What's new

ASUSddns script successful when started manually, but not successful when running automatically

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bobby

Occasional Visitor
As I am behind a double NAT, I am running a custom script to update my IP address.

The script that I installed is: https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts#asus

I put it in ddns-start, and made all the settings as indicated on the Merlin "custom scripts" page.

When I run this script manually through SSH ("sh ddns-script"), then the update is successful.
When I let the router do an automatic update after a reboot, it fails!

Here is the log file:

Jan 19 17:49:20 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
Jan 19 17:49:21 ddns: Custom ddns update failed
Jan 19 17:49:50 watchdog: start ddns.
Jan 19 17:49:50 rc_service: watchdog 289:notify_rc start_ddns
Jan 19 17:49:50 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
Jan 19 17:49:51 ddns: Custom ddns update failed

<logging in to the router Putty, entering manual command >

Jan 19 17:49:53 dropbear[1124]: Child connection from 192.168.69.215:61727
Jan 19 17:49:57 dropbear[1124]: Pubkey auth succeeded for 'admin' with key sha1!! XXX from 192.168.69.215:61727
Jan 19 17:50:12 ddns: Completed custom ddns update

Why would a script fail when running in the background, but succeed when running manually???

Thanks in advance for any input.
 
Probably a path issue in the script

Post the script contents (anonymised of course)


Sent from my iPhone using Tapatalk
 
As I am behind a double NAT, I am running a custom script to update my IP address.

The script that I installed is: https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts#asus

I put it in ddns-start, and made all the settings as indicated on the Merlin "custom scripts" page.

When I run this script manually through SSH ("sh ddns-script"), then the update is successful.
When I let the router do an automatic update after a reboot, it fails!

Here is the log file:

Jan 19 17:49:20 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
Jan 19 17:49:21 ddns: Custom ddns update failed
Jan 19 17:49:50 watchdog: start ddns.
Jan 19 17:49:50 rc_service: watchdog 289:notify_rc start_ddns
Jan 19 17:49:50 custom_script: Running /jffs/scripts/ddns-start (args: 192.168.1.217)
Jan 19 17:49:51 ddns: Custom ddns update failed

<logging in to the router Putty, entering manual command >

Jan 19 17:49:53 dropbear[1124]: Child connection from 192.168.69.215:61727
Jan 19 17:49:57 dropbear[1124]: Pubkey auth succeeded for 'admin' with key sha1!! XXX from 192.168.69.215:61727
Jan 19 17:50:12 ddns: Completed custom ddns update

Why would a script fail when running in the background, but succeed when running manually???

Thanks in advance for any input.
Your WAN IP is private in the syslog (192.168.1.217). Are you using the External method of WAN IP detection?

EDIT: actually you need to determine it correctly in your custom script. See https://github.com/RMerl/asuswrt-me...rough-either-double-nat-or-a-cgnat-connection

look at /usr/sbin/getrealip.sh
 
Last edited:
The script is as follows (I replaced test with the proper hostname):
Code:
#!/bin/sh

# Set the host name, ending with .asuscomm.com is optional
HOSTNAME='test'

# The IP address to use
IP="$1"

# Asus DDNS server
ASUS_SERVER='nwsrv-ns1.asus.com'

# Router MAC address location is hardware dependent
for LAN_MAC_NAME in et0macaddr et1macaddr et2macaddr; do
    MAC_ADDR="$(nvram get "$LAN_MAC_NAME")"
    if [ -n "$MAC_ADDR" ] && [ "$MAC_ADDR" != '00:00:00:00:00:00' ]; then
        break
    fi
done

# Use openssl to generate the password
PASSWORD="$(printf '%s' "${MAC_ADDR//:/}${IP//./}" | openssl md5 -hmac "$(nvram get secret_code)" 2>/dev/null | awk '{print toupper($2)}')"

# Try to update
HTTP_RESULT="$(curl -fs -w '%{http_code}' -o /dev/null -u "${MAC_ADDR//:/}:$PASSWORD" "http://$ASUS_SERVER/ddns/update.jsp?hostname=${HOSTNAME%.asuscomm.com}.asuscomm.com&myip=$IP")"

# Full code list https://github.com/RMerl/asuswrt-merlin.ng/blob/master/release/src/router/inadyn/plugins/asuscomm.c#L293
case "$HTTP_RESULT" in
    200|220|230)
        /sbin/ddns_custom_updated 1
    ;;
    *)
        /sbin/ddns_custom_updated 0
    ;;
esac

To make it clear: as written before, this script works perfectly when started manually!
Somehow it does not work when running in the background.
 
To make it clear: as written before, this script works perfectly when started manually!
Somehow it does not work when running in the background.
So when run manually you supply 192.168.1.217 as the WAN IP and it works?
Code:
/jffs/scripts/ddns-start 192.168.1.217
Or are you “cheating” and providing the real external IP when running manually?
 
Yea I’d assume if running manually without passing an IP, the Asus Servers receiving ip=NULL automatically revert to the packets source IP for the update.
Where the background version is supplying a private IP they reject the request.

Just comment the IP=$1 line


Sent from my iPhone using Tapatalk
 
JDB: you were spot on! I just commented that line and it works! You are brilliant.
Thank you, dave14305 for leading JDB in the right direction :)

So I can confirm that this script works in a double NAT situation. So for anybody wanting to do this, including newbies: all you have to do is put # in front of IP="$1"
 
JDB: you were spot on! I just commented that line and it works! You are brilliant.
Thank you, dave14305 for leading JDB in the right direction :)

So I can confirm that this script works in a double NAT situation. So for anybody wanting to do this, including newbies: all you have to do is put # in front of IP="$1"
Just curious why this custom script is necessary when ASUSCOMM.COM is supported in the firmware.
 
Fair question!

I use old RT N66U routers as cheap OpnVPN servers. They are cheap because they are no longer supported. Behind a good router they are not a security risk. This is a double NAT set up.

The ddns service in the firmware does not support a double NAT setup. It will send the WAN IP address to ASUS which is a private IP address.

Thanks again for your help!!
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top