0 64 - DL 26Apr23 0:00.00 [KTLS]
root 3 0.0 0.0 0 80 - DL 26Apr23 0:00.00 [crypto]
root 4 0.0 0.0 0 32 - DL 26Apr23 0:00.00 [cam]
root 5 0.0 0.0 0 944 - DL 26Apr23 10:03.96 [zfskern]
root 6 0.0 0.0 0 16 - DL 26Apr23 5:58.45 [pf purge]
root 7 0.0 0.0 0 16 - DL 26Apr23 2:21.09 [rand_harvestq]
root 8 0.0 0.0 0 48 - DL 26Apr23 1:24.25 [pagedaemon]
root 9 0.0 0.0 0 16 - DL 26Apr23 0:00.00 [vmdaemon]
root 10 0.0 0.0 0 16 - DL 26Apr23 0:00.00 [audit]
root 12 0.0 0.0 0 256 - WL 26Apr23 8:16.94 [intr]
root 13 0.0 0.0 0 48 - DL 26Apr23 0:00.05 [geom]
root 14 0.0 0.0 0 16 - DL 26Apr23 0:00.00 [sequencer 00]
root 15 0.0 0.0 0 80 - DL 26Apr23 0:06.29 [usb]
root 16 0.0 0.0 0 80 - DL 26Apr23 0:25.57 [bufdaemon]
root 17 0.0 0.0 0 16 - DL 26Apr23 0:08.28 [syncer]
root 18 0.0 0.0 0 16 - DL 26Apr23 0:06.05 [vnlru]
root 20 0.0 0.4 52924 30520 - I Sun11 0:01.42 /usr/local/bin/php-cgi
root 29 0.0 0.0 0 16 - DL 26Apr23 0:00.19 [aiod1]
root 30 0.0 0.0 0 16 - DL 26Apr23 0:00.19 [aiod2]
root 31 0.0 0.0 0 16 - DL 26Apr23 0:00.19 [aiod3]
root 32 0.0 0.0 0 16 - DL 26Apr23 0:00.19 [aiod4]
root 446 0.0 0.0 11448 1524 - Is 26Apr23 0:00.43 /sbin/devd
root 4170 0.0 0.2 23736 12480 - S Sun10 0:57.02 /usr/local/bin/python3 /usr/local/sbin/configctl -e -t 0.5 system event config_changed (python3.9)
dhcpd 4236 0.0 0.2 29424 14188 - Is 26Apr23 0:00.76 /usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid igb2_vlan10 igb2_vlan50 igb2_vlan30
root 4750 0.0 0.2 23972 12588 - S Sun10 0:52.02 /usr/local/bin/python3 /usr/local/opnsense/scripts/syslog/lockout_handler (python3.9)
root 5666 0.0 0.4 61440 35224 - S Sun11 0:02.17 /usr/local/bin/php-cgi
root 6043 0.0 0.0 12756 2228 - Is 26Apr23 0:00.01 daemon: /usr/local/opnsense/scripts/dhcp/prefixes.sh[7154] (daemon)
root 7154 0.0 0.0 13504 2644 - S 26Apr23 0:12.67 /bin/sh /usr/local/opnsense/scripts/dhcp/prefixes.sh
root 8237 0.0 0.0 12924 2508 - ICs 26Apr23 0:18.59 /usr/sbin/rtsold -p /var/run/rtsold.pid -M /var/etc/rtsold_script.sh -O /var/etc/rtsold_script.sh -R /usr/local/opnsense/scripts/interfaces/rtsold_resolvconf.sh -a -u -D
root 9933 0.0 0.0 12920 2456 - Is 26Apr23 0:00.00 rtsold: rtsold.llflags (rtsold)
root 10377 0.0 0.0 12920 2452 - Is 26Apr23 0:01.17 rtsold: rtsold.script (rtsold)
root 11312 0.0 0.0 12920 2440 - Is 26Apr23 0:00.00 rtsold: rtsold.sendmsg (rtsold)
root 11597 0.0 0.0 12920 2596 - Is 26Apr23 0:24.87 rtsold: system.syslog (rtsold)
root 14092 0.0 0.0 12796 2536 - Is 26Apr23 0:00.08 /usr/local/sbin/dhcp6c -c /var/etc/dhcp6c.conf -p /var/run/dhcp6c.pid -D
root 18271 0.0 0.1 18060 6716 - Is 26Apr23 0:00.00 sshd: /usr/local/sbin/sshd [listener] 0 of 10-100 startups (sshd)
root 22046 0.0 0.0 12648 2112 - SC 19:10 0:00.00 sleep 20
root 22657 0.0 0.1 21172 8304 - S 26Apr23 0:28.61 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
root 23182 0.0 0.3 49148 23560 - Is 26Apr23 0:00.07 /usr/local/bin/php-cgi
root 24060 0.0 0.3 49148 23620 - Is 26Apr23 0:00.09 /usr/local/bin/php-cgi
root 25543 0.0 0.1 22208 7936 - I 26Apr23 0:00.00 /usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid
root 26386 0.0 0.2 43400 13228 - Ss 26Apr23 6:09.06 /usr/local/sbin/syslog-ng -f /usr/local/etc/syslog-ng.conf -p /var/run/syslog-ng.pid
unbound 35192 0.0 0.9 213772 75356 - Is 26Apr23 18:36.19 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
root 35818 0.0 0.4 61440 35192 - I Sun11 0:00.53 /usr/local/bin/php-cgi
root 40203 0.0 0.0 12756 2228 - Is 26Apr23 0:00.00 daemon: /usr/local/opnsense/scripts/unbound/logger.py[40771] (daemon)
dhcpd 45393 0.0 0.1 25712 11648 - Is 26Apr23 0:01.61 /usr/local/sbin/dhcpd -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid igb1 igb2 igb2_vlan50 igb2_vlan30 igb2_vlan20 igb2_vlan10 igb2_vlan128
root 47067 0.0 0.0 13072 3100 - Ss 26Apr23 2:52.32 /usr/local/sbin/filterlog -i pflog0 -p /var/run/filterlog.pid
root 50987 0.0 0.0 12724 2476 - Is 26Apr23 0:17.87 /usr/local/sbin/radvd -p /var/run/radvd.pid -C /var/etc/radvd.conf -m syslog
root 53488 0.0 0.4 57340 34588 - I 19:08 0:00.87 /usr/local/bin/php-cgi
root 64134 0.0 0.0 12848 2572 - Ss 19:09 0:00.00 /usr/sbin/cron -s
root 67758 0.0 0.0 12752 2244 - Ss 26Apr23 5:30.52 /usr/sbin/powerd -b hadp -a hadp -n hadp
root 69030 0.0 0.4 59388 35336 - I Sun11 0:04.31 /usr/local/bin/php-cgi
root 82358 0.0 0.2 25764 15496 - Ss 26Apr23 5:08.99 /usr/local/bin/python3 /usr/local/opnsense/scripts/dhcp/unbound_watcher.py --domain lan (python3.9)
root 86837 0.0 0.1 21780 6980 - Ss 26Apr23 2:06.26 /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf
root 91516 0.0 0.3 36260 23460 - Is Sun10 0:03.58 /usr/local/bin/python3 /usr/local/opnsense/service/configd.py (python3.9)
root 96165 0.0 0.1 18436 7788 - Ss 19:09 0:00.09 sshd: root@pts/0 (sshd)
root 96356 0.0 0.5 82488 41000 - S Sun10 1:11.10 /usr/local/bin/python3 /usr/local/opnsense/service/configd.py console (python3.9)
root 98209 0.0 0.0 0 64 - DL 26Apr23 0:01.79 [ng_queue]
root 98510 0.0 0.1 23912 6924 - Ss 26Apr23 0:19.72 /usr/local/sbin/mpd5 -b -d /var/etc -f mpd_wan.conf -p /var/run/pppoe_wan.pid -s ppp pppoeclient
root 2339 0.0 0.1 14700 4256 u0- I+ 26Apr23 1:00.02 /usr/local/bin/bash /usr/local/bin/wg-quick up wg0
root 4714 0.0 0.0 12676 2336 u0- I+ 26Apr23 0:03.10 route -n monitor
root 45053 0.0 0.0 12780 2284 v0 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv0
root 45319 0.0 0.0 12780 2284 v1 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv1
root 45331 0.0 0.0 12780 2284 v2 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv2
root 45504 0.0 0.0 12780 2284 v3 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv3
root 46184 0.0 0.0 12780 2284 v4 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv4
root 47056 0.0 0.0 12780 2284 v5 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv5
root 48029 0.0 0.0 12780 2284 v6 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv6
root 48129 0.0 0.0 12780 2284 v7 Is+ 26Apr23 0:00.00 /usr/libexec/getty Pc ttyv7
root 20227 0.0 0.0 13812 4064 0 S 19:09 0:00.04 /bin/csh
root 22075 0.0 0.0 13372 3088 0 R+ 19:10 0:00.00 ps axu
root 97475 0.0 0.0 13504 3068 0 Is 19:09 0:00.01 /bin/sh /usr/local/sbin/opnsense-shell
Quote from: franco on May 02, 2023, 07:08:00 AM
In any case 23.1.7 will be out this week with said fix.
I will report after the update, and then open a new post when still doesn't work.
Not sure, could be a configuration issue leading to faulty configuration... And this?
# service ddclient_opn start
Cheers,
Franco
Quote from: franco on May 03, 2023, 07:47:46 PM
Not sure, could be a configuration issue leading to faulty configuration... And this?
# service ddclient_opn start
Cheers,
Franco
# service ddclient_opn start
Cannot 'start' ddclient_opn. Set ddclient_opn_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'.
If I do onestart:
# service ddclient_opn onestart
Starting ddclient_opn.
but then:
# service ddclient_opn onestatus
ddclient_opn is not running.
As I said, the same config works with ddclient backend (but no dual stack, so no bueno)
Edit: ddclient was disabled. I just enabled it, and now "start" and "status" work, but with the same result.
Quote from: julsssark on April 30, 2023, 09:33:21 PM
I could not get the OPNsense backend to work with a CloudFlare token using only v4. It would generate this error:
Account XXX [cloudflare - XXX ddns] error receiving ZoneID [[{"code": 6003, "message": "Invalid request headers", "error_chain": [{"code": 6102, "message": "Invalid format for X-Auth-Email header"}, {"code": 6103, "message": "Invalid format for X-Auth-Key header"}]}]]
I think that "Invalid format for X-Auth-Email header" indicates that you are not using Cloudflare "token" service (if token auth is used, it would read something like "bearer authentication").
You need to use username "token" (literally "token"!) or leave it empty to use the token authorisation. DO NOT USE YOUR CLOUDFLARE EMAIL / USERNAME!
Thanks for the suggestion. I am using "token" as the user name. I just tried it with 23.1.7 and I receive the same error. It is working fine with ddclient backend. I am not sure if the OPNsense backend supports CloudFlare tokens.
The opnsense backend works with Cloudflare if you use the Global API token as the password.
I am using API tokens and not the global API key.
No offense, but can you start.a new topic with your problem instead of using this one, which has nothing to do?
Except that your original post said you were trying to use the CloudFlare API token with the OPNsense backend. My point was that even if you get the service started, it may still not work.
As expected, the recent update 23.1.7 solved absolute nothing. I can paste the same command outputs and ps output if you want.
problem still exists / OPNsense 23.7.10_1-amd64
[cloudflare - Cloudflare] error receiving ZoneID [[{"code": 6003, "message": "Invalid request headers", "error_chain": [{"code": 6103, "message": "Invalid format for X-Auth-Key header"}]}]]