OPNsense Forum
Archive => 15.7 Legacy Series => Topic started by: fgrutz on July 07, 2015, 02:22:22 am
-
Hi, First post here.
I setting up a Firewall for my home network, and having some trouble with dynamic DNS updates.
I am forced to use an ISP provided router that can´t be set as a bridge, so I set the firewall as its DMZ, as far as forwarding ports its working OK. But since the firewall WAN port have a never changing IP address, when the ISP changes my external IP, I´m forced to manually force the Dynamic DNS update to set it to the new External IP or it still points to the old IP.
There is some way to make it update say like every 5 minutes?
Thanks in advance.
Fábio Grützmacher
-
You could write a script to do it and run the script from any computer behind the modem/router.
#!/bin/sh
PUBLIC_IP=$(curl -s http://ipecho.net/plain; echo)
echo $PUBLIC_IP
-
If your ISP router is acting as an RFC bridged device and you are using OPNsense as your primary connection (pppoe or static IP) then you shouldn't experience any problems. So now lets say that you are facing problems, use you can google around for IP helper script. The one which is mentioned by bcjenkins is perfect! Save it as a bash script and add it to cron updates for like 5 minutes to do the job. Hope this helped.
-
What I actually want is to update the NO-IP dynamic DNS when it happens, the script help to know it happened, but how do I call this update from cron?
Sorry but I am a newbie to OPNSense.
Thanks
-
You can run a dynamic IP address update utility from any PC behind the ISP router. This could be your OpnSense firewall or a Windows PC, etc.
In order to run an updater on the OpnSense firewall which is independent of the functions built in, you would want to run it from a script of some sort. I don't use no-ip, so I can't speak to whether or not this script would work. It was found using Google. For reference: http://techgeekjay.blogspot.com/2013/03/no-ip-automatic-update-bash-script-for.html
A few pieces have been changed such as using sh for the interpreter instead of bash and log locations.
#!/bin/sh
# No-IP uses emails as passwords, so make sure that you encode the @ as %40
USERNAME=--account name--
PASSWORD=--my password--
HOST=--my host name--
LOGFILE=/var/log/noip.log
STOREDIPFILE=/var/run/current_ip
USERAGENT="Simple Bash No-IP Updater/0.4 antoniocs@gmail.com"
if [ ! -e $STOREDIPFILE ]; then
touch $STOREDIPFILE
fi
NEWIP=$(curl http://icanhazip.com/)
STOREDIP=$(cat $STOREDIPFILE)
if [ "$NEWIP" != "$STOREDIP" ]; then
RESULT=$(curl -o "$LOGFILE" -s --user-agent "$USERAGENT" "https://$USERNAME:$PASSWORD@dynupdate.no-ip.com/nic/update?hostname=$HOST&myip=$NEWIP")
LOGLINE="[$(date +"%Y-%m-%d %H:%M:%S")] $RESULT"
echo $NEWIP > $STOREDIPFILE
else
LOGLINE="[$(date +"%Y-%m-%d %H:%M:%S")] No IP change"
fi
echo $LOGLINE >> $LOGFILE
exit 0
Save this to the firewall, adjust the values as needed at the top and set it up in a cron job.
--bcj
-
Worked like a charm.
Thanks bcjenkins.
-
That's awesome. It might be an interesting feature enhancement to make one of the monitoring interfaces a pseudo one which pings against an external server to derive its value. This way it can be managed in the GUI.