Patch do add support to Amazon Route 53 to pfSense 2.0.1 Dynamic DNS Services



  • Hi guys,

    I created a small patch to add support into pfSense 2.0.1 to Amazon Route 53 as a Dynamic DNS Provider.

    I created it for my personal use, but i think that it can be useful to others too, thats why im sharing it.

    Im not a programmer and logic of my source code arent perfect, but it do the job :)

    File with patch files are available for download at:

    http://cdn.ebrandi.eti.br/downloads/pfsense_route53update-1.0b.tar.gz
    MD5: a4fba73549505b021ec9cff340dad17a

    Since i dont know how to build a official pfsense package, install must be done by hands and please make sure that you have a backup of your system before you proceed with install.

    To install it just upload above file to some directory in your pfSense box, uncompress it and run script install.sh

    If you wanna see how it will look after install, just take a look at my blog in url:

    http://blog.ebrandi.eti.br/2012/03/adicionando-suporte-ao-amazon-route-53-no-servico-de-dns-dinamico-do-pfsense-2-0-1/

    I posted some pictures of "Dynamic DNS" screens after patch ;)

    Best regards

    Edson Brandi



  • Edson,

    Nice patch. :)

    Take a look on Brazilian forum, maybe you want to describe it there too  ;)

    http://forum.pfsense.org/index.php/board,12.0.html



  • thks marcelloc :)

    I followed your suggestion and posted in portuguese section too.

    Edson


  • Rebel Alliance Developer Netgate

    If you can make a fork and apply that on github we can try to pull it into the main repo. Or at least provide a diff on a ticket at http://redmine.pfsense.org/ - Having to work from a full file makes things a bit more complicated.



  • Hi Jimp,

    Im already using diff patchs , I will create a ticket :)

    Inside file pfsense_route53update-1.0b.tar.gz you will find following files:

    etc.patch

    This patch file apply changes to:

    /etc/inc/services.inc
    /etc/inc/upgrade_config.inc
    /etc/inc/xmlparse.inc
    /etc/inc/xmlreader.inc
    /etc/rc.dyndns.update

    www.patch

    This patch file apply changes to:

    /usr/local/www/services_dyndns.php
    /usr/local/www/services_rfc2136.php

    and create following files:

    /usr/local/www/services_route53.php
    /usr/local/www/services_route53_edit.php

    route53update.sh

    This shell script is used to send change requests to Route 53 API, it's called from services_route53update_process() function in /etc/inc/services.inc , this function will look for it in /usr/local/bin directory. This shell script make use of many command line tools to work, and it use 2 softwares that aren't included in pfSense base system (wget and base64).

    install.sh

    This file do dirt job of create backup of original files (in case of you need/wish uninstall it later), use "patch -pl" to apply above patchs, copy shell script to /usr/local/bin, create a crontab for root user to run /etc/rc.dyndns.update every 5 minutes, and install wget and base64.

    Edson


  • Rebel Alliance Developer Netgate

    ok, that may not work out then. There are probably better ways to get all of that done using the included tools (fetch instead of wget, or curl in php, decode base64 in php rather than an external binary)

    Usually it wouldn't be necessary to add a completely separate page for that kind of thing, or to touch the xml parser files, but I haven't looked at the code so I can't say for sure. (I also have not used/seen route 53 so I'm not sure what's involved there).

    I was thinking it was simply adding a new dyndns type, not anything that extensive.



  • @jimp:

    ok, that may not work out then. There are probably better ways to get all of that done using the included tools (fetch instead of wget, or curl in php, decode base64 in php rather than an external binary)

    Yes i agree that's possible to do same using included tools and internal php functions, sadly i dont know how to do that and used tools that i know how to use to add feature that i was needing ::)

    @jimp:

    Usually it wouldn't be necessary to add a completely separate page for that kind of thing, or to touch the xml parser files, but I haven't looked at the code so I can't say for sure. (I also have not used/seen route 53 so I'm not sure what's involved there).

    I added a new page because informations that you need to create API request to Amazon Route 53 Service are very different from informations that you normally need post to "dyndns like" services and also different of needs for RFC 2136. Was easier to me create a new one instead make changes in actual pages.

    Only thing that i change in xml parser/reader files are that i added word "route53update" in $ret under listtags() function, i did this because i used array $config['route53updates']['route53update'] array to store my configuration variables, and if i dont do this change pfSense dosent accept my changes to config file and keep restoring it from backup everytime that i create a new dns record.

    @jimp:

    I was thinking it was simply adding a new dyndns type, not anything that extensive.

    Process to submit data to Route 53 API aren't complex, i know that my solution arent the best way to do it, but was what i'm able to do with my limited programming skills :\

    Edson



  • Hello,

    I find a way to do same functions that im doing with external programs using internal functions on PHP, but i will need hash_hmac() support on PHP. I tried to add this support installing php5-hash package from FreeBSD packages but this procedure broke my system :\ Whats best way to enable this function on PHP version that are used with pfsense?

    Edson

    EDIT: I installed php hash module that i was needing using instructions from http://forum.pfsense.org/index.php/topic,47150.0.html , later today i will post new version of patchs :)



  • Ok, new version available at:

    http://cdn.ebrandi.eti.br/downloads/pfsense_route53update-1.0e.tar.gz
    MD5: 23f10b020db4f87e5677b6bf41279419

    This version dosen't make use of external softwares like wget, cut, awk, dig, base64, etc.
    All tasks are handled using only internal PHP funcions.

    When you run install.sh it will apply patch to /etc and /usr/local/www (to alter and create new files), will install packages  ca_root_nss-3.12.4.tbz and php52-hash-5.2.13_3.tbz and will install a crontab for root user that will run every 5 minutes to check if IP changed in your interfaces.

    I hope this are acceptable :)

    Edson



  • Pull request submitted :)

    https://github.com/bsdperimeter/pfsense/pull/70

    Edson



  • New version available at:

    http://cdn.ebrandi.eti.br/downloads/pfsense_route53update-1.0f.tar.gz
    MD5: **78e4161e4c0e6dae7843e54b036b4a39 **

    In this last version i changed services_route53.php file to make it delete DNS Record in Route 53 API and also make it delete ip cache file in /conf directory when you delete a host in GUI.

    Edson



  • I added a comment on that merge request on why we can't merge it as is, but would definitely appreciate the contribution and would merge it if it follows the same standard as the 14 other dyndns providers we support. Thanks!



  • @cmb:

    I added a comment on that merge request on why we can't merge it as is, but would definitely appreciate the contribution and would merge it if it follows the same standard as the 14 other dyndns providers we support. Thanks!

    Thks cmb, i understand. If i get some free time in future i will try to change it.

    but i have a last question to avoid more troubles in future, to be able to access Amazon AWS API for Route 53 Services and create/update/delete a DNS record i will need informations from user that aren't need to update other providers, its acceptable to add new fields in dyndns form?

    Edson



  • Sure, you can add/remove fields there, just use javascript to show/hide as needed. I believe that's already done for some other providers, or at a minimum it's done in other areas of the GUI.



  • @cmb:

    Sure, you can add/remove fields there, just use javascript to show/hide as needed. I believe that's already done for some other providers, or at a minimum it's done in other areas of the GUI.

    CMB,

    I redid my implementation a created a new pull request: https://github.com/bsdperimeter/pfsense/pull/71

    I hope that i implemented it in correct way this time, or i will give up  ::)

    Have a nice weekend

    Edson


Log in to reply