What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

[WICENS] WAN IP Change Email Notification Script v4

Maverickcdn

Senior Member
WICENS - WAN IP Change Email Notification Script
v1.00 Jan 13 2021 v2.0 Oct 16,2021 v2.85 Jun 26 2022 v3.00 Sep 16 2022 v3.41 Apr 16 2023 v4.00 May 8 2024 v4.04 Jan 22 2025 v4.10 Feb 3 2025

This script is targeted at those that do not use a DDNS service but need to know if their WAN IP changes (ie. you run a VPN server etc) or you just want to know if and when your WAN IP has changed. Also has the ability to send Firmware Update Email notifications and Router Reboot Email notifications or act as a Email text file sender.

Open to any and all criticism and feedback so please let me know what you think.
Script is hosted on Github

- WAN IP change notification
- Historical WAN IPs w/observed lease times
- Call user script on WAN IP change
- Firmware update notification
- Router reboot notification
- Email Forwarder ability
- amtm Email settings sync
- GMail, Outlook, Hotmail etc
- works in Double NAT
- Supports only IPv4

WICENS - WAN IP Change Email Notification Script

This script when configured has the ability to send Email notifications for
Option 2 WAN IP Change (IPv4 only,DualWAN disabled)
Option 5 Script can call your own script when WAN IP change occurs
Option 6 Script Updates (checks every 48hrs when enabled)
Option 7 Firmware Updates (runs with built-in firmware notification check)
Option 8 Router reboot events
Option h shows hidden options
Script can also be used to send your own text generated Email files see
forwarder instructions further below

Supports GMail, Hotmail, Outlook, ISP based Email

Supports AsusWRT-Merlin built-in amtm Email configuration import

Script will function in Double NAT scenarios but does not support Dual WAN
Dual WAN check can be on/off by entering option dwd (default: on)

SMTP Email send formats available:
curl - SSL (eg GMail port 465) # amtm default
sendmail - StartTLS v1.1 higher
sendmail - StartTLS v1 only
sendmail - SMTP plain auth (no encryption)
sendmail - ISP based (no password reqd, generally port 25)

IMPORTANT - If using GMail/Outlook you must use 2 factor authentication and
setup an assigned App password for this script to use.

IMPORTANT - Your Email address(es) are stored as plain text within this
script. Your Email password is encrypted and saved to router storage.
If you dont practice good security habits around your router ssh access,
this script might not be for you.

Script compares IP in nvram for wan0 to saved IP with wan-event connected
events and cron, cron is also a watchdog and monitors for failed Email
attempts. Should the nvram IP be invalid/private IP script will use firmware
built in getrealip.sh to retrieve your WAN IP using Google STUN server.

Router reboot Email contains last known uptime prior to reboot (saved w/cron)
and down time between power loss (last check with cron) and power up time

All cron/wan-event/services-start/update-notification entries needed for this
script are automatically created and removed with enable and disable options.

NTP sync must occur on boot for proper script function

### Technical ###

Supports being used as an Email forwarder for other scripts, in your
script call /jffs/scripts/wicens.sh send {your email.txt path here}
ie. /jffs/scripts/wicens.sh send /tmp/email.txt
Use option fe (unlisted) in the menu to view a sample Email .txt file

When using wicens as an Email forwarder you can pass a second argument after
the Email text path as an alternate send to address different from what is
saved in the config ie. wicens send /path/email.txt [email protected]

Should Email sending fail the script will retry 4 more times with cron
1/11mins) in 172800 second intervals.

Script generates a lock file /tmp/wicens_lock.tty to prevent
duplicate runs as well as /tmp/wicens_internet_lock.tty
when sending Email notifications. Script will automatically remove stale
lock files if original starting process no longer exists or lock file are
over age limit.

Sendmail/Curl output for Emails is saved to /tmp/wicens_email.log for
debugging if needed. This file can be viewed by running this script and
select option L||l

Sendmail doesnt always return an error code on a misconfiguration so false
send success can occur. If script says Email has sent but no Email received
use option L||l from the Main Menu to read sendmail output for errors

All messages sent to syslog are duplicated in /jffs/addons/wicens/wicens.log
Including failed Email curl logs - Use option z||Z to view wicens.log

The script does not update its saved WAN IP until the script has completed
sending the notification so in the event of message failure it should run
again with next cron run and attempt to send again.

Using option 5 you can call your own script either immediately upon WAN IP
change detection, or wait until the Email message has been successfully sent.
Script will be put in background as to not block this script.

Output from a custom script set to run on WAN IP change is saved to
/jffs/addons/wicens/user_script.log

Hidden menu options
1f - forces build_settings menu
fl - remove mail log file
vv - list out all settings from config files
fr - remove any found update
fe - show example Email text file for using wicens as Email forwarder
ul - show log from user script output when calling script on WAN IP change
rc - reset core config for notification controls, not user config
dwd - disable/enable Dual WAN check

Every Sunday@6pm the script will log the # of times it ran with wan-event.

Thank you for using this script.

SNBforums thread https://www.snbforums.com/threads/wicens-wan-ip-change-email-notification-script.69294/

GitHub source https://github.com/maverickcdn/wicens

Version 4 brings another re-write of the script, additions, and overall optimizations
v4.00 has limited testing so please advise of issues and I will look to resolve as time allows

Script requires being configured with your To/From Email address(es), server address/port etc. or can sync with your amtm Email config

Firmware must be 384.15 or newer, or on Johns fork 374.43_48D3j9527 or newer

To install, scripts/ssh must be enabled. Install from amtm main menu or from an SSH terminal, copy/paste
Code:
curl --retry 3 "https://raw.githubusercontent.com/maverickcdn/wicens/master/wicens.sh" -o "/jffs/scripts/wicens.sh" && chmod a+rx "/jffs/scripts/wicens.sh"

For first run, use the following to access the Menu.
Code:
sh /jffs/scripts/wicens.sh
Then select option 1 to create the config

After first run and starting a new terminal session, you should be able to access the menu by simply entering
Code:
wicens

Use option b to create a backup of your configured settings if ever formatting /jffs or reinstalling wicens. Saved to script directory /jffs/addons/wicens (*uninstall removes backups you must manually copy to a safe location)

In SMTP server send config type, option 4 (SMTP Plain auth) is still untested. Support for sendmail options is depreciated.

Hope people can find this script useful, and would welcome your feedback, there's already 3 user requested custom fields. I find scripting a nice escape from everyday life.

wicens main menu.jpgwicens sample.jpg

To truly test the script (built in test only tests Email function), use nano to edit the saved_wan_ip to something different (not blank) in /jffs/addons/wicens/wicens_user_config.wic and let it run with cron (default 11mins). Those taking advantage of the custom script calling function should certainly test it this way.

Feeling generous?
 
Last edited:
Nice to have another person join the script development party!

How is the email password stored?
Edit, i rtfm'd :D
Code:
IMPORTANT - Your Email address(es) are stored as plain text within this script. Your Email password is obfuscated and saved to the script. If you dont practice good security habits around your router ssh access, this script might not be for you.
 
Nice to have another person join the script development party!

How is the email password stored?
Edit, i rtfm'd :D
Code:
IMPORTANT - Your Email address(es) are stored as plain text within this script. Your Email password is obfuscated and saved to the script. If you dont practice good security habits around your router ssh access, this script might not be for you.
Thank you sir, I consider myself the head of the useless script department ;)

All good! Its not 'plain text' anymore, but at least not AAABBBBCCC in the file. It is 'encrypted', but is quite trivial to decode given you have the information required
 
Very good! Keep going...
And it's finally nice to have a backup function so we can keep the settings between script updates :)

-----

Very nice to have the custom script calling but oops.....

Screenshot_20210114-075228448.png
 
Very good! Keep going...
And it's finally nice to have a backup function so we can keep the settings between script updates :)

-----

Very nice to have the custom script calling but oops.....
I was just about to bed ;)

Curious, if it actually saved the path properly or not, you could reuse option s from the menu and itll show the saved value

Did you download using the link above? would you mind trying dos2unix like last time, the formatting of the wicens header looks wonky too.

Honestly the script calling was a last minute throw in and I think I tested a handful of times with text files, it looks to be trying to execute your script when using sed to write the path to the file, I may have to base64 encode it before writing nevermind already is
 
I was just about to bed ;)

Curious, if it actually saved the path properly or not, you could reuse option s from the menu and itll show the saved value

Did you download using the link above? would you mind trying dos2unix like last time, the formatting of the wicens header looks wonky too.

Honestly the script calling was a last minute throw in and I think I tested a handful of times with text files, it looks to be trying to execute your script when using sed to write the path to the file, I may have to base64 encode it before writing nevermind already is
Same result after dos2unix :)

In fact, when running wicens, I think after running the custom script it throws some errors too, but the screen is cleaned very quickly and I can't capture them...
Maybe they're the same!
 
let me sleep on it

Code:
#!/bin/sh

entry=/jffs/scripts/testing
custom=$(echo "$entry" | openssl base64 | tr -d '\n')
script_name_full=/jffs/scripts/test2
user_custom_script='L2pmZnMvc2NyaXB0cy90ZXN0aW5nCg=='
sed -i "1,/user_custom_script=.*/{s~user_custom_script=.*~user_custom_script='$custom'~;}" "$script_name_full"

I created a testing file which should have sent a message to my log if it was executed and ran the code and it didnt execute the script in the entered path and saved the encoded text to the file so Im not sure....... tomorrow...


And to confirm did you download using the command in the first post?
 
let me sleep on it

Code:
#!/bin/sh

entry=/jffs/scripts/testing
custom=$(echo "$entry" | openssl base64 | tr -d '\n')
script_name_full=/jffs/scripts/test2
user_custom_script='L2pmZnMvc2NyaXB0cy90ZXN0aW5nCg=='
sed -i "1,/user_custom_script=.*/{s~user_custom_script=.*~user_custom_script='$custom'~;}" "$script_name_full"

I created a testing file which should have sent a message to my log if it was executed and ran the code and it didnt execute the script in the entered path and saved the encoded text to the file so Im not sure....... tomorrow...


And to confirm did you download using the command in the first post?
Yes I used your command:)

Get yourself a good night of sleep...I'm getting out for work myself

Thanks for your work!!
 
Well two sips of coffee and Im pretty sure I know what the issue is, problem is I cant debug it without updating my own FW or having someone else confirm my suspicions... problem is openssl was updated between beta1 and beta2, so in theory my beta3 tests would fail too ( i dont see any changes to openssl between 3 and 4)

Its line 521 in the script where I try and base64 encode the entry.... it looks like openssl is missing dependencies or the syntax has changed....

Can you try this command and let me know if it fails for you or not
Code:
echo "maghuro testing" | openssl base64

Should return
Code:
bWFnaHVybyB0ZXN0aW5nCg==

Capture.JPG


Doesnt help I go through the effort of coding to see if sed failed but dont bother to check if the variable even has a value :p
 
Last edited:
Well two sips of coffee and Im pretty sure I know what the issue is, problem is I cant debug it without updating my own FW or having someone else confirm my suspicions... problem is openssl was updated between beta1 and beta2, so in theory my beta3 tests would fail too ( i dont see any changes to openssl between 3 and 4)

Its line 521 in the script where I try and base64 encode the entry.... it looks like openssl is missing dependencies or the syntax has changed....

Can you try this command and let me know if it fails for you or not
Code:
echo "maghuro testing" | openssl base64

Should return
Code:
bWFnaHVyb3Rlc3RpbmcK

View attachment 29512

Doesnt help I go through the effort of coding to see if sed failed but dont bother to check if the variable even has a value :p
Well, instead of nothing it throws the correct value and then... The error :D

Code:
adminRT-AC86U/tmp/home/root echo "maghuro testing" | openssl base64   bWFnaHVybyB0ZXN0aW5nCg==                                                  548051459328:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:118:filename(libengines.so): libengines.so: cannot open shared object file: No such file or directory    548051459328:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:162:                               548051459328:error:0E07506E:configuration file routines:module_load_dso:error loading dso:crypto/conf/conf_mod.c:224:module=engines, path=engines   548051459328:error:0E076071:configuration file routines:module_run:unknown module name:crypto/conf/conf_mod.c:165:module=engines
 
Well, instead of nothing it throws the correct value and then... The error :D

Well... I think that my script will function fine still despite the error message if its still outputting the encoded text. I guess you could try and report back.

Can you confirm one more thing, save a custom script path, then go back to the Main Menu then re-select option s... it should prompt there is already a saved value and print out the path to the script you entered and ask if you want to keep or overwrite it.
 
Well... I think that my script will function fine still despite the error message if its still outputting the encoded text. I guess you could try and report back.

Can you confirm one more thing, save a custom script path, then go back to the Main Menu then re-select option s... it should prompt there is already a saved value and print out the path to the script you entered and ask if you want to keep or overwrite it.
Yes, despite the error, everything is working perfectly well!

Regarding the custom script, no complains is good news, I tried that and it works as you described.

You sir are the true useless/usefull script master :)
 
My dear... After 15 days my router changed its ip, and that lease time observed is no good :)

First it only shows in seconds, and it's showing negative value...
 

Attachments

  • Screenshot_20210131-120628423 (1).jpg
    Screenshot_20210131-120628423 (1).jpg
    71.6 KB · Views: 424
Again, now different :)
 

Attachments

  • Screenshot_20210131-210006990_1.jpg
    Screenshot_20210131-210006990_1.jpg
    38.6 KB · Views: 446
Nobody said I was good at math ;) (or coding...). I guess in the end you at least got the notification!

Do you have an NTP server set on Administration-->System in the firmware ? I may have to pinch some code for checking NTP status from another script

In your router system log what is the date when wicens sent the email? is it accurate? (my guess is the date is incorrect because of a reboot or something)

My thought is your system time is incorrect (likely the setup time in the script when you first set it up), or the script is running to early when the router hasnt updated its time after a reboot?

You can try erasing the values for all three WAN IP variables at the top of the script file, IP/epoch/date and re run the script manually and let it save fresh or just run the reset option and reenter your config.... assuming your system time is correct.
 
I think you'd be best to ensure your system time is correct, use the reset option and then reconfigure (dont reload a backup)

You can then use option 4 to see a sample Email and see if its calculating the correct lease time. If it occurs again Ill need to see your syslog from the time the lease renewed to when wicens posted in the log it was done sending/updating
 
Nobody said I was good at math ;) (or coding...). I guess in the end you at least got the notification!

Do you have an NTP server set on Administration-->System in the firmware ? I may have to pinch some code for checking NTP status from another script

In your router system log what is the date when wicens sent the email? is it accurate? (my guess is the date is incorrect because of a reboot or something)

My thought is your system time is incorrect (likely the setup time in the script when you first set it up), or the script is running to early when the router hasnt updated its time after a reboot?

You can try erasing the values for all three WAN IP variables at the top of the script file, IP/epoch/date and re run the script manually and let it save fresh or just run the reset option and reenter your config.... assuming your system time is correct.
Working as expected since day 1! (Or since day -23392 or something like that :p )

I'm using ntpmerlin as my chrony manager. You should check some amtm scripts code, so you can steal the portion of code that waits for ntp ready before executing the script :)
 
You should check some amtm scripts code, so you can steal the portion of code that waits for ntp ready before executing the script :)
No worries that was on my list of things to do, Ive seen the code in the big player scripts just never got around to implementing it.

For giggles what does this return for you right now?
Code:
head -n23 < /jffs/scripts/wicens.sh | tail -n1
 
No worries that was on my list of things to do, Ive seen the code in the big player scripts just never got around to implementing it.

For giggles what does this return for you right now?
Code:
head -n23 < /jffs/scripts/wicens.sh | tail -n1


This sir:
saved_wan_epoch='1612125671'
 
This sir:
saved_wan_epoch='1612125671'
Thanks, looks good. Likely an NTP issue, can you just confirm in your router log, those times wicens sent you the Email it was logged as being called by wan-event and not cron? Im fairly certain this is an NTP issue as my script is setting the epoch time before NTP has done its thing

Does your router reboot on WAN drops or anything?
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Back
Top