OpenDNS and the new DNS-O-Matic

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
somms
DD-WRT User


Joined: 21 Mar 2008
Posts: 258

PostPosted: Fri Apr 11, 2008 16:08    Post subject: Reply with quote
New OpenDNS category:Suspicious Responses

Suspicious responses are DNS replies that contain data that might be malicious or otherwise unwanted. Unlike the rest of our filtering features, which filter based on the domain being looked up, these tools filter based on the contents of the reply.


Block internal IP addresses

When enabled, DNS responses containing IP addresses listed in RFC1918 will be filtered out. This helps to prevent DNS Rebinding attacks. For example, if badstuff.attacker.com points to 192.168.1.1, this option would filter out that response.

The three blocks of IP addresses filtered in responses are:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Apply to all my networksNote: If you want to prevent a domain or zone from being subject to suspicious response filters, you can add it to your whitelist and queries will be answered unchecked.
Sponsor
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 258
Location: Trinidad & Tobago

PostPosted: Sat Aug 09, 2008 12:46    Post subject: Reply with quote
pencoyd wrote:
OpenDNS requires SSL on updates made directly to OpenDNS.

However, DNS-O-Matic accepts either SSL or normal HTTP updates. So, you may update OpenDNS via DNS-O-Matic without SSL on your client if you wish .

Note: We'd love the inadyn folks to build in SSL support; we've obviously offered the code we added openly, but no one has taken it.

We very much want DNS-O-Matic to be an easy option for DD-WRT.

Please let us know what we can do to help.

John Roberts
VP of Product, OpenDNS http://www.opendns.com
Operators of DNS-O-Matic http://www.dnsomatic.com
first name at opendns (and you know the rest)
As I said before...
The real question is can I kindly ask the OpenDNS team to support our non-HTTPS version of INADYN in DD_WRT? All of my attempts to have OpenDNS support http as well as https updates have failed. Why is this John? Give me the great reason why OpenDNS refuses to conform with every other Dynamic DNS service on the planet and support regular http updates? You guys go on and on about the router firmware authors not being able to add ssl support but the real problem is with OpenDNS not the router firmware authors. You think the world revolves around OpenDNS so much that authors should adjust code to support ssl for OpenDNS alone when every other similar service uses regular http?

Please explain this John why when we place the hostname in the DDNS gui for dnsomatic it refuses to update just 1 network, why must it update all networks? Is dnsomatic illiterate?

I am looking forward to see how much you guys really "care" about supporting http updates. I wonder if you even "care" enough to reply with decent answers to my questions.

_________________
[everything is to be replicate]
ASUS RT-N10, ASUS RT-N12, Linksys E900.
moreins
DD-WRT User


Joined: 18 Nov 2006
Posts: 320
Location: Cali, Colombia

PostPosted: Tue Aug 19, 2008 20:23    Post subject: Reply with quote
hey guys
quick question:
how can i manually force the DDNS to update from the telnet command line?

thanks

_________________
WRT54GS v2.1 > v24-sp2 (01/01/09) mega
WRT54GS v5 > v24-sp2 (01/01/09) micro
PPTP, WDS link and SD Mod
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 258
Location: Trinidad & Tobago

PostPosted: Tue Aug 19, 2008 20:45    Post subject: Reply with quote
moreins wrote:
hey guys
quick question:
how can i manually force the DDNS to update from the telnet command line?

thanks
Check out some of the code from here. I think you would just need to paste the inadyn line with all your parameters and it will run. You will need to check the inadyn man page to find out what is the parameter for forced update. The code you have to paste is something like this except you need to add the option to force update.

Code:
inadyn --background --username ??? --password ??? --alias ??? --dyndns_server_name updates.dnsomatic.com --dyndns_server_url /nic/update? --update_period_sec 120 --forced_update_period 86400 --wildcard

_________________
[everything is to be replicate]
ASUS RT-N10, ASUS RT-N12, Linksys E900.
moreins
DD-WRT User


Joined: 18 Nov 2006
Posts: 320
Location: Cali, Colombia

PostPosted: Tue Aug 19, 2008 23:28    Post subject: Reply with quote
@cdkiller
thanks for the reply. i forgot to mention that i already have configured my ddns parameters using the CUSTOM DDNS SERVICE. do i still need to type all the parameters again on the command line? or can i just use a single command to force the update of the already configured ddns service
thanks

_________________
WRT54GS v2.1 > v24-sp2 (01/01/09) mega
WRT54GS v5 > v24-sp2 (01/01/09) micro
PPTP, WDS link and SD Mod
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 258
Location: Trinidad & Tobago

PostPosted: Wed Aug 20, 2008 0:50    Post subject: Reply with quote
moreins wrote:
@cdkiller
thanks for the reply. i forgot to mention that i already have configured my ddns parameters using the CUSTOM DDNS SERVICE. do i still need to type all the parameters again on the command line? or can i just use a single command to force the update of the already configured ddns service
thanks
As far as I know you won't be able to force the update when you want, but there is an option to force update at an interval. The only way to force the update when you want would be to run another instance of inadyn which would require you to put in all the parameters you need. you will have to manually kill the process after as well.
_________________
[everything is to be replicate]
ASUS RT-N10, ASUS RT-N12, Linksys E900.
netman74501
DD-WRT Novice


Joined: 11 Mar 2009
Posts: 4

PostPosted: Wed Mar 11, 2009 14:15    Post subject: Reply with quote
I know that this thread is almost a year old but, (and there is always a but, isn't there?), I have finally found a way to make ddwrt update DNS-O-Matic with specific hostnames. Meaning updating multiple hostnames but not all of the hostnames in your list, (as in not using all.dnsomatic.com as the server but using the normal updates.dnsomatic.com as server).

Config:

DDNS Service: Custom
DYNDNS Server: updates.dnsomatic.com
User Name: You User Name
Password: Your Password
Host Name: hostname1 -a hostname2 -a hostname3 and so on...
URL: /nic/update?hostname=
Additional DDNS Options was left blank.

I could use the -a option like everything else I found says but it would update all of my hostnames not just the ones I specified. The important piece was adding the hostname= to the url I had already found by other user submitted information. It would have been helpful to have this, thus the reason of my posting. It has taken me 3 days of a searching and giving up cycle to finally give up and read through the developer's api on DNS-O-Matic to come to this simple conclusion. Thus far it is working properly. I also have the Force Interval set to 0.1 as I like it to update more often than 1 day. This makes it update every 6 minutes. (Do the math.)
surfkid
DD-WRT Novice


Joined: 23 Jun 2008
Posts: 15
Location: SB, CA

PostPosted: Mon Mar 23, 2009 6:43    Post subject: INADYN + DNS-O-MATIC Reply with quote
Netman: OUTSTANDING WORK! Very Happy Thank you for examining the API to realize the proper URL query string and hostname convention for updating specific dnsomatic clients. I'm running this configuration now. I was also perplexed about how to get around the universal (all.dnsomatic.com) update.

Here are a few additional observations for the DD-WRT community...

First, the "-a" in the DD-WRT DDNS hostname field means that you wish to append another host and is not required after each hostname as a suffix. Second, OpenDNS users will simply specify the (nick)name of their network. Note: OpenDNS network names with spaces require quotation marks otherwise the update process will not be successful.

Finally, Netman stated that the Force Interval period of 0.1 = 6 minutes. That is incorrect since the INADYN frequency input unit is days. So, 0.1 equals 1/10th of a day or 2.4 hours. For reference:
    1 hour = 0.042 (1day/24hrs)
    1 minute = 0.0007 (0.042/60mins)

This is verified by multiplying 0.0007 by 1440, the number of minutes in one day. The answer is 1.0 or one day. In the case of Netman wanting a six minute update interval, then he should actually input 0.0042 (0.0007 * 6mins).

Hope these tips help somebody out! Again Netman, I really appreciate your efforts.
netman74501
DD-WRT Novice


Joined: 11 Mar 2009
Posts: 4

PostPosted: Mon Mar 23, 2009 21:49    Post subject: Reply with quote
Well, about the time interval. If you look at the DNS-O-Matic History it updates every 6 minutes. and some how I also figured it to that amount before I realized I could find the time in the history of DNS-O-Matic. So, sorry if my math was off. O well... Glad to know that someone else found this useful though. Thank you.

Edit: Now that I think about it. I think that ddwrt wouldn't let me put in the .0007 It would round it up to .01 so that it what I posted. But it does still do the update every 6 min. FYI, I removed that from my configure because dyndns reports it as abuse to update when your ip has not changed. OpenDNS though, seems to not have a problem with 6 min. updates.
Azure
DD-WRT User


Joined: 29 Apr 2009
Posts: 92

PostPosted: Wed Apr 29, 2009 17:23    Post subject: Reply with quote
netman74501 wrote:
I know that this thread is almost a year old but, (and there is always a but, isn't there?), I have finally found a way to make ddwrt update DNS-O-Matic with specific hostnames. Meaning updating multiple hostnames but not all of the hostnames in your list, (as in not using all.dnsomatic.com as the server but using the normal updates.dnsomatic.com as server).

Config:

DDNS Service: Custom
DYNDNS Server: updates.dnsomatic.com
User Name: You User Name
Password: Your Password
Host Name: hostname1 -a hostname2 -a hostname3 and so on...
URL: /nic/update?hostname=
Additional DDNS Options was left blank.



Okay, bit of a noob here, but this really helped me.

Two questions though, and don't laugh at me. :p

Under Hostname, do I put in hostname1 -a, or do I put in MY hostname, for example, 'SBSNetwork -a' like that?

I have one host, per one router....so I would assume I only put in one hostname under my DDWRT router settings, right?

Next question, under URL....do I put in...'/nic/update?hostname='....or do I change the 'hostname=' value to what my hostname is, again 'SBSNetwork'

So, instead of /nic/update?hostname=....it would be /nic/update?hostname=SBSNetwork?

I'm trying to set up multiple networks, all with different IPs, under one account, and I need DNSOMATIC to update the IPs correctly.

Thanks!
netman74501
DD-WRT Novice


Joined: 11 Mar 2009
Posts: 4

PostPosted: Wed Apr 29, 2009 18:55    Post subject: Reply with quote
Under hostname you put your hostname. If you are only using one hostname per router then you can drop the -a. The dash a is used to tell ddwrt that there is another hostname and for it to update it also. So, under hostanme you would put "SBSNetwork".

Under the URL you put "/nic/update?hostname=", exactly like that but without quotes. This updates only the host under the hostname field.
Azure
DD-WRT User


Joined: 29 Apr 2009
Posts: 92

PostPosted: Wed Apr 29, 2009 19:07    Post subject: Reply with quote
And my hostname would be my network 'label'....under OpenDNS, right?

Just making sure I have everything covered here.
Azure
DD-WRT User


Joined: 29 Apr 2009
Posts: 92

PostPosted: Wed Apr 29, 2009 19:11    Post subject: Reply with quote
Nevermind that last post....it wasn't working, which is why I asked.

I just plugged the router out, and back in again, and it instantly made a connection with OpenDNS, and DNSOMATIC.

Looks like everything works now.

Thanks....you were an awesome help. Smile
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 258
Location: Trinidad & Tobago

PostPosted: Wed Apr 29, 2009 19:14    Post subject: Reply with quote
Azure wrote:
Okay, bit of a noob here, but this really helped me.

Two questions though, and don't laugh at me. :p

Under Hostname, do I put in hostname1 -a, or do I put in MY hostname, for example, 'SBSNetwork -a' like that?

I have one host, per one router....so I would assume I only put in one hostname under my DDWRT router settings, right?

Next question, under URL....do I put in...'/nic/update?hostname='....or do I change the 'hostname=' value to what my hostname is, again 'SBSNetwork'

So, instead of /nic/update?hostname=....it would be /nic/update?hostname=SBSNetwork?

I'm trying to set up multiple networks, all with different IPs, under one account, and I need DNSOMATIC to update the IPs correctly.

Thanks!

When you log into dnsomatic website, you will see a table with all your hostnames in it. On the left of the table under "Service" There are 2 entries, one on top in bold letters, this is not the hostname, the hostname will be in the second part in grey letters. It will look like this
Quote:
username :: hostname1


for URL you can leave it set to
Quote:
URL: /nic/update?&wildcard=ON&mx=NOCHG&backmx=NOCHG&hostname=


hope this helps.

_________________
[everything is to be replicate]
ASUS RT-N10, ASUS RT-N12, Linksys E900.
Azure
DD-WRT User


Joined: 29 Apr 2009
Posts: 92

PostPosted: Wed Apr 29, 2009 19:33    Post subject: Reply with quote
cdkiller wrote:


Quote:
for URL you can leave it set to URL: /nic/update?&wildcard=ON&mx=NOCHG&backmx=NOCHG&hostname=


hope this helps.


What is the difference between this, and using...

Quote:
/nic/update?hostname=


Is one better than the other? I have everything else figured out.

Thanks! Very Happy
Goto page Previous  1, 2, 3, 4, 5, 6  Next Display posts from previous:    Page 2 of 6
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum