Gargoyle Forum

A forum to discuss the Gargoyle web interface for Openwrt
https://www.gargoyle-router.com/phpbb/

Troubleshooting Dynamic DNS

https://www.gargoyle-router.com/phpbb/viewtopic.php?t=12119

Page 1 of 1

Troubleshooting Dynamic DNS

Posted: Fri Sep 13, 2019 8:49 am
by oliver
Running 1.11.0 on TL-WDR3600 v1

I have a dynamic domain at afraid.org but I can't successfully add it to the DDNS service. How do I effectively troubleshoot?

The paragraph in /etc/ddns_providers.conf was set to:

Code: Select all

service freedns.afraid.org
        url_template                    [[META_URL]]
        required_variables              domain username password
        required_variable_names         DyDNS.DoNm,DyDNS.UsrN,DyDNS.Pssw
        success_regexp                  /(^Updated|has not changed.)/
        meta_variables                  meta_url
        meta_variables_to_cache         meta_url
        meta_url                        ewget -O -  "https://freedns.afraid.org/api/?action=getdyndns&sha="$(printf "[[USERNAME]]|[[PASSWORD]]" | sha1sum | awk ' { print $1 }') 2>/dev/null |
grep "[[DOMAIN]]" | sed 's/^.*|//g'
but it looks like they've switched to a token method (and the token is not an sha1sum of [[USERNAME]]|[[PASSWORD]] - and a secondary issue is that my password has a % in it which throws off printf)

I changed the paragraph to this

Code: Select all

service freedns.afraid.org
        url_template                    [[META_URL]]
        required_variables              domain token
        required_variable_names         DyDNS.DoNm,DyDNS.Tokn
        success_regexp                  /(Updated|has not changed)/
        meta_variables                  meta_url
        meta_url                        ewget -O - "https://freedns.afraid.org/dynamic/update.php?[[TOKEN]]" 2>/dev/null
If I literally put my token at the end, I get this (the x's are to obfuscate):

Code: Select all

root@Gargoyle:/etc#  ewget -O - "https://freedns.afraid.org/dynamic/update.php?d3VExxxxxxxxxxxxxZE86MTg2OTkwMjQ=" 2>/dev/null
ERROR: Address 73.237.xx.xx has not changed.
So it seems like success_regexp should match but when run thru the GUI I get a "Update of new dynamic DNS service configuration(s) failed:" pop-up

I have another DDNS entry at ddns.org and that is working so I know the pkg is good.

What am I missing and can I somehow get logs from the ddns pkg?

Regarding the % in password thing I mentioned earlier, printf needs the % escaped with another %

No escape

Code: Select all

root@Gargoyle:/etc# printf "username|%qwerty" | sha1sum
ash: %qwerty: invalid format
14cc980b41e487e479b57166fcb3e206fa2672d9  -
Escaped

Code: Select all

root@Gargoyle:/etc# printf "username|%%qwerty" | sha1sum
6f4e7c015cd3d9ff2ca56e73d8ad0966d82e13c4  -
And escaped version matches echo -n

Code: Select all

root@Gargoyle:/etc# echo -n "username|%qwerty" | sha1sum
6f4e7c015cd3d9ff2ca56e73d8ad0966d82e13c4  -

Re: Troubleshooting Dynamic DNS

Posted: Fri Sep 13, 2019 7:16 pm
by Lantis
For a simple URL like that, don't use meta url. Just place it directly in the url_template.
Thanks for pointing out the updated API, I'll look at it shortly.

Re: Troubleshooting Dynamic DNS

Posted: Fri Sep 13, 2019 8:08 pm
by oliver
Lantis wrote:For a simple URL like that, don't use meta url. Just place it directly in the url_template.
Thanks for pointing out the updated API, I'll look at it shortly.
Thanks... that did the trick. New paragraph is:

Code: Select all

service freedns.afraid.org
        url_template                    https://freedns.afraid.org/dynamic/update.php?[[TOKEN]]
        required_variables              domain token
        required_variable_names         DyDNS.DoNm,DyDNS.Tokn
        success_regexp                  /(Updated|has not changed)/
I have no idea how they generate that token though but they do give the option to rotate it if you think it's been compromised so I suspect it's not just username/password.

I got it from the "direct URL" link on the ddns page when you log into afraid.org

Re: Troubleshooting Dynamic DNS

Posted: Fri Sep 13, 2019 10:17 pm
by Lantis
Yea had a quick look. They still support the old username password domain and ip format, but the URL has changed.
I'll probably stick to that unless I can find out how the token system works.
I'm concerned from a usability point of view that the token isn't meaningful. You can't look at it and understand what domain it pertains to directly.
I also don't know if each domain has it's own token, or whether it updated them all together.

Will see :)

Re: Troubleshooting Dynamic DNS

Posted: Sun Sep 15, 2019 6:09 am
by Lantis
The old URL was still working for me.
I don't know that it really needs an update...

Re: Troubleshooting Dynamic DNS

Posted: Sun Sep 15, 2019 8:48 am
by oliver
Lantis wrote:The old URL was still working for me.
I don't know that it really needs an update...
I just tested again and the old version works for me too but only after I change my password to one without '%' in it. Didn't test any other special characters.

I was wondering if the unescaped_variables setting would take care of that but maybe that only looks at the URL after the printf part is evaluated?

Re: Troubleshooting Dynamic DNS

Posted: Fri Oct 04, 2019 7:00 am
by Lantis
Thanks, i've pushed a fix now.
https://github.com/ericpaulbishop/gargo ... d9dc4aac36

Re: Troubleshooting Dynamic DNS

Posted: Fri Oct 04, 2019 10:33 am
by oliver
Lantis wrote:Thanks, i've pushed a fix now.
https://github.com/ericpaulbishop/gargo ... d9dc4aac36
Nice - thanks!
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited