next »

[vynce]

I've merged the DNS-O-Matic (dnsomatic) changes that were posted here into the final 1.2.3 release. Here is how to apply the attached patch on an embedded system from a Linux/Unix/OS X system (applying the patch to a regular install will probably be similar and you can likely omit the remount commands):

Green commands are executed on the host.
Blue commands are executed on the pfSense box.

• Download the attached patch and remove the .txt from the end of the filename.
  
• ssh into your router:
    ssh admin@192.168.1.1
  
• Select option 8 to get to a shell.
  
• Remount the filesystem read/write:
    /etc/rc.conf_mount_rw
  
• Open another terminal and scp the patch onto your router:
    scp dnsomatic_1.2.3.patch root@192.168.1.1:/root/
  
• Apply the patch. A backup of the two patched files will automatically be made with the .orig extension.
    patch -p -i /root/dnsomatic_1.2.3.patch
  
• Remount the filesystem read-only:
    /etc/rc.conf_mount_ro
  

If you ever need to undo the patch just perform the same sequence of commands, but add the R flag to the patch command like this:
  patch -Rp -i /root/dnsomatic_1.2.3.patch
or restore the backups:
  cp /etc/inc/dyndns.class{.orig,}
  cp /usr/local/www/services_dyndns.php{.orig,}

[fenris]

vynce,

I tried to follow the steps, but when I scp the file to my box it doesn't show up in the file system when I ls.

I am running the following so that I get in as admin:
scp dnsomatic_1.2.3.patch admin@192.168.0.1:~/

I didn't run the patch command as I couldn't find the file. Am I supposed to just type the commands as is?

[vynce]

Your scp command is correct. I've updated my instructions above to include the username in the scp command. The patch should get copied to the admin home directory on the router. Once you've ssh'ed into the router, try typing 'cd' without a path to change to the admin home directory. If you then do an 'ls' and don't see the patch, then it wasn't copied over successfully. The patch file needs to be present on the router for the patch command to work, so checking that the patch actually copied over successfully, like you were doing, is a good idea.

I think some of the steps in my instructions may need to be reordered. Try remounting the filesystem read/write (step 5) before doing the scp. I'm going to be applying this patch to another box in the next day or two and will verify all of the steps then.

[vynce]

Ok, I've fixed the instructions. There were two things wrong. The ordering of the steps needed to be changed so that the filesystem was remounted read/write before scp'ing, and the patch needed to be scp'ed as the root user instead of the admin user. Let me know if it works for you now.

[fenris]

Confirmed - the steps now work.

[keithalbert]

Should these steps work on the embeded nanobsd 1.2.3 release?
I am getting the following error when I attempt to run the patch command.

[root@pfsense.local]/root(12): patch -p -i /root/dnsomatic_1.2.3.patch
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- /etc/inc/dyndns.class   2009-12-07 18:40:27.000000000 -0600
|+++ /etc/inc/dyndns.class      2009-12-13 23:29:18.000000000 -0600
--------------------------
Patching file /etc/inc/dyndns.class using Plan A...
Hunk #1 failed at 117.
Hunk #2 failed at 374.
Hunk #3 failed at 418.
3 out of 3 hunks failed--saving rejects to /etc/inc/dyndns.class.rej
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- /usr/local/www/services_dyndns.php 2009-12-07 18:40:27.000000000 -0600
|+++ /usr/local/www/services_dyndns.php 2009-12-13 23:31:02.000000000 -0600
--------------------------
Patching file /usr/local/www/services_dyndns.php using Plan A...
Hunk #1 failed at 179.
1 out of 1 hunks failed--saving rejects to /usr/local/www/services_dyndns.php.rej
done

[vynce]

Yes, it should work on the embedded version; that's what I'm using. I actually haven't tested it on the full installed version.

I don't know why it's failing. Maybe you've already applied the patch or otherwise modified those files (?) -- if you try to apply the patch twice in a row, it will fail the second time. You could try to undo the patch using the instructions at the end of my original post and the reapply it. If it still fails, post the contents of the .rej files (cat /etc/inc/dyndns.class.rej, etc...) and maybe we can tell what's going on from that.

[keithalbert]

This was my first attempt to use the patch on a new install.  I have squid and squidguard installed if this might affect anything.  I did not modify any files directly on the router prior to trying the patch.

Here is the contents of the .rej file:

Thanks in advace!


***************
*** 117,123 ****
           if ($this->_detectChange() == FALSE) {
              $this->_error(10);
           } else {
-             if ($this->_dnsService == 'dyndns' ||
                 $this->_dnsService == 'dyndns-static' ||
                 $this->_dnsService == 'dyndns-custom' ||
                 $this->_dnsService == 'dhs' ||
--- 117,124 ----
           if ($this->_detectChange() == FALSE) {
              $this->_error(10);
           } else {
+             if ($this->_dnsService == 'dnsomatic' ||
+                $this->_dnsService == 'dyndns' ||
                 $this->_dnsService == 'dyndns-static' ||
                 $this->_dnsService == 'dyndns-custom' ||
                 $this->_dnsService == 'dhs' ||
***************
*** 373,386 ****
                 curl_close($ch);
                 $this->_checkStatus($data);
                 break;
-                                 case 'staticcling':
-                                         $needsIP = FALSE;
-                                         curl_setopt($ch, CURLOPT_URL, 'http://www.staticcling.org/update.html?login='.$this->_dnsUser.'&pass='.$this->_dnsPass);
-                                         $data = curl_exec($ch);
-                                         if (@curl_error($ch)) log_error("Curl error occured: " . curl_error($ch));
-                                         curl_close($ch);
-                                         $this->_checkStatus($data);
-                                         break;
              default:
                 break;
           }
--- 374,409 ----
                 curl_close($ch);
                 $this->_checkStatus($data);
                 break;
+                case 'staticcling':
+                     $needsIP = FALSE;
+                     curl_setopt($ch, CURLOPT_URL, 'http://www.staticcling.org/update.html?login='.$this->_dnsUser.'&pass='.$this->_dnsPass);
+                     $data = curl_exec($ch);
+                     if (@curl_error($ch)) log_error("Curl error occured: " . curl_error($ch));
+                     curl_close($ch);
+                     $this->_checkStatus($data);
+                     break;                      
+             case 'dnsomatic':
+             
+                /* Example syntax
+                   https://username:password@updates.dnsomatic.com/nic/update?hostname=yourhostname&myip=ipaddress&wildcard=NOCHG&mx=NOCHG&backmx=NOCHG
+                */
+                
+                $needsIP = FALSE;
+                log_error("DNS-O-Matic: DNS update() starting.");
+                if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
+                curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+                curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
+                $server = "https://" . $this->_dnsUser . ":" . $this->_dnsPass . "@updates.dnsomatic.com/nic/update?hostname=";
+                if($this->_dnsServer)
+                   $server = $this->_dnsServer;
+                if($this->_dnsPort)
+                   $port = ":" . $this->_dnsPort;
+                curl_setopt($ch, CURLOPT_URL, $server . $this->_dnsHost . '&myip=' . $this->_dnsIP . '&wildcard='.$this->_dnsWildcard . '&mx=' . $this->_dnsMX . '&backmx=NOCHG');
+                $data = curl_exec($ch);
+                if (@curl_error($ch)) log_error("Request completed. DNS-O-Matic reported: " . curl_error($ch));
+                curl_close($ch);
+                $this->_checkStatus($data);
+                break;
              default:
                 break;
           }
***************
*** 395,400 ****
           log_error("DynDns: Current Service: {$this->_dnsService}");
           $successful_update = false;
           switch ($this->_dnsService) {
              case 'dyndns':
                 if (preg_match('/notfqdn/i', $data)) {
                    $status = "phpDynDNS: (Error) Not A FQDN!";
--- 418,445 ----
           log_error("DynDns: Current Service: {$this->_dnsService}");
           $successful_update = false;
           switch ($this->_dnsService) {
+             case 'dnsomatic':
+                if (preg_match('/badauth/i', $data)) {
+                   $status = "DNS-O-Matic: The DNS-O-Matic username or password specified are incorrect. No updates will be distributed to services until this is resolved.";
+                } else if (preg_match('/notfqdn /i', $data)) {
+                   $status = "DNS-O-Matic: The hostname specified is not a fully-qualified domain name. If no hostnames included, notfqdn will be returned once.";
+                } else if (preg_match('/nohost/i', $data)) {
+                   $status = "DNS-O-Matic: The hostname passed could not be matched to any services configured. The service field will be blank in the return code.";
+                } else if (preg_match('/numhost/i', $data)) {
+                   $status = "DNS-O-Matic: You may update up to 20 hosts. numhost is returned if you try to update more than 20 or update a round-robin.";   
+                } else if (preg_match('/abuse/i', $data)) {
+                   $status = "DNS-O-Matic: The hostname is blocked for update abuse.";
+                } else if (preg_match('/good/i', $data)) {
+                   $status = "DNS-O-Matic: (Success) IP Address Changed Successfully! (".$this->_dnsIP.")";
+                   $successful_update = true;
+                } else if (preg_match('/dnserr/i', $data)) {
+                   $status = "DNS-O-Matic: DNS error encountered. Stop updating for 30 minutes.";
+                } else {
+                   $status = "DNS-O-Matic: (Unknown Response)";
+                   log_error("DNS-O-Matic: PAYLOAD: {$data}");
+                   $this->_debug($data);
+                }
+                break;
              case 'dyndns':
                 if (preg_match('/notfqdn/i', $data)) {
                    $status = "phpDynDNS: (Error) Not A FQDN!";

[vynce]

I wonder if squid/squidguard modify these files -- I can't think of any reason why they would. It looks like I'll need one more thing. Could you attach your dyndns.class and services_dyndns.php files? Here's how to copy them from the router to the current directory on your desktop:

scp root@192.168.1.1:/etc/inc/dyndns.class .
scp root@192.168.1.1:/usr/local/www/services_dyndns.php .

[keithalbert]

files attached

[vynce]

The only difference between the files that you attached and the original pfSense ones is that yours have DOS line endings. This leads me to think that the problem is probably due to non-Unix line endings in the patch. Your web browser might have changed the line endings in the patch when it downloaded it because it thought that the patch was a text file.

There are two ways to fix the line endings. The first is to use a good text editor like Notepad++ to convert the line endings in the patch from DOS/Windows to Unix before scp'ing it to your pfSense box.

The other way is to convert the patch's line endings on your pfSense box. It was difficult finding a way to do this due to the limited utilities in pfSense, but this worked in my testing:

  awk '{ sub(/\r$/,""); print }' dnsomatic_1.2.3.patch > dnsomatic_1.2.3_fixed.patch

Then just use dnsomatic_1.2.3_fixed.patch in the patch command.

[keithalbert]

Worked like a charm.  Thanks for the help.

[vynce]

Cool, I'm glad that worked.

[david@indesignlondon.co.u]

here were two things wrong. The ordering of the steps needed to be changed so that the filesystem was remounted read/write before scp'ing, and the patch needed to be scp'ed as the root user instead of the admin user.

Works perfectly here too. Thanks.

[CNLiberal]

I'm very new to pfSense.  I have applied these patches.  They seemed to work fine.  There was no error.  However, now I want to enable the DNS-O-Matic server.  I have signed up for an account, but I don't know where/how in pfSense to add this.  What do I do?  I've tried going to:  Services:DynamicDNS Client but I don't know what settings to add.  Thanks!

Jim