DynDNS blocked me
-
Strange, now I don't believe you anymore :-\
I only saw dyndns updating once an hour in my system logs, so I tought that was to much for dynDNS, now you tell me it was updating every minute?
Then again, I still have the following in my system log:
Dec 13 23:00:38 php: : phpDynDNS: (Unknown Response)
Dec 13 23:00:38 php: : phpDynDNS: PAYLOAD: abuse
Dec 13 23:00:38 php: : DynDns: Current Service: dyndns
Dec 13 23:00:38 php: : DynDns: DynDns _checkStatus() starting.
Dec 13 23:00:37 php: : DynDns: DynDns _update() starting.
Dec 13 23:00:37 php: : DynDns: cacheIP != wan_ip. Updating.
Dec 13 23:00:37 php: : DynDns: Cached IP: 0.0.0.0
Dec 13 23:00:37 php: : DynDns: Current WAN IP: <current ip="">Dec 13 23:00:37 php: : DynDns: _detectChange() starting.
Dec 13 23:00:37 php: : DynDns: updatedns() starting
Dec 13 23:00:37 php: : DynDns: Running updatedns()
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.131.10#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.130.5#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.131.10#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.130.5#53
Dec 13 23:00:18 dnsmasq[1184]: reading /etc/resolv.conf
Dec 13 23:00:17 php: : Informational: DHClient spawned /etc/rc.newwanip and the new ip is wan - <current ip="">.
Dec 13 23:00:12 dhclient[996]: bound to <current ip="">– renewal in 3600 seconds.
Dec 13 23:00:12 dhclient[996]: DHCPACK from <isp dhcp="">Dec 13 23:00:11 dhclient[996]: DHCPREQUEST on rl0 to <isp dhcp="">port 67
Dec 13 22:28:08 php: : phpDynDNS: (Unknown Response)
Dec 13 22:28:08 php: : phpDynDNS: PAYLOAD: abuse
Dec 13 22:28:08 php: : DynDns: Current Service: dyndns
Dec 13 22:28:08 php: : DynDns: DynDns _checkStatus() starting.
Dec 13 22:28:07 php: : DynDns: DynDns _update() starting.
Dec 13 22:28:07 php: : DynDns: cacheIP != wan_ip. Updating.
Dec 13 22:28:07 php: : DynDns: Cached IP: 0.0.0.0
Dec 13 22:28:07 php: : DynDns: Current WAN IP: <current ip="">Dec 13 22:28:07 php: : DynDns: _detectChange() starting.
Dec 13 22:28:07 php: : DynDns: updatedns() starting
Dec 13 22:28:07 php: : DynDns: Running updatedns()so it always says cached ip: 0.0.0.0 !? therefore it updates dynDNS, although my IP hasn't changed!
I asked to unblock now, but I'm pretty sure that when I come home tomorrow evening, I will again have a mail in my mailbox saying I'm blocked… :'(
Mickeybyte</current></isp></isp></current></current></current>
-
Strange, now I don't believe you anymore :-\
Sorry, once an hour. Either way it was enough to trigger a lockout.
Run this from a shell to make sure you have the latest dyndns client:
update_file.sh /etc/inc/dyndns.class
-
I just got my account deleted from DynDNS :(.
Here's their email:A hostname you had registered with Dynamic Network Services, Inc. (DynDNS), XXXXXXXXX.homeip.net, has been deleted from our systems. This hostname has been deleted a week after the last legitimate update prior to its blocking. Our policies forbid multiple successive updates from the same IP address for performance and resource-conservation purposes; such updates have no function, and use resources which could better serve others. If you are using a hardware router's built-in update functionality, it is most likely not properly functional; we recommend that you contact your router's manufacturer regarding this issue and ask them to contact us for assistance correcting their products to interface properly with our systems.Now, Scott, I believe you but this is tricky because you had told me in another thread that this had been solved in 0.96.x and I am running 0.96.2.
I see that you posted two commands that we should run.
I'll try them but I don't know if DynDNS is gonna accept back as a registered user :(.
So just to make things clear:
I should runupdate_file.sh /etc/crontab shutdown -r nowwait for the reboot and then I should run```
update_file.sh /etc/inc/dyndns.classShould I expect to see any special response from these commands on the shell prompt? @mickeybyte Scott is actually right. I saw it on my logs. Before it was updating every minute (on 0.95.8 if I recall correctly). And lately (on 0.96.x) it was updating every hour. That's why he says it was updating every minute. Cheers -
Well for now I'm unblocked since 5h35 this morning (CET) 8), and haven't been blocked until now (3h15 afternoon), so I'll just wait for another day to see if it has been solved by those 2 updates.
BTW, unblocking apparently goes very easy, since it is the second time it happened to me in only 2 days and after a few hours my account was unblocked.
-
Well for now I'm unblocked since 5h35 this morning (CET) 8), and haven't been blocked until now (3h15 afternoon)…
Howcome? Here it's still 3h05pm :D.
Anyway I had already been blocked before because of this issue.
This time I was deleted!
Let's see how easy it will be to bring that account back alive.
Though, many thanks for your positive feedback ;).@Scott
Sorry but I suck at *BSD/Linux.
Those commands you posted how shall I run them?
I was trying to do a "cd /etc/crontab" from the Diagnostics > Command Prompt.
It seems to accept it but then I do a "pwd" just to find out that I'm still stuck at "/usr/local/www".
How can I change directories from the command prompt to run those commands you posted?
TIA
Cheers -
Hi,
better activate ssh and use a ssh session to do it.
You can however run the commands in the exec.php window, one at a time, but a "cd" won't work, because each time you are indeed again in the default directory
MickeyByte
-
Thanks mickeybyte ;)
CheersEDIT: I have successfuly sshed to my box.
I am currently in "/etc" and I can see the file "crontab".
But now what do I do?
What did Scott mean by "update_file.sh"?
TIA -
you actually don't need to "cd" to that dir
in fact, you only need to enter the commands like Scott said
so at your shell prompt you type:update_file.sh /etc/crontab <enter>==> updates the crontab file
update_file.sh /etc/inc/dyndns.class <enter>==> updates the dyndns.class procedure
shutdown -r now <enter>==> reboots the firewallI think you might as well update the dyndns.class file also before rebooting
So you could have just entered those commands one at a time in the command box using the webinterface (in stead of <enter>you click <submit>)</submit></enter></enter></enter></enter>
-
Thanks mickeybyte ;).
BTW how is that dyndns service behaving so far?
CheersEDIT:
# update_file.sh /etc/crontab trying to fetch latest /etc/crontab fetch: http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/crontab?rev=1;content-type=text%2Fplain: size of remote file is not known /etc/crontab 465 B 110 kBps # update_file.sh /etc/inc/dyndns.class trying to fetch latest /etc/inc/dyndns.class fetch: http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/inc/dyndns.class?rev=1;content-type=text%2Fplain: size of remote file is not known /etc/inc/dyndns.class 20 kB 44 kBpsThis is what I got.
Is this ok?
Cheers -
until now still running fine (fine = not being blocked)
however in the logs it still says every hour cache ip (0.0.0.0) != wan ip (current ip) although it did not change!
Strange I think, because I used to have m0n0wall and I had never any problems with that system.
Nevertheless, I'll keep you informed if my DynDNS account status changes! ;)
-
#1. There was a bug where the cache was being updated every time. Now the cache will not be updated unless it has received a OK status from the provider. So that means your cache statement will be updated as soon as you're ip changes.
#2. We do not use any of the same code for DYNDNS. Erik rewrote ez-ipupdate (which is no longer maintained) to be complete php.
-
Great :)
And thanks for support!
-
Thanks for clarifying this for us Scott.
Cheers -
btw, that also is the reason why the dyndns providerlist of m0n0 and pfsense is different.
-
oops :-[, never saw the difference…
-
Well, it did last a day longer than before, but there it was again in my mailbox today:
–---Original Message-----
From: DynDNS Support [mailto:support@dyndns.com]
Sent: Thursday, December 15, 2005 3:31 AM
To: <my email="">Subject: Hostname Blocked Due To AbuseDear Valued Customer:
The hostname, myaccount.homedns.org, in account myaccount, has been blocked for
abuse. This action has been taken due to the receipt of multiple updates
originating from the same IP address.Please note, updates which result in the IP address associated with a host
changing are NOT considered abusive. Only those updates which result in no
change to the host are abusive. Please take a moment to review our Update
Abuse Policy here:http://www.dyndns.com/support/abuse.html
:'(</my>
-
Show us your system logs.
Also show us /etc/crontab
-
/etc/crontab:
$ less /etc/crontab
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log
#minute hour mday month wday who command
0 * * * * root /usr/bin/nice -n20 newsyslog
1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a
1 * 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh
*/60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
1 0-1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.updateSystemlogs are more difficult, unless you can tell me where I can find them on pfSense (not the webinterface, but the files itself)? Problem is I sent all syslogs tot a syslog daemon, but last night my switch gave up, and I've just repaired the problem, so I don't have any logs in my syslog daemon since late last night. I'll see if I can already find something in there.
-
From a shell:
cat /var/log/system.log | grep Dyn
-
looking at the crontab, I've noticed the dyndns line stating
1 0-1 * * * …
what exactly does it mean? when does it run.I'can only find logfiles on the firewall since I've rebooted it a few hours ago, and there I noticed it updated it every 10 seconds?
In my syslog daemon, I can only find logs until 12 o'clock last night and there it shows up every once an hour, but still not blocked.
The mail that said I was blocked again came around 3h30 this morning