1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

ASUSddns script successful when started manually, but not successful when running automatically

Discussion in 'Asuswrt-Merlin' started by bobby, Jan 19, 2020.

  1. bobby

    bobby Occasional Visitor

    Joined:
    Nov 21, 2014
    Messages:
    26
    As I am behind a double NAT, I am running a custom script to update my IP address.

    The script that I installed is: https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts#asus

    I put it in ddns-start, and made all the settings as indicated on the Merlin "custom scripts" page.

    When I run this script manually through SSH ("sh ddns-script"), then the update is successful.
    When I let the router do an automatic update after a reboot, it fails!

    Here is the log file:

    Jan 19 17:49:20 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
    Jan 19 17:49:21 ddns: Custom ddns update failed
    Jan 19 17:49:50 watchdog: start ddns.
    Jan 19 17:49:50 rc_service: watchdog 289:notify_rc start_ddns
    Jan 19 17:49:50 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
    Jan 19 17:49:51 ddns: Custom ddns update failed

    <logging in to the router Putty, entering manual command >

    Jan 19 17:49:53 dropbear[1124]: Child connection from 192.168.69.215:61727
    Jan 19 17:49:57 dropbear[1124]: Pubkey auth succeeded for 'admin' with key sha1!! XXX from 192.168.69.215:61727
    Jan 19 17:50:12 ddns: Completed custom ddns update

    Why would a script fail when running in the background, but succeed when running manually???

    Thanks in advance for any input.
     
  2. JDB

    JDB Very Senior Member

    Joined:
    Aug 28, 2016
    Messages:
    972
    Probably a path issue in the script

    Post the script contents (anonymised of course)


    Sent from my iPhone using Tapatalk
     
  3. dave14305

    dave14305 Part of the Furniture

    Joined:
    May 19, 2018
    Messages:
    2,143
    Location:
    USA
    Your WAN IP is private in the syslog (192.168.1.217). Are you using the External method of WAN IP detection?

    EDIT: actually you need to determine it correctly in your custom script. See https://github.com/RMerl/asuswrt-me...rough-either-double-nat-or-a-cgnat-connection

    look at /usr/sbin/getrealip.sh
     
    Last edited: Jan 19, 2020
  4. bobby

    bobby Occasional Visitor

    Joined:
    Nov 21, 2014
    Messages:
    26
    The script is as follows (I replaced test with the proper hostname):
    Code:
    #!/bin/sh
    
    # Set the host name, ending with .asuscomm.com is optional
    HOSTNAME='test'
    
    # The IP address to use
    IP="$1"
    
    # Asus DDNS server
    ASUS_SERVER='nwsrv-ns1.asus.com'
    
    # Router MAC address location is hardware dependent
    for LAN_MAC_NAME in et0macaddr et1macaddr et2macaddr; do
        MAC_ADDR="$(nvram get "$LAN_MAC_NAME")"
        if [ -n "$MAC_ADDR" ] && [ "$MAC_ADDR" != '00:00:00:00:00:00' ]; then
            break
        fi
    done
    
    # Use openssl to generate the password
    PASSWORD="$(printf '%s' "${MAC_ADDR//:/}${IP//./}" | openssl md5 -hmac "$(nvram get secret_code)" 2>/dev/null | awk '{print toupper($2)}')"
    
    # Try to update
    HTTP_RESULT="$(curl -fs -w '%{http_code}' -o /dev/null -u "${MAC_ADDR//:/}:$PASSWORD" "http://$ASUS_SERVER/ddns/update.jsp?hostname=${HOSTNAME%.asuscomm.com}.asuscomm.com&myip=$IP")"
    
    # Full code list https://github.com/RMerl/asuswrt-merlin.ng/blob/master/release/src/router/inadyn/plugins/asuscomm.c#L293
    case "$HTTP_RESULT" in
        200|220|230)
            /sbin/ddns_custom_updated 1
        ;;
        *)
            /sbin/ddns_custom_updated 0
        ;;
    esac
    To make it clear: as written before, this script works perfectly when started manually!
    Somehow it does not work when running in the background.
     
  5. dave14305

    dave14305 Part of the Furniture

    Joined:
    May 19, 2018
    Messages:
    2,143
    Location:
    USA
    So when run manually you supply 192.168.1.217 as the WAN IP and it works?
    Code:
    /jffs/scripts/ddns-start 192.168.1.217
    Or are you “cheating” and providing the real external IP when running manually?
     
    bobby and thelonelycoder like this.
  6. JDB

    JDB Very Senior Member

    Joined:
    Aug 28, 2016
    Messages:
    972
    Yea I’d assume if running manually without passing an IP, the Asus Servers receiving ip=NULL automatically revert to the packets source IP for the update.
    Where the background version is supplying a private IP they reject the request.

    Just comment the IP=$1 line


    Sent from my iPhone using Tapatalk
     
    bobby and dave14305 like this.
  7. bobby

    bobby Occasional Visitor

    Joined:
    Nov 21, 2014
    Messages:
    26
    JDB: you were spot on! I just commented that line and it works! You are brilliant.
    Thank you, dave14305 for leading JDB in the right direction :)

    So I can confirm that this script works in a double NAT situation. So for anybody wanting to do this, including newbies: all you have to do is put # in front of IP="$1"
     
    JDB and dave14305 like this.
  8. dave14305

    dave14305 Part of the Furniture

    Joined:
    May 19, 2018
    Messages:
    2,143
    Location:
    USA
    Just curious why this custom script is necessary when ASUSCOMM.COM is supported in the firmware.
     
  9. bobby

    bobby Occasional Visitor

    Joined:
    Nov 21, 2014
    Messages:
    26
    Fair question!

    I use old RT N66U routers as cheap OpnVPN servers. They are cheap because they are no longer supported. Behind a good router they are not a security risk. This is a double NAT set up.

    The ddns service in the firmware does not support a double NAT setup. It will send the WAN IP address to ASUS which is a private IP address.

    Thanks again for your help!!
     
    Last edited: Jan 20, 2020