Posted: Sun Jan 02, 2022 16:59 Post subject: [DDNS] reduce refresh time to 5 min and makes more secure
I am setting up a DynDns with Dynu.com (used firmware: DD-WRT v3.0-r47911 std (12/23/21))
Everything works great, however, I have 2 questions:
1) How can I set up the refresh time for the IP to 5 min? I will need to have 1 router with DDWRT at home that will be the VPN server and 1 router in another country (where I live) with DDWRT that will be the VPN client. I will need to make sure that the server IP is refreshed every 5 min to be always updated. The minimum refresh time is 1 day on the configuration page in DDNS.
2) I followed the instructions on the Dynu website and as password I used the SHA256 instead of the password in the configuration, can I make the DDNS even more secure somehow?
The Dynu account is protected with a 20 chars random password tied to a Google account protected with 60 chars random password and 2FA.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sun Jan 02, 2022 17:35 Post subject:
for almost all providers it is 600 sec see:
cat /tmp/ddns/inadyn.conf
the "--update_period_sec" will show the seconds between updates.
The value you are referring to is the forced update, it will update even if it is not necessary.
Regarding the security, can I do something to make it more secure? Exposing the DDNS and the VPN server over the internet I would like to make sure I have maximum security.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Mon Jan 03, 2022 10:32 Post subject:
MatteoDubai wrote:
Thank you for the quick reply.
Can I reboot the router to restart the process?
Regarding the security, can I do something to make it more secure? Exposing the DDNS and the VPN server over the internet I would like to make sure I have maximum security.
If you reboot the router the default values will return.
You have to start inadyn from the CLI.
How to do that is really easy just look at how it is normally started, from the CLI do: ps
That shows all the running processes and if you just copy the line for inadyn that is how you can start it again.
About security, your VPN server is secure (as long as you keep the keys secure)
If someone hijacks your DDNS account they can reroute your DDNS but without the proper keys you simply will not connect so although this qualifies as a DoS attack you are not compromised.
But of course it is good practice to secure your DDNS account with a strong and unique password _________________ Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399 Install guide R7800/XR500:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614 Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
the theory was very nice but when I put it into practice it does not let me.
The command cp /tmp/ddns/inadyn.conf /jffs/inadyn.conf does not create a copy of the file. if once executed, I do
cd /jffs/
ls
I see that there are no files in that path
it also does not work to create the file by hand with:
vi /jffs/inadyn.conf
when I save it with ESC + :wq it tells me that it is read-only
even mkdir /jffs/ddns doesn't create the directory either
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sat Dec 09, 2023 11:25 Post subject:
spyfly wrote:
the theory was very nice but when I put it into practice it does not let me.
The command cp /tmp/ddns/inadyn.conf /jffs/inadyn.conf does not create a copy of the file. if once executed, I do
cd /jffs/
ls
I see that there are no files in that path
it also does not work to create the file by hand with:
vi /jffs/inadyn.conf
when I save it with ESC + :wq it tells me that it is read-only
even mkdir /jffs/ddns doesn't create the directory either
It is as if I cannot write to /jffs/.
Haha, if you do not have a writeable /jffs then you can not write to it.
as I can't write in jffs to create my own inadym configuration, could I force with a scheduled task in cron the update fast?
so i can use cron job like this: 3,8,13,18,23,28,33,38,43,48,53,58 * * * * sleep 20 ; curl -s -S "https://www.duckdns.org/update?domains=DDDDDDDDD&token=TTTTTTT-TTTT-TTTT-TTTT-TTTTTTTTTTTT" >> /var/log/dyndns.log 2>&1 &