Re: Find out the white IP-address of the router from the server, which is behind the NAT-ohm
Good day Habr.
Not being able to answer questions from the QA section, I decided to make a small post with an answer to this question .
My decision is somewhat broader than a question, and I hope it will be useful to someone else.
A little background.
At one time, he got a job as an admin in a small organization. The Internet rang out through one computer (let's call it the gateway), which bridge established an ADSL connection with a dynamic white IP.
Since I wasn’t constantly in the office, to quickly resolve minor issues I needed remote access to the organization’s local network. After getting rid of the Windows gateway (yes, there was Windows XP and Kerio Winroute Firewall) and installing CentOS 6, I wondered about the constant connectivity to the gateway.
')
There was already a positive experience of using dynamic dns services (on a home router), so a separate account was started on dyndns.org.
Next, the inadyn package was installed on the gateway (as recommended by dyndns.org itself).
After that 2 bash scripts were written. Both run on the crown, the first every 5 minutes, the second - every week. This was done for the following reason.
If every 5 minutes to send a fixed IP to the server, then after a certain number of attempts, dyndns.org will simply block the even entry, and can be unlocked again only by logging into your account. Therefore, before sending your IP to dyndns.org, the first script first checks if the current real IP is different from the one that the dyndns.org service itself gives to the domain name.
The second script is needed so that the dyndns.org service does not forget about this account, since again, in a free mode, if you don’t contact dyndns.org for a long time, then the account is locked again. Therefore, the second script sends the IP always, even if it has not changed.
Actually now the scripts themselves.
First ipupdate:
my-remote-server.dyndns.org and my-remote-server-other.dyndns.org are examples of aliases from different accounts. I need more than 2 DNS names, so I registered 2 accounts. Checking IP addresses goes on all DNS-names.
remote1.conf and remote2.conf are configs of different accounts for dyndns.org.
logger - writes a phrase to the standard log, you can remove it - it will not affect work
Second ipupdWeek:
I think everything is clear here.
These 2 scripts with minimal changes (added services to check the current IP) have already been working for more than 2 years. Power outages and the Internet are not terrible - after setting up the Internet connection for 5 minutes (can be changed in the crown), I will again be able to connect remotely.
PS I do not pretend to something original, but I had to spend time on these scripts in due time, I hope this post will help someone save this time.
PPS In order not to bother with all of this at all - the modem is in router mode (port forwarding itself) and configure dyndns in the modem itself.
At that moment, when all this was done - the modem was bent from working in the router mode. Now with the new modem, I don’t see any reason to change anything, for “it works - for God's sake don’t touch” (c).
Not being able to answer questions from the QA section, I decided to make a small post with an answer to this question .
My decision is somewhat broader than a question, and I hope it will be useful to someone else.
A little background.
At one time, he got a job as an admin in a small organization. The Internet rang out through one computer (let's call it the gateway), which bridge established an ADSL connection with a dynamic white IP.
Since I wasn’t constantly in the office, to quickly resolve minor issues I needed remote access to the organization’s local network. After getting rid of the Windows gateway (yes, there was Windows XP and Kerio Winroute Firewall) and installing CentOS 6, I wondered about the constant connectivity to the gateway.
')
There was already a positive experience of using dynamic dns services (on a home router), so a separate account was started on dyndns.org.
Next, the inadyn package was installed on the gateway (as recommended by dyndns.org itself).
After that 2 bash scripts were written. Both run on the crown, the first every 5 minutes, the second - every week. This was done for the following reason.
If every 5 minutes to send a fixed IP to the server, then after a certain number of attempts, dyndns.org will simply block the even entry, and can be unlocked again only by logging into your account. Therefore, before sending your IP to dyndns.org, the first script first checks if the current real IP is different from the one that the dyndns.org service itself gives to the domain name.
The second script is needed so that the dyndns.org service does not forget about this account, since again, in a free mode, if you don’t contact dyndns.org for a long time, then the account is locked again. Therefore, the second script sends the IP always, even if it has not changed.
Actually now the scripts themselves.
First ipupdate:
#!/bin/sh logger -t ipupdate "UPDATING IP START" # HOSTNAME is your DynDNS hostname HOST2=my-remote-server.dyndns.org HOST3=my-remote-server-other.dyndns.org # NSLOOKUP is the current DNS entry for your DynDNS hostname OLD_IP2=`/usr/bin/nslookup -sil $HOST2 | tail -2 | head -1 | cut -d" " -f2 | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` if [ "$OLD_IP2" = "" ] ; then logger -t ipupdate "Not entry IP for $HOST2. Second empty..." OLD_IP2=`ping $HOST2 -c 1 | head -1 | cut -d" " -f3 | sed 's/(//' | sed 's/)//' | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` fi if [ "$OLD_IP2" = "" ] ; then logger -t ipupdate "Not entry IP for $HOST2. Second empty: FAILED" fi OLD_IP3=`/usr/bin/nslookup -sil $HOST3 | tail -2 | head -1 | cut -d" " -f2 | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` if [ "$OLD_IP3" = "" ] ; then logger -t ipupdate "Not entry IP for $HOST3. Second empty..." OLD_IP3=`ping $HOST3 -c 1 | head -1 | cut -d" " -f3 | sed 's/(//' | sed 's/)//' | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` fi if [ "$OLD_IP3" = "" ] ; then logger -t ipupdate "Not entry IP for $HOST1. Second empty: FAILED." fi if [ "$OLD_IP2" = "" ] && [ "$OLD_IP3" = "" ] ; then logger -t ipupdate "CHECKING INTENAL IP FAILED" logger -t ipupdate "EXIT" exit fi # Services for check external ip CHECK_IP0='ifconfig.me/ip' CHECK_IP1='http://checkip.dyndns.com' CHECK_IP2='http://2ip.ru' CHECK_IP3='http://www.netins.net/dialup/tools/my_ip.shtml' logger -t ipupdate "$HOST2 has IP: $OLD_IP2" logger -t ipupdate "$HOST3 has IP: $OLD_IP3" logger -t ipupdate "Check external IP throw $CHECK_IP0" CURRENT_IP=`/usr/bin/curl $CHECK_IP0 | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` if [ "$CURRENT_IP" = "" ]; then logger -t ipupdate "Checking external IP throw $CHECK_IP0 FAILED" logger -t ipupdate "Check external IP throw $CHECK_IP2" CURRENT_IP=`/usr/bin/lynx -dump $CHECK_IP1 | awk '/Current IP Address:/ { print $4; }' | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` fi if [ "$CURRENT_IP" = "" ]; then logger -t ipupdate "Checking external IP throw $CHECK_IP1 FAILED" logger -t ipupdate "Check external IP throw $CHECK_IP2" CURRENT_IP=`/usr/bin/lynx -dump $CHECK_IP2 | awk '/ IP :/ { print $4; }' | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` fi if [ "$CURRENT_IP" = "" ]; then logger -t ipupdate "Checking external IP throw $CHECK_IP2 FAILED" logger -t ipupdate "Check external IP throw $CHECK_IP3" CURRENT_IP=`/usr/bin/lynx -dump $CHECK_IP3 | grep -A2 "Your current IP Address is:" | tail -n1 | tr -d ' '|sed '/^$/d'| sed 's/^ *//g' | grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'` fi if [ "$CURRENT_IP" = "unknown" ] || [ "$CURRENT_IP" = "" ] ; then logger -t ipupdate "Checking external IP throw $CHECK_IP3 FAILED" logger -t ipupdate "CHECKING EXTERNAL IP FAILED" logger -t ipupdate "EXIT" exit fi logger -t ipupdate "Real IP: $CURRENT_IP" if [ "$OLD_IP2" != "$CURRENT_IP" ] || [ "$OLD_IP3" != "$CURRENT_IP" ] ; then logger -t ipupdate "IP need to update" if [ "$OLD_IP2" != "$CURRENT_IP" ] ; then inadyn --input_file /etc/inadyn/remote1.conf fi if [ "$OLD_IP3" != "$CURRENT_IP" ] ; then inadyn --input_file /etc/inadyn/remote2.conf fi logger -t ipupdate "sleeping for 30 sec" sleep 30 logger -t ipupdate "daemon for updating has stoped" killall inadyn # Flush local DNS cache of $HOSTNAME /sbin/service named restart else logger -t ipupdate "Current IP is actual" fi logger -t ipupdate "UPDATING IP FINISHED" exit my-remote-server.dyndns.org and my-remote-server-other.dyndns.org are examples of aliases from different accounts. I need more than 2 DNS names, so I registered 2 accounts. Checking IP addresses goes on all DNS-names.
remote1.conf and remote2.conf are configs of different accounts for dyndns.org.
logger - writes a phrase to the standard log, you can remove it - it will not affect work
Second ipupdWeek:
#!/bin/sh logger -t ipupdWeek "WEEK UPDATING IP START" # script name of updating IP script='ipupdate' # check for running of script of update IP scriptRunning=`/bin/ps aux | grep $script | grep -v 'grep'` if [ "$scriptRunning" = "" ]; then logger -t ipupdWeek "Script of updating IP IS NOT running" echo "Not running" else logger -t ipupdWeek "Script of updating IP IS RUNNING, killall it" killall $script fi logger -t ipupdWeek "Start inadyn to update all IP" inadyn --input_file /etc/inadyn/remote1.conf inadyn --input_file /etc/inadyn/remote2.conf logger -t ipupdWeek "Sleeping 10 sec" sleep 10 logger -t ipupdWeek "Stop inadyn" killall inadyn logger -t ipupdWeek "WEEK UPDATING IP STOP" exit I think everything is clear here.
These 2 scripts with minimal changes (added services to check the current IP) have already been working for more than 2 years. Power outages and the Internet are not terrible - after setting up the Internet connection for 5 minutes (can be changed in the crown), I will again be able to connect remotely.
PS I do not pretend to something original, but I had to spend time on these scripts in due time, I hope this post will help someone save this time.
PPS In order not to bother with all of this at all - the modem is in router mode (port forwarding itself) and configure dyndns in the modem itself.
At that moment, when all this was done - the modem was bent from working in the router mode. Now with the new modem, I don’t see any reason to change anything, for “it works - for God's sake don’t touch” (c).
Source: https://habr.com/ru/post/178327/
All Articles