DynDNS blocked me
-
Hi,
running pfSense 0.96.2 I have problems with my dyndns registration
This is what happens every hour (according to system logs):
Dec 13 16:33:29 php: : phpDynDNS: (Success) No Change In IP Address
Dec 13 16:33:29 php: : DynDns: Current Service: dyndns
Dec 13 16:33:29 php: : DynDns: DynDns _checkStatus() starting.
Dec 13 16:33:28 php: : DynDns: DynDns _update() starting.
Dec 13 16:33:28 php: : DynDns: cacheIP != wan_ip. Updating.
Dec 13 16:33:28 php: : DynDns: Cached IP: 0.0.0.0
Dec 13 16:33:28 php: : DynDns: Current WAN IP: <still same="" ip="">Dec 13 16:33:28 php: : DynDns: _detectChange() starting.
Dec 13 16:33:28 php: : DynDns: updatedns() starting
Dec 13 16:33:28 php: : DynDns: Running updatedns()
Dec 13 16:33:09 php: : Informational: DHClient spawned /etc/rc.newwanip and the new ip is wan - <same ip="" as="" before="">.
Dec 13 16:33:01 dhclient[997]: bound to <my ip="" adres="">– renewal in 1800 seconds.
Dec 13 16:33:01 dhclient[997]: DHCPACK from x.x.x.x
Dec 13 16:33:01 dhclient[997]: DHCPREQUEST on rl0 to x.x.x.x port 67So what happens is that every hour pfSense tries to update my DynDNS records because it thinks it has changed (cached ip: 0.0.0.0!?). Nice consequence is that I get a friendly mail from DynDNS.org saying my account is blocked because of possible abuse!
I have been searching around, but until now haven't found a solution or someone else that has the same problem (searched maillinglist archive, forum, google).
Can anyone help me with this?
Thanks a lot!
MickeyByte</my></same></still> -
run from a shell:
update_file.sh /etc/crontab
shutdown -r now -
OK, done that
so, what did it do? It downloaded a new version of the crontab file from internet.I'm curious, but what was the problem, and how can I be sure that it is ok now? what has changed? ???
If I ask to unblock my account, how can I be sure that it won't be blocked again when I gome home again tomorrow ;-)
Anyway, thanks vor your support!
Mickeybyte -
It updated crontab which is not included in normal updates.
It has fixed everyone else so believe what you want to believe.
-
I don't doubt your solution will work, just want to be sure.
And sorry if I'm asking to much, but what actually was the problem, and what has changed to solve it?
Cause the way I see it, the IP in the cache (0.0.0.0) is wrong! don't see how that is related to the crontab, which only starts programs at scheduled times (and DynDNS does say that it should only update on IP change or once every 28 days (so not hourly, …))Mickeybyte
-
cron was launching the update script every minute…
-
Strange, now I don't believe you anymore :-\
I only saw dyndns updating once an hour in my system logs, so I tought that was to much for dynDNS, now you tell me it was updating every minute?
Then again, I still have the following in my system log:
Dec 13 23:00:38 php: : phpDynDNS: (Unknown Response)
Dec 13 23:00:38 php: : phpDynDNS: PAYLOAD: abuse
Dec 13 23:00:38 php: : DynDns: Current Service: dyndns
Dec 13 23:00:38 php: : DynDns: DynDns _checkStatus() starting.
Dec 13 23:00:37 php: : DynDns: DynDns _update() starting.
Dec 13 23:00:37 php: : DynDns: cacheIP != wan_ip. Updating.
Dec 13 23:00:37 php: : DynDns: Cached IP: 0.0.0.0
Dec 13 23:00:37 php: : DynDns: Current WAN IP: <current ip="">Dec 13 23:00:37 php: : DynDns: _detectChange() starting.
Dec 13 23:00:37 php: : DynDns: updatedns() starting
Dec 13 23:00:37 php: : DynDns: Running updatedns()
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.131.10#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.130.5#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.131.10#53
Dec 13 23:00:18 dnsmasq[1184]: using nameserver 195.130.130.5#53
Dec 13 23:00:18 dnsmasq[1184]: reading /etc/resolv.conf
Dec 13 23:00:17 php: : Informational: DHClient spawned /etc/rc.newwanip and the new ip is wan - <current ip="">.
Dec 13 23:00:12 dhclient[996]: bound to <current ip="">– renewal in 3600 seconds.
Dec 13 23:00:12 dhclient[996]: DHCPACK from <isp dhcp="">Dec 13 23:00:11 dhclient[996]: DHCPREQUEST on rl0 to <isp dhcp="">port 67
Dec 13 22:28:08 php: : phpDynDNS: (Unknown Response)
Dec 13 22:28:08 php: : phpDynDNS: PAYLOAD: abuse
Dec 13 22:28:08 php: : DynDns: Current Service: dyndns
Dec 13 22:28:08 php: : DynDns: DynDns _checkStatus() starting.
Dec 13 22:28:07 php: : DynDns: DynDns _update() starting.
Dec 13 22:28:07 php: : DynDns: cacheIP != wan_ip. Updating.
Dec 13 22:28:07 php: : DynDns: Cached IP: 0.0.0.0
Dec 13 22:28:07 php: : DynDns: Current WAN IP: <current ip="">Dec 13 22:28:07 php: : DynDns: _detectChange() starting.
Dec 13 22:28:07 php: : DynDns: updatedns() starting
Dec 13 22:28:07 php: : DynDns: Running updatedns()so it always says cached ip: 0.0.0.0 !? therefore it updates dynDNS, although my IP hasn't changed!
I asked to unblock now, but I'm pretty sure that when I come home tomorrow evening, I will again have a mail in my mailbox saying I'm blocked… :'(
Mickeybyte</current></isp></isp></current></current></current>
-
Strange, now I don't believe you anymore :-\
Sorry, once an hour. Either way it was enough to trigger a lockout.
Run this from a shell to make sure you have the latest dyndns client:
update_file.sh /etc/inc/dyndns.class
-
I just got my account deleted from DynDNS :(.
Here's their email:A hostname you had registered with Dynamic Network Services, Inc. (DynDNS), XXXXXXXXX.homeip.net, has been deleted from our systems. This hostname has been deleted a week after the last legitimate update prior to its blocking. Our policies forbid multiple successive updates from the same IP address for performance and resource-conservation purposes; such updates have no function, and use resources which could better serve others. If you are using a hardware router's built-in update functionality, it is most likely not properly functional; we recommend that you contact your router's manufacturer regarding this issue and ask them to contact us for assistance correcting their products to interface properly with our systems.
Now, Scott, I believe you but this is tricky because you had told me in another thread that this had been solved in 0.96.x and I am running 0.96.2.
I see that you posted two commands that we should run.
I'll try them but I don't know if DynDNS is gonna accept back as a registered user :(.
So just to make things clear:
I should runupdate_file.sh /etc/crontab shutdown -r now
wait for the reboot and then I should run```
update_file.sh /etc/inc/dyndns.classShould I expect to see any special response from these commands on the shell prompt? @mickeybyte Scott is actually right. I saw it on my logs. Before it was updating every minute (on 0.95.8 if I recall correctly). And lately (on 0.96.x) it was updating every hour. That's why he says it was updating every minute. Cheers
-
Well for now I'm unblocked since 5h35 this morning (CET) 8), and haven't been blocked until now (3h15 afternoon), so I'll just wait for another day to see if it has been solved by those 2 updates.
BTW, unblocking apparently goes very easy, since it is the second time it happened to me in only 2 days and after a few hours my account was unblocked.
-
Well for now I'm unblocked since 5h35 this morning (CET) 8), and haven't been blocked until now (3h15 afternoon)…
Howcome? Here it's still 3h05pm :D.
Anyway I had already been blocked before because of this issue.
This time I was deleted!
Let's see how easy it will be to bring that account back alive.
Though, many thanks for your positive feedback ;).@Scott
Sorry but I suck at *BSD/Linux.
Those commands you posted how shall I run them?
I was trying to do a "cd /etc/crontab" from the Diagnostics > Command Prompt.
It seems to accept it but then I do a "pwd" just to find out that I'm still stuck at "/usr/local/www".
How can I change directories from the command prompt to run those commands you posted?
TIA
Cheers -
Hi,
better activate ssh and use a ssh session to do it.
You can however run the commands in the exec.php window, one at a time, but a "cd" won't work, because each time you are indeed again in the default directory
MickeyByte
-
Thanks mickeybyte ;)
CheersEDIT: I have successfuly sshed to my box.
I am currently in "/etc" and I can see the file "crontab".
But now what do I do?
What did Scott mean by "update_file.sh"?
TIA -
you actually don't need to "cd" to that dir
in fact, you only need to enter the commands like Scott said
so at your shell prompt you type:update_file.sh /etc/crontab <enter>==> updates the crontab file
update_file.sh /etc/inc/dyndns.class <enter>==> updates the dyndns.class procedure
shutdown -r now <enter>==> reboots the firewallI think you might as well update the dyndns.class file also before rebooting
So you could have just entered those commands one at a time in the command box using the webinterface (in stead of <enter>you click <submit>)</submit></enter></enter></enter></enter>
-
Thanks mickeybyte ;).
BTW how is that dyndns service behaving so far?
CheersEDIT:
# update_file.sh /etc/crontab trying to fetch latest /etc/crontab fetch: http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/crontab?rev=1;content-type=text%2Fplain: size of remote file is not known /etc/crontab 465 B 110 kBps # update_file.sh /etc/inc/dyndns.class trying to fetch latest /etc/inc/dyndns.class fetch: http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/inc/dyndns.class?rev=1;content-type=text%2Fplain: size of remote file is not known /etc/inc/dyndns.class 20 kB 44 kBps
This is what I got.
Is this ok?
Cheers -
until now still running fine (fine = not being blocked)
however in the logs it still says every hour cache ip (0.0.0.0) != wan ip (current ip) although it did not change!
Strange I think, because I used to have m0n0wall and I had never any problems with that system.
Nevertheless, I'll keep you informed if my DynDNS account status changes! ;)
-
#1. There was a bug where the cache was being updated every time. Now the cache will not be updated unless it has received a OK status from the provider. So that means your cache statement will be updated as soon as you're ip changes.
#2. We do not use any of the same code for DYNDNS. Erik rewrote ez-ipupdate (which is no longer maintained) to be complete php.
-
Great :)
And thanks for support!
-
Thanks for clarifying this for us Scott.
Cheers -
btw, that also is the reason why the dyndns providerlist of m0n0 and pfsense is different.