使用OpenWrt实现IPv6 DDNS
OpenWrt 增加 crontab 任务
在/root/crontab/ 目录下, 创建脚本 ddns.sh
#!/bin/sh # 远程php脚本的URL地址 SERVICE_URL=http://www.rockbb.com/my_ddns.php # 修改的目标记录 RECORD_NAME=homeop.rockbb.com # DNS类型, IPv6为AAAA RECORD_TYPE=AAAA # 这里改成自己的密文, 与远程的php脚本要一致, 用于校验md5 PRIVATE_KEY=helloworld # 抽取远程IP, 个人感觉grep正则比 cut -d更好用, 在我的timecloud上, cut -d ' ' 工作貌似不正常 if nslookup $RECORD_NAME|grep Address >/dev/null; then remote_ip=`nslookup $RECORD_NAME|grep -Eo 'Address\s+\d:\s+[0-9a-f:]+'|grep -Eo '[0-9a-f]+(:[0-9a-f:]+)+'` echo "Remote IP: "$remote_ip else exit 1 fi # 抽取本地IPv6地址 if ifconfig br-lan>/dev/null ; then local_ip=`ifconfig br-lan|grep 'inet6 addr:\s24.*'|grep -Eo '24[0-9a-f:]+'` echo "Local IP : "$local_ip else echo "Command: 'ifconfig br-lan' failed" exit 1; fi if [ $remote_ip != $local_ip ]; then # 得到当前的 时分秒, 用于计算MD5 local_ts="$(date +'%H%M%S')" md5=$(echo -n $PRIVATE_KEY$local_ts | md5sum -| cut -d' ' -f1) wget -q -O- "$SERVICE_URL?recordname=$RECORD_NAME&recordtype=$RECORD_TYPE&ts=$local_ts&s=$md5&content=$local_ip" else echo "Same IPs, skip unchanged" exit 0 fi
添加crontab任务
crontab -e # 内容 */10 * * * * /root/crontab/ddns.sh > /tmp/log/ddns.log 2>&1
.启动cron, 并确认有cron进程
root@Timecloud1:~# ps |grep cron 23791 root 1220 S /usr/sbin/crond -f -c /etc/crontabs -l 5 # 如果不存在则启动 /etc/init.d/cron start
处理请求的PHP脚本
安全起见, 处理前先校验md5
<?php
# 代理号
$client = "agent9527";
# 在IP白名单管理处填写的密码, 不是代理登录密码, 用于计算checksum
$password = 'yourpwd';
# 根域名
$name = 'rockbb.com';
# Private Key
$private_key = 'helloworld';
# 要改DNS解析的域名记录
$recordname = $_GET['recordname'];
# 要改DNS解析的域名记录类型
$type= $_GET['recordtype'];
# 新解析值
$content = $_GET['content'];
# TTL
$ttl = 600;
# 编码, E:英文, G:中文
$enc = 'E';
# 字符集编码 utf-8 或 gb2312
$charset = 'utf-8';
# 时间, 用于校验签名值
$ts = $_GET['ts'];
# 签名值
$s = $_GET['s'];
print_r($_GET);exit;
# 校验签名
$dummy = md5($private_key . $ts);
if ($dummy != $s) {
echo 'Incorrect input: ' . $dummy;
exit;
}
#### 获取旧值 ####
$method = 'DomainDNSQuery';
$checksum = md5($method.$client.$password.$name);
$api_url = 'http://api.xinnet.com/domain/api.gb?method=' . $method . '&charset=' . $charset;
$parameters = '&enc='.$enc.'&client='.$client.'&checksum='.$checksum.'&name='.$name.'&type='.$type;
#echo $api_url."\n"; echo $parameters."\n";
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $api_url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $parameters);
$data = curl_exec($curl);
curl_close($curl);
#echo $data."\n";
$data_array = explode('&',$data);
$result = array();
foreach ($data_array as $data_item) {
$data_pair = explode('=', $data_item);
$result[$data_pair[0]] = $data_pair[1];
}
print_r($result);exit;
if ($result['ret'] != '100') {
echo $data;
exit;
}
$found = false;
$original_content = '';
for ($i = 1; $i < 10; $i++) {
// recordnamen 记录名, contentn 解析内容, ttln 生存时间, prion 优先级, reason 错误信息, domain-auth-Failed
if (!array_key_exists('recordname'.$i, $result)) {
echo 'No more results at index:'.$i."\n";
break;
}
if ($result['recordname'.$i] == $recordname) {
echo "Record found at index:$i\n";
$found = true;
$original_content = $result['content' . $i];
if ($original_content == $content) {
echo "Values are the same, exit.\n";
exit;
} else {
break;
}
}
}
if (!$found) {
echo "Record not found, exit\n";
exit;
}
$method = 'DomainDNSMod';
$checksum = md5($method.$client.$password.$name);
echo $checksum . "\n";
$api_url = 'http://api.xinnet.com/domain/api.gb?method=' . $method . '&charset=' . $charset;
$parameters = '&enc=' . $enc
. '&client=' . $client
. '&checksum=' . $checksum
. '&name=' . $name
. '&type=' . $type
. '&recordname=' . $recordname
. '&content=' . $content
. '&oldcontent=' . $original_content
. '&ttl=' . $ttl;
echo $api_url."\n";
echo $parameters."\n";
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $api_url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $parameters);
$data = curl_exec($curl);
curl_close($curl);
echo $data."\n";
?>
浙公网安备 33010602011771号