dynip.sh — a DynDNS client
dynip.sh is a very simple bash script. It does not use a configuration
file, all configuration is done in the script header. dynip.sh is
designed to run completely without human attention. An email address can be set
up to receive error notifications. All data transfer is encrypted using HTTPS.
It requires the curl
utility to be installed.
Download dynip-0.5.tar.gz (7786 Bytes)
Usage
dynip.sh expects the DYNIP_ADDR environment variable to be
set to your current IP address. If not set it calls local_ip_detector.sh
in the same directory as dynip.sh to get it.
If local_ip_detector.sh is called directly (not from
dynip.sh) it fetches the IP address and calls dynip.sh
Hence, no matter whether you call dynip.sh or
local_ip_detector.sh they'll do the right thing.
dynip.sh is best called directly by the program that connects you to the
Internet. If you are using
pppd look for a
ip-up script in your pppd documentation.
Alternatively you can use cron to check your IP address every minute.
In this case it is necessary to use an IP cache on your file system and to change
local_ip_detector.sh to fetch your IP address without additional
Internet traffic.
Configuration
Edit dynip.sh and local_ip_detector.sh (if needed).
You need to edit local_ip_detector.sh if the standard method of
detecting your IP address does not work or if you don't like it. All other
configuration is done directly in dynip.sh.
The standard IP detection method invokes
curl -qs http://checkip.dyndns.orgThis generates network traffic and may not work with proxies.
Configuring dynip.sh
There is a configuration section at start of the script. You can set the following variables:
- user
- pw
your DynDNS credentials
- system
- host
- wildcard
- mx
- backmx
- offline
your DynDNS host parameters. See DynDNS Update Specification for details.
- ip_addr_cache
DynDNS do not like frequently updates of a host with a constant IP address. If your ISP tends to give you the same IP address every time you should avoid updating your DynDNS record. In this case you need a method to detect whether your IP address has changed and update only if it has.
The variable
ip_addr_cacheis used to specify howdynip.shshould establish whether the address has changed or not. 2 methods are implemented. A DNS request can be made to check if the returned value is the same or a local file system cache can be used. In most cases the second method should be used.ip_addr_cachecan be set to 3 values:- file or file:/path/to/a/local/file specifies that the local
file cache is used. If only file is given
/var/run/dynipis the cache. Otherwise it is /path/to/a/local/file. - dns specifies that a DNS request should be emitted to determine if the DynDNS record is to be changed.
- off or anything else specifies that your DynDNS record is updated unconditionally.
- file or file:/path/to/a/local/file specifies that the local
file cache is used. If only file is given
- mail
a mail address to receive notifications if something went wrong. If this is left blank no mail is sent.
- syslog
send a notice to syslog if something went wrong. Give here a valid parameter to the
-poption of logger. See the logger(1) manpage for details. - retry
- pause
sometimes the connection to the DynDNS server cannot be established and the update fails. In this cases curl returns an empty string.
dynip.shcan detect this and retry the operation.retryis set to the maximal number of tries andpauseto a number of seconds to wait between them. - curlopt
pass additional options to curl
Configuring local_ip_detector.sh
Since the method of detecting your IP address heavily depends on your local setup no general method can be provided. This script implements a default method. Change it to meet your needs.
Modern Curl SSL Settings
Modern curls check the certificate provided by the WEB server more thoroughly than before. Particularly the certificate signer is checked against a list of certificates you trust. Such a list is called a certificate bundle. The DynDNS certificate signer is unforunately not installed in the default certificate bundle. It can be obtained from here.
To add it to your certificate bundle first you need to locate the bundle on your file system. Curl helps you by means of the -v option. Calling an arbitrary https url says for example:
$ curl -v https://bahn.de
* About to connect() to bahn.de port 443
* Connected to bahn.de (81.200.194.40) port 443
* successfully set certificate verify locations:
* CAfile: /usr/share/curl/curl-ca-bundle.crt
CApath: none
* SSL certificate problem, verify that the CA cert is OK
* Closing connection #0
curl: (60) SSL certificate problem, verify that the CA cert is OK
More details here: http://curl.haxx.se/docs/sslcerts.htmlThe interesting lines are CAfile: ... and CApath: .... CAfile is a text file containing certificates. Here you simply append the Geotrust certificate. CApath is a directory where you can store the cert in a extra file. Refer to the openssl docs to learn how.
Alternatively you can set curlopt to -k or --cacert FILENAME
where FILENAME points to a file where the Geotrust certificate is stored.
For your convenience the Geotrust certificate is included in this distribution.
Letzte Aktualisierung: 06.08.2008