Dynamic-IP-Hacks Mini-HowTo Version 1.6.1 Moderated by: Michael Driscoll Featuring hacks from: Michael Driscoll Ryan R. Klems Matthew Driver Matthew Nuckolls Justin Cragin Brad Baker Justin (Gus) Hurwitz Created Mon Apr 22 16:24:33 PST 1996 Last Updated Tue Nov 26 21:49:37 PST 1996 If you just want to see the hacks skip down to section 2.0. 0.0 Table of Contents 1.0 Legalities, Definitions, &c. 1.1 Where to get the latest version of this HowTo 1.2 Feedback 1.3 Why this HowTo? 1.4 What is dynamic IP addressing and why do I have to put up with it? 1.5 Can you help me set up {pppd,telnetd,sendmail,&c.}? 1.6 Hey, what about SLIP? 1.7 Copyright 1.8 A Warning 2.0 Hack #1: Keeping your system up and accessible 24/7 by Michael Driscoll 2.1 What you'll need 2.2 Setting up keepalive.sh 2.2.1 Using diald instead of a crontab entry 2.3 ip-up and ip-down 2.3.1 Setting up your ip-up and ip-down 2.4 How to find out your new IP address from another computer 2.4.1 Telnetting to a POP3 server 3.0 Hack #2: Dynamically changing /etc/hosts by Michael Driscoll 3.1 What you'll need 3.2 More fun with ip-up and ip-down! 4.0 Hacks #3-5: Various hacks from Ryan R. Klems 4.1 mail.c 4.2 pppdm.c 4.3 portmsg.c 5.0 Dynamic DNS entries 6.0 Hack #6: Updating your .plan by Matthew Nuckolls 7.0 Hack #7: A simple procmail recipe for finding your new IP by Justin Cragin 8.0 Hack #8: Dynamic Home Page via ftp by Michael Driscoll 8.1 Why would I want to do this? 8.2 Setting up your page 8.3 Editing .ncftprc 8.4 A simple search and replace sed rule 9.0 Hack #9: Paging yourself with your new IP address by Michael Driscoll 9.1 The paging program 9.2 Calling it from ip-up 10.0 Hack #10: xterm logins through a firewall by Brad Baker 11.0 Hack #11: Dynamic Home Page via cgi by Michael Driscoll 11.1 Overview of what we'll try to do 11.2 The script (dynip.pl) 11.3 Accessing the CGI when our link goes up Appendix A: We need more hacks! Appendix B: CREDITS ________ 1.0 Legalities, Definitions, &c. Section 1.1: Where to get the latest version of this HowTo The absolute latest version can always be found at http://userzweb.lightspeed.net/~fenris/howto.txt. The canonical place to get the HowTo is ftp://sunsite.unc.edu/pub/Linux/docs/howto/mini/Dynamic-IP-Hacks, though you should use an LDP mirror if you know of any. Section 1.2: Feedback Feedback concerning this mini-HowTo should be addressed to Michael Driscoll . Section 1.3: Why this HowTo? The problem is, Linux just isn't as happy as it could be with dynamic IP addressing. It's the Unix equivalent of waking every morning to find that your postal address has changed and that all of your stationary is out of date. Unfortunately, ISP's are moving more and more towards this kind of addressing these days, and anyone who can't shell out more bucks for a stable IP address is just kinda stuck with this. The purpose of this HowTo, therefore, is to make your Linux box happier and more comfortable with dynamic IP addressing, which in turn should make you a bit happier and more comfortable. Section 1.4: What is dynamic IP addressing and why do I have to put up with it? First of all, I suppose I should explain just what an IP address is :) An IP address is a set of four numbers, each from 0 to 255, separated by a dot. An example would be 10.127.96.1. Each computer on the Internet has a unique IP address. The human-readable addresses that you probably use, like sunsite.unc.edu and bak2.lightspeed.net, are just semi-arbitrary names that are translated into their IP addresses by a DNS server whenever you try to access them. Dynamic IP addressing is something used by an ISP to cut down on the number of IP addresses that they need to "own". The way it works is, when you dial up your ISP, they simply give you the next IP number in their queue. This way, they don't need an IP address for every single customer they have, they just need one for every customer that might be online at any given time. Usually this is only about a tenth of their customer base at any given time. Why do they do this? Well, the simple way of explaining it is to say that there just aren't enough IP addresses in the current scheme. The more complex answer is that we have plenty of addresses, it's just that as more and more of them are used, the routing tables used by the backbone routers start to look as fragmented as a ten year old MS-DOS filesystem :-) By using so many addresses, we lose efficiency in routing lookups. The current routing system is expected to blow up sometime between the years 2000 and 2010. Hopefully we'll all be switched over to IPv6 by then anyways, in which case we'll all get our own stable IP's anyways making this whole HowTo moot :-) Section 1.5: Can you help me set up {pppd,telnetd,sendmail,&c.}? No. Figure it out yourself. Builds character :) Actually, it would be pretty pointless for me to reinvent the wheel by helping you set these up, as many documents already exist to help you out with these. Start by trying these: man pppd man chat man in.telnetd man inetd the PPP-HOWTO the NET-2-HOWTO (Available at HowTo sites such as ftp://sunsite.unc.edu/pub/Linux/docs/howto) the NAG (Network Administrator's Guide by Olaf Kirch, available at fine LDP sites everywhere, such as ftp://sunsite.unc.edu/pub/Linux/docs/LDP) Section 1.6: Hey, what about SLIP? To tell you the truth, I didn't write about it here because I don't know it. Luckily, this shouldn't be too much of a problem as PPP seems to be the emerging standard, especially for dynamic IP addressing. Sorry if you're that .1% out there that has dynamic IP addressing with SLIP, but maybe you can glean a bit out of this HowTo and make your own setup (if you do then be sure to see Appendix A to get your hack included in this HowTo!) Section 1.7: Copyright Unless otherwise stated, Linux HowTo documents are copyrighted by their respective authors. Linux HowTo documents may be reproduced and distributed in whole or in part, in any medium physical or electronic, as long as this copyright notice is retained on all copies. Commercial redistribution is allowed and encouraged; however, the author would like to be notified of any such distributions. All translations, derivative works, or aggregate works incorporating any Linux HowTo documents must be covered under this copyright notice. That is, you may not produce a derivative work from a HowTo and impose additional restrictions on its distribution. Exceptions to these rules may be granted under certain conditions; please contact the Linux HowTo coordinator at the address given below. In short, we wish to promote dissemination of this information through as many channels as possible. However, we do wish to retain copyright on the HowTo documents, and would like to be notified of any plans to redistribute the HowTos. If you have questions, please contact Greg Hankins, the Linux HowTo coordinator, at gregh@sunsite.unc.edu via email. Section 1.8: A Warning This should go without saying, but I should say it anyways to cover things. I'm not sure all of this is the canonical way to do things, and if something I've done is just too weird let me know how to fix it. There might be security risks in all of this, but I don't know of them yet. This works on my machine, and I don't think it'll break yours too badly :) Either way, you should take care when doing this stuff and make sure you understand at least a bit about what this stuff is doing so you can fix it if it goes haywire. Also keep in mind this quote from the DNS-HOWTO by Nicolai Langfeldt : In this document I state flatly a couple of things that are not completely true (they are at least half truths though). All in the interest of simplification. Things will probably work if you believe what I say. ***************************** *The good stuff starts here!* ***************************** ________ 2.0 Hack #1: Keeping your system up and accessible 24/7 written by Michael Driscoll This hack involves a problem I have with my ISP. For reasons unknown to me (or apparently even to them) they like to hang up on me every five minutes to five hours. This was a problem for me because I wanted to be able to telnet to my Linux box from the computer in math class :) While it was easy enough to use a cron job to check the network status every few minutes and start pppd if it wasn't up, since my ISP uses dynamic addressing I couldn't find my address from the remote machine after this happened (except by luck). This hack keeps your PPP session up and puts your new IP number in an accessible place (your mail spool on your ISP's mail server). Section 2.1: What you'll need Not too much. A working PPP setup. A working sendmail (actually it just has to be working to the point where it can send a message to your ISP's mail server). A working telnetd/ftpd/inetd/whatever setup so you can actually get into your computer from somewhere else. A working cron. Section 2.2: Setting up keepalive.sh (note: This section can be probably be better with diald, see section 2.2.1) cron is a daemon that starts programs at specified times. You can look at your crontab by running "crontab -e". We'll be using crontab to run a shell program that will keep our PPP connection up. Run "crontab -e" as root and add this line: #*/2 * * * * /etc/ppp/keepalive.sh What this does is call the /etc/ppp/keepalive.sh script every two minutes. (The '#` comments out the entry so it won't start running the script until we are ready). Then put the following script named keepalive.sh in /etc/ppp: ------------------------------------------------------------------------- #!/bin/sh if [ -f /var/run/ppp0.pid ] ; then ping -c4 -l3 2>&1 | grep "0 packets" > /dev/null && \ { /usr/sbin/ppp-off > /dev/null 2>&1 ; sleep 2 ; /usr/sbin/pppd } else /usr/sbin/pppd fi ------------------------------------------------------------------------ (PS: This is an experimental script which replaces the old crontab entry I had here...if you see any problems with it, please let me know!) Now type "chmod 700 /etc/ppp/keepalive.sh" as root to make it an executable script. Hint1: Check those paths! For pppd and ppp-off insert whatever it is that you use to start/stop your connection. Hint2: I use your ISP's DNS server because I figure that if that's down, your net connection is screwed anyways :) Hint3: Be sure to use your DNS server's numeric IP address, otherwise ping returns a different message and the "grep" won't work. Now whenever you want your connection to stay up, you can just run crontab -e and take out that "#" to uncomment the entry...and when you want your connection to stay down, run crontab -e and put the "#" back in, then kill your connection with ppp-off or whatever it is that you use. I know there are other ways then this to keep a connection up (specifically I know that there is a script for pppd, and also a daemon called pppupd that will do it) but I have not tried them. If you use them and think them worthwhile, then drop me a note and I'll try them out. Section 2.2.1: Using diald instead of a crontab entry from Divya Mahajan The crontab entry that we just made can also be done (and probably a lot more elegantly) by other programs, such as diald. This section demonstrates how to set up diald for this purpose, should you decide to take that route instead. I have left the crontab section in for reference and because it doesn't require an extra package, but when I try diald out I might switch the order of these two sections. (I don't actually use the program, the comments and script are courtesy of Divya). 1: Get the latest diald (diald-0.14.tar.gz probably in ftp://sunsite.unc.edu/pub/Linux/system/Network/serial/diald-0.14.tar.gz) 2: Compile the stuff. (Actually you could probably get a precompiled diald package too from the Slackware sites) 3: After you have installed diald, you must modify /etc/diald.conf Add the following lines to the end: > restrict 06:00 19:00 * * * > up (This would force the link to be up between 6am to 7pm everyday. If you want 24hrs + 7days remove the restrict.) > device /dev/modem (Use the correct device;) > dynamic > reroute > connect-timeout 120 (Modify this if your dialer takes a longer or shorter time to connect to your ISP) > redial-timeout 10 (Interval between 2 redials) > defaultroute > accounting-log /var/adm/diald.log (Keep track of how much time you are using) >connect /path_to_myscript (You must use a dialing script so add the above line. When diald calls this script both standard input and standard output are redirected to /dev/modem (or whatever you chose above) so ensure that your dialer script doesn't print any garbage. I personally use "/usr/sbin/dip mydipfile.dip >> /var/adm/dip.log 2> /var/adm/dip.err" which logs the dial attempts. Initially you may want to run dip with the -v option to debug the dip file, i.e #dip -v mydipfile.dip. Remember to put the line "mode ppp" after you have logged in and started your PPP services at the ISP (Use dip-3.3.7n-uri). Also store all PPP settings in /etc/ppp/options rather than relying on the commandline. Once your DIP file is debugged and ready, its time to roll. Start up diald /usr/sbin/diald, if everything went fine it should start dialing and connect you to the ISP. When PPP shutsdown due to modem HUP, diald will automatically retry. Once you are confident, just put /usr/sbin/diald into your /etc/rc.d/rc.local) Now you have a 24hr PPP. diald is also good for a lot of other things, like demand dialing per port, etc. Look at the diald homepage (http://www.cs.toronto.edu/~schenk/diald.html) for some examples. Note: diald only takes the place of the crontab entry, the rest of this hack will still be needed if you want to make your ip address available for remote use. Section 2.3: ip-up and ip-down /etc/ppp/ip-up and /etc/ppp/ip-down are rather useful scripts for us. They are executed when pppd goes up/down and therefore are good for events that need to occur at this time. Mine look like this: ip-up: >#!/bin/sh >echo -n ^G > /dev/console >echo $4 > /var/run/add >mail -s "New IP address" fenris@lightspeed.net < /var/run/add >chmod 644 /var/run/add >echo "127.0.0.1 localhost" > /etc/hosts >echo $4 ulfheim.lightspeed.net ulfheim >> /etc/hosts ip-down: >#!/bin/sh >echo -n ^G > /dev/console >rm /var/run/add >echo 127.0.0.1 ulfheim.lightspeed.net localhost ulfheim > /etc/hosts Don't worry if you don't get all of this, we'll be explaining most of it right now. Section 2.3.1: Setting up your ip-up and ip-down The second part of this hack involves making your new IP address available to you from practically any machine on the net. To achieve this we do the following: Create a file as root called /etc/ppp/ip-up. Put this in it: #!/bin/sh # $4 is our new ip address passed by pppd # /var/run/add will hold our address echo $4 > /var/run/add # mail our address to our ISP's mail server, with the subject "new ip # address" mail -s "New IP address" yourname@your_internet_address < /var/run/add Then create /etc/ppp/ip-down and put this in it: #!/bin/sh rm /var/run/add Then run "chmod 700 /etc/ppp/ip-up /etc/ppp/ip-down" to make them executable. Now edit your rc startup scripts and put in a "rm /var/run/add" anywhere you feel is appropriate (just in case your power goes down while your connection is up). I put it in /etc/rc.d/rc.inet1, which should be okay. Voila! Now every time pppd is started your address will be mailed to your ISP's mail server. We retreive it in the next section. Section 2.4: How to find out your new IP address from another computer Well, this calls for some resourcefulness on your part. I really can't walk you through it, as it depends on which machine you're trying to get it from. In Windows, you can try to set up an email program to retrieve mail from your ISP's mail server, and if you're in Unix see if there's a program called "popclient" or somesuch. If all else fails, you can always use telnet (see the next section). If you have ftp access to your ISP's web server, then you can use Hack #9 to publish your new IP publically. Check Section 8 for details. Section 2.4.1: Telnetting to a POP3 server This is how I retrieve my IP address, as I am usually showing off when I do all of this anyways, and it really confuses all of the GUI users I show it to :) Hopefully your ISP uses a POP3 server for mail (most likely), otherwise you'll just have to figure this out yourself by looking up the RFC for the protocol you need and figure out how to do it by telnet. Anyways, first you want to telnet to port 110 of your ISP's mail server. In Unix you do this with "telnet your_isp's_mail_server 110", on a VAX you might need to do "telnet your_isp's_mail_server/port=110", and in a Web browser you should use "telnet://your_isp's_mail_server:110". Hopefully you can figure it out. Once you are connected, you should see something like this: >Connected to new-ls.lightspeed.net. >Escape character is '^]'. >+OK QUALCOMM Pop server derived from UCB (version 2.1.4-R3) at >new-ls.lightspeed.net starting. type "user your_username" to login. >+OK Password required for fenris. now type "pass your_password" >+OK fenris has 2 message(s) (3030 octets). type "list" to look at a list of your messages. >+OK 2 messages (3030 octets) >1 2400 >2 630 >. See that message with size 630? That's my IP address! How do I know? Because it's always that size :) Now type "retr message_number" to retrieve the message you want. >+OK 630 octets >Received: from ulfheim.lightspeed.net (avatar@bak2-pp-ls.lightspeed.net >[204.216.66.74]) by new-ls.lightspeed.net (8.6.12/8.6.12) with ESMTP id >TAA12048 for ; Mon, 22 Apr 1996 19:15:37 -0700 >Received: (from avatar@localhost) by ulfheim.lightspeed.net (8.7/8.6.9) >TAA00594 for fenris@lightspeed.net; Mon, 22 Apr 1996 19:15:29 >Date: Mon, 22 Apr 1996 19:15:29 -0700 >From: Deus In Machina >Message-Id: <199604230215.TAA00594@ulfheim.lightspeed.net> >To: fenris@lightspeed.net >Subject: New IP address > >204.216.66.74 > >. And there it is! Use "dele message_number" to get rid of it or just "quit" to leave it there and quit. Now just telnet to your machine at that address and have fun! If any of this is just not working, then check out RFC 1225, which describes the POP3 protocol in full detail. By the way, if this part of the hack doesn't work for you because you have cron automatically downloading your mail, then check out hack #7 which uses procmail to send your new IP address to any email address you want upon request. ________ 3.0 Hack #2: Dynamically changing /etc/hosts written by Michael Driscoll As I said before, Linux isn't completely happy with dynamic IP addressing. For example, sometimes talkd won't work with kludgy values in /etc/hosts. However, the following hack makes up for a lot of that by changing /etc/hosts according to the IP address we receive when we call up our ISP. For me this fixed problems with "hostname" and "talk". Section 3.1: What you'll need. Nothing but a working PPP setup, really. Section 3.2: More fun with ip-up and ip-down This hack is really very easy, and only involves three files, ip-up, ip-down, and an rc file (I put it in rc.S). ***NOTE***: First, make a backup of /etc/hosts, just in case this screws up anything. Also, if you have anything more complex than a two-line /etc/hosts or so, then this will need modifying. Add the following lines to /etc/ppp/ip-up: # echo 127.0.0.1 localhost > /etc/hosts echo $4 yourmachine.yourdomain yourmachine >> /etc/hosts # EXAMPLE: My machine is named "ulfheim" and its domain is "lightspeed.net". The lines in my ip-up say: # echo 127.0.0.1 localhost > /etc/hosts echo $4 ulfheim.lightspeed.net ulfheim >> /etc/hosts # Then add the following lines to /etc/ppp/ip-down: ------------------------------------------------------------------------ echo 127.0.0.1 yourmachine.yourdomain localhost yourmachine > /etc/hosts ------------------------------------------------------------------------ EXAMPLE: My machine is named "ulfheim" and its domain is "lightspeed.net". The lines in my ip-down say: ------------------------------------------------------------------------ echo 127.0.0.1 ulfheim.lightspeed.net localhost ulfheim > /etc/hosts ------------------------------------------------------------------------ Now put the following in an rc script (I chose rc.S, it seems ok there). ------------------------------------------------------------------------ echo 127.0.0.1 yourmachine.yourdomain localhost yourmachine > /etc/hosts ------------------------------------------------------------------------ EXAMPLE: My machine is named "ulfheim" and its domain is "lightspeed.net". The lines at the end of my /etc/rc.d/rc.S say: ------------------------------------------------------------------------ echo 127.0.0.1 ulfheim.lightspeed.net localhost ulfheim > /etc/hosts ------------------------------------------------------------------------ This last one is in case your power goes out or something while your connection was still up, it restores your offline /etc/hosts. ________ 4.0 Hacks #3-5: Various hacks from Ryan R. Klems intro written by Michael Driscoll code straight from Ryan R. Klems Here's some C code sent to me from Ryan R. Klems . There are three programs, the first, mail.c, is a CGI that scans through your mail spool for your new IP address as set up by Hack #1. It then uses the IP address to set up a page containing a link to this IP address. The second, pppdm.c, can probably take the place of hack #1, as it looks for a PPP connection, restarts pppd if it is down, and mails your new ip address to your ISP's mailserver. The third, portmsg.c, sits on a specified port and waits for a telnet connection. Upon connection, it will pull grep your mail spool for your newest IP and output a message containing that. These sources will need a bit of customization, so you probably shouldn't mess with them unless you know what they are doing. Oh yes, and Ryan has written to tell me that he wouldn't mind helping you set up the code to meet your needs, as long as you ask nicely :-) Section 4.1: mail.c /* * mail.c written by Ryan R. Klems (rklems@primenet.com) * Copyright 1996, Author releases this source freely, allowing * copying and modification, so long as the original copyright notice * is maintained. * * I request that if you use this file you mail me... Thats all I ask =) * * A CGI for reading through your mailfile and finding an IP * address that you had your computer mail to you. * * Compiling: * gcc mail.c -o mail.cgi * * Make sure to 'chmod +s mail.cgi' afterwards...must run with set uid * bit on to be able to open the mail file. */ #include #include #define MAILFILE "/var/mail/rklems" /* your mailfile */ main(void) { FILE *mail; /* file pointer for mail file */ char bob[80], location[80]; printf("Content-type: text/html\n\n"); printf("IP Address\n"); printf("\n"); printf("

IP Address

\n"); strcpy(bob, "42.**"); if((mail = fopen(MAILFILE, "r")) == NULL) printf("Mail file is empty or does not exist.\n"); else { /* * loop continues till end of file because you want most recent IP * 198.68. is the domain of my ISP, change to yours... */ while(!feof(mail)) /* until reaching EOF, do this */ { fgets(location, 80, mail); /* Grab a line, from mail */ sscanf(location, "198.68.%s", bob); /* look for domain */ } strcpy(location, "198.68."); strcat(location, bob); printf("The IP Address of your computer is: %s\n", location); } printf("\n"); } Section 4.2: pppdm.c /* * pppdm.c created by Ryan R. Klems (rklems@primenet.com) * Released freely by the author to use/modify/copy/reditribute * My only request is that if you use it...mail me and let me know =) * * This program keeps your link dialed up to an ISP and mails you * the newest IP address. Useful for people with Dynamically allocated * IP addresses * uses the following files... * /root/ip : Outputs the IP to this file * /root/log : If logging is defined * /root/pppchat : The chat file set up for chat. * My chat file looks like: * "" ATDT7917777 CONNECT "" "ogin:" "rklems" "assword:" "" * is YOUR password of course (like I'm gonna give you mine ;) * *NOTE* for silent dialing do ATMDT * * Compiling... * gcc pppdm.c -o pdm * *NOTE* Don't call it anything like pppdm b/c it looks for pppd * might accidentally kill itself off ;) */ #include #include #include #include #include #define DOLOG void main(void) { FILE *fin, /* multiuse file pointer */ *popen(); /* proto of popen() */ #ifdef DOLOG FILE *log; /* log file pointer */ #endif char line[80], /* a line of a file */ bah[80], /* just stuff, also used for holding IP addr */ crap[80], /* just stuff */ bob; /* single char placeholder, not used for anything */ int j, /* flag for if a link was found */ k, /* flag for if this is a new link */ pid; /* pid of pppd process to kill off */ #ifdef DOLOG time_t now; /* thing for time logging */ #endif for(;;) /* Loop forever... */ { /* look at ifconfig for IP addr */ if ((fin = popen("ifconfig", "r")) != NULL) while(fgets(line, 80, fin) != NULL) if(sscanf(line, "ppp0 %s", bah)) { fgets(line, 80, fin); sscanf(line, " inet addr:%15s", bah); j=1; } fclose(fin); if (!j) /* no link */ { if((fin = popen("ps -a -x", "r")) == NULL) { fprintf(stderr, "PPPdm error: cannot open file.\n"); exit(1); } /* scan through processes & kill off any zombie pppd processes */ while(fgets(line, 80, fin) != NULL) if (sscanf(line, "%d ? %c %4s pppd%s", &pid, &bob, crap, bah) == 4) kill(pid, SIGKILL); fclose(fin); k=0; /* new dial attempt */ system("pppd connect 'chat -v -f /root/pppchat'"); /* try again */ #ifdef DOLOG now = time(NULL); if ((log = fopen("/root/log", "a")) == NULL) { fprintf(stderr, "Error in opening log file.\n"); exit(1); } fprintf(log, "Initiating ppp-link. %s\n", ctime(&now)); fclose(log); #endif sleep(60); /* wait 1 min and check again */ } if(j && !k) /* first time with new address */ { if ((fin = fopen("/root/ip", "w")) == NULL) { fprintf(stderr, "Error in opening output file.\n"); exit(1); } fprintf(fin, "%s\n", bah); /* write out addr */ fclose(fin); /* mail it to yourself */ system("mail -s IP joker@your.moma.com < /root/ip"); k=1; } else /* take a nap and check again when we wake up */ { j = 0; sleep(300); /* wait 5 minutes to check again */ } } } Section 4.3: portmsg.c /* * Portmsg.c written by Ryan R. Klems (rklems@primenet.com) * Copyright 1996, Author releases this source freely, allowing * copying and modification, so long as the original copyright notice * is maintained. * * I request that if you use this program that you mail me. Thats * all I ask. * * This program sets up a port on a server to accept telnets. Upon * accepting a telnet, the program outputs a message, and then closes * the connection. * * address of message would be xxx.xxx.xxx.xxx yyyy where the x's * s the IP number or IP name, and yyyy is the port number set up * within this program. * * Compiling instructions: * Linux : gcc portmsg_gen.c -o * SunOS : gcc portmsg_gen.c -lsocket -lnsl -o * ***Note*** * I don't have access to any other operating systems, so if you * compile this program on an OS I don't have listed, and use * compiler options I didn't mention...please email me =) */ #include #include #include #include #include #include #include #include #include #include #define HOSTNAME "ares" /* hostname of computer */ #define PORT 3000 /* tcp port to bind to */ /* #define GETHOSTNAME */ /* uncomment if your server has gethostname() */ void get_location(void); /* proto of my mail reading function */ char location[80]; /* The IP address */ void main(void) { struct in_addr host_ip_number; struct sockaddr_in host_ip_addr; struct sockaddr_in addr; char host_name[100]; struct hostent *hp; int s, new_sock; int tmp, length; /* * The server I wrote this for doesn't have gethostname() * so, I put in a little fix... */ #ifdef GETHOSTNAME gethostname(host_name, sizeof(host_name)); #else strcpy(host_name, HOSTNAME); #endif hp = gethostbyname(host_name); bzero((char *)&host_ip_addr, sizeof(host_ip_addr)); memcpy((char *)&host_ip_addr.sin_addr, hp->h_addr, hp->h_length); host_ip_addr.sin_family = hp->h_addrtype; host_ip_number = host_ip_addr.sin_addr; host_ip_addr.sin_port = htons(PORT); host_ip_addr.sin_addr.s_addr = INADDR_ANY; /* open a socket s */ s = socket(host_ip_addr.sin_family, SOCK_STREAM, 0); if ((int)s==-1) { fprintf(stderr, "Error in opening socket.\n"); exit(1); } tmp = 1; if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&tmp, sizeof(tmp))<0) { fprintf(stderr, "Error in setsockopt.\n"); exit(1); } /* bind the socket to the server */ if (bind(s, (struct sockaddr *)&host_ip_addr, sizeof(host_ip_addr)) == -1) { if(errno == EADDRINUSE) { fprintf(stderr, "Socket already bound!\n"); exit(1); } else { fprintf(stderr, "Other error binding socket.\n"); exit(1); } } /* tell the server to listen to the port */ if (listen(s, 1) == -1) /* 1 is the maximum size of the connection queue */ { fprintf(stderr, "Error in listen.\n"); exit(1); } while(1) /* just keep looping */ { length = sizeof(addr); /* * port has been opened with socket(), bound with bind(), and set * active with listen(), now accept() watches the port for * connections, it will wait here until it has one... * new_sock is the file descriptor for the new socket */ new_sock = accept(s, (struct sockaddr *)&addr, &length); /* * The function get_location() and the send()'s are what I did to * suit my particular needs. Put your own messages in here... */ get_location(); /* send just sends a string foo of length strlen(foo) with flags */ send(new_sock, "Location:\n", 11, 0); send(new_sock, location, strlen(location), 0); close(new_sock); /* Close connection after message printed */ } } void get_location(void) { FILE *mail; /* file pointer for mail file */ char a[80]; /* char array for holding ip addr */ /* * FYI, this just opens my mail file, looks for a line with * 198.68.(the domain of my ISP), takes the last part, puts * the 198.68. in location, then cats the rest on the end */ strcpy(a, "42.**"); /* open /var/mail/ryan for read, and check to see there is a file */ if((mail = fopen("/var/mail/ryan", "r")) == NULL) { strcpy(location, "Error in obtaining information.\n"); return; } else { while(!feof(mail)) /* until reaching EOF, do this */ { fgets(location, 80, mail); /* Grab a line, from mail */ sscanf(location, "198.68.%s", a); /* look for domain */ } strcpy(location, "198.68."); strcat(location, a); /* loops continues till end of file because I want most recent IP */ } } ________ 5.0 Dynamic DNS entries There is already a page on this, at http://www.cfmeu.asn.au/matthew/virtualip.html. Check it out, Matthew just got it working and is asking for other people to try it to iron out the fine details. The hack involves already having control of a DNS at a static IP, so most people will probably be better off with this second option: DynDNS.com has just announced that they will be providing this service for a very low cost ($20-$25 a year was the price quoted to me, and I think that's very reasonable) and in the course of beta testing will provide this service free until November 30th, 1996. Check out their site at http://www.dyndns.com, and see the press release in question at http://www.dyndns.com/press/DYNDNS.COM.10-21-1996 E-mail Gus Hurwitz for more details. ________ 6.0 Hack #6: Updating your .plan by Matthew Nuckolls written by Matthew Nuckolls This pair of scripts allows one to put their current IP number in their .plan file on a remote server. I use it so friends and family can see if I'm dialed in, and where to send ytalk requests to. Put something like /etc/ppp/putip "None, the link is down" as the first line in your ppp-off script. You need a valid $HOME/.netrc file for putip to work. mine looks like: machine rocket login mnuck password and is chmod 600 -Matthew Nuckolls mnuck@umr.edu ----------ip-up: #!/bin/sh # # make sure this is chmod 711, since your password is stored in the clear PLANLOC = /home/mnuck/.plan REMOTE_USER_NAME = mnuck REMOTE_PASSWORD = REMOTE_PLANLOC = /afs/umr.edu/users/mnuck/pub/.plan REMOTE_SERVER = rocket echo "My dynamic IP is: " $4 > /tmp/ip.myip cat $PLANLOC /tmp/ip.myip > /tmp/plan echo $REMOTE_USER_NAME > /tmp/ip.script echo $REMOTE_PASSWORD >> /tmp/ip.script echo "put /tmp/plan" $REMOTE_PLANLOC >> /tmp/ip.script echo "quit" >> /tmp/ip.script ftp $REMOTE_SERVER < /tmp/ip.script &> /dev/null rm -f /tmp/ip.myip rm -f /tmp/ip.script rm -f /tmp/plan ----------end ip-up ----------putip: #!/bin/sh # # This script relies on a vaild .netrc file # -see ftp man page for details PLANLOC = /home/mnuck/.plan REMOTE_PLANLOC = /afs/umr.edu/users/mnuck/pub/.plan REMOTE_SERVER = rocket echo "My dynamic IP is: " $1 > /tmp/ip.myip cat $PLANLOC /tmp/ip.myip > /tmp/plan echo "put /tmp/plan" $REMOTE_PLANLOC > /tmp/ip.script echo "quit" >> /tmp/ip.script ftp $REMOTE_SERVER < /tmp/ip.script &> /dev/null rm -f /tmp/ip.myip rm -f /tmp/ip.script rm -f /tmp/plan ----------end putip ________ 7.0 Hack #7: A simple procmail recipe for finding your new IP by Justin Cragin written by Michael Driscoll Here's an easy one, assuming you already have procmail set up. This hack requires that you have a spare shell/email account where you can temporarily stick your mail and is useful when you can't use the mailing trick in hack one to get your new IP address because you have a cron job regularly downloading your mail. In your .procmailrc, simply add the following recipe: :0: * ^Subject: sendmeip |mail -s "Your new IP" other.mail.address@site.net < /var/run/add For the email address use a shell account whose mail is not being regularly downloaded by a cronjob to your local machine (what, doesn't anybody else collect shell accounts? I have four so far ;) /var/run/add is of course the file containing your IP address that we set up in hack one. Now to use this, just mail yourself from any place on the 'net with a subject of sendmeip, and then telnet to the shell account and wait for the cronjob on your machine at home to download that mail and automatically send you a reply with your new IP in it! ________ 8.0 Hack #8: Dynamic Home Page via ftp by Michael Driscoll This is a simple and easy hack for putting your new IP address on a home page on your ISP's http server. It requires: o ncftp (though you could kludge up a script that could use ftp) o ftp access to your IPS's web server. You can see this hack in action at http://userzweb.lightspeed.net/~fenris (I also have scripts from for another hack that accomplishes the same thing that this does, though they use ftp and no perl. You can find these scripts at my home page, as http://userzweb.lightspeed.net/~fenris/contrib.tar.gz). Note: an alternative to this hack (using CGI) is present in hack #11. It is useful for those without ftp access to their ISP's http servers. Section 8.1: Why would I want to do this? 1: Because it's a neat hack. 2: So that all of your friends and family can easily find your new IP address (Ok, maybe that's not a good thing :) 3: So that you can run your own httpd, with your own CGI's (Merely put an http:// pointer to your new IP address which will access your own httpd) 4: When have we needed a reason to do something? Section 8.2: Setting up your page First, you're going to want to write up some HTML to go onto the pointer page. It is beyond the scope of this HowTo to teach you HTML, so you'll have to learn that bit yourself. However, when you write the page, in place of your machine address, instead put a recognizable anchor (I will use 'potrzebie' in this case) so that we can use a script to replace that anchor with our IP address. For example, a simple page would look like this: This is Mike Driscoll's Dynamic IP Dynamic Home Page

Last known IP of ulfheim.lightspeed.net:

potrzebie Notice that the href and the link name use 'potrzebie', which we will fill in with our IP address before we upload the page to the server. For this example, I'll assume that you've named this stock page /etc/ppp/index.html. Section 8.3: Editing .ncftprc Now we'll add some stuff to root's .ncftprc. In mine, I have the following: ---------- #set auto-binary on #set recent-list off machine your.isps.web.server user yourusername password yourpassword macdef init cd /to/your/home/directory put /tmp/index.html index.html quit ---------- The auto-binary insures that we'll be in binary mode, the recent-list bit stops a .ncrecent file from being created (I just don't like them, you can have one if you want), and the machine entry defines my password, username, and default actions (you might not need the cd bit, at least I don't). Section 8.4: A simple search and replace sed rule Now we write the sed rule. Just put the following in /etc/ppp/ip-up: # Begin dynamic IP stuff if [-e /tmp/index.html] { logger \ 'Uh-oh, already a /tmp/index.html. Possible malicious hacker?' exit 1 } else { cat /etc/ppp/index.html | sed -e s/potrzebie/$4/g \ > /tmp/index.html ncftp your.isps.web.server >/dev/null 2>&1 } First we check for pre-existance of /tmp/index.html. A cracker could be trying to exploit our usage of this to wipe out any file he pleases in the filesystem by linking /tmp/index.html to it and waiting until the script is run. If it already exists, a message is logged and the script dumps. If there is no /tmp/index.html, we run our sed script. This substitutes all occurances of our anchor string "potrzebie" with our new IP address and dumps the new index.html in /tmp. ncftp is then run to upload our new index.html. Congratulations, it's done, you now have a dynamic home page that you can use to point to your home machine! Have fun customizing it! Just edit /etc/ppp/index.html, and it should be updated the next time you dial up your ISP with pppd. ________ 9.0 Hack #9: Paging yourself with your new IP address by Michael Driscoll Here's a neat hack that I don't know anyone will use. It involves using a modem-dialing program to page oneself with one's new IP address. It requires: o modem (speed doesn't matter since we're just going to use it to dial [aren't you glad you kept your 300bps modem? :-) ]) o extra phone line (doesn't need to be dedicated to this, as hopefully you have a modem that will gracefully give up if a voice call is already in progress (I guess that's something you should check, some modems are rather brutal about this)). o An ordinary numeric pager o A dialing program Section 9.1: The paging program For this hack you will need some program that has the ability to dial a modem from the command line. For the following examples, I will use the program 'modem-stats' by Kenneth J. Hendrickson , which can be found at ftp://sunsite.unc.edu/pub/Linux/apps/comm/modem-stats.tar.gz I imagine that other dialing programs can easily be adapted to these examples. Section 9.2: Calling it from ip-up We will put the following lines in /etc/ppp/ip-up: #Separate $4 (IP address) into four parts part1=`echo $4 | cut -f1 -d.` part2=`echo $4 | cut -f2 -d.` part3=`echo $4 | cut -f3 -d.` part4=`echo $4 | cut -f4 -d.` #Run dialing program /usr/sbin/modem-stats -c 'atz' /dev/cua2 /usr/sbin/modem-stats -c 'ats7=15' /dev/cua2 /usr/sbin/modem-stats \ -c 'atdt6384658,,,'${part1}'*'${part2}'*'${part3}'*'${part4} /dev/cua2 Explanations: The atz resets the modem to sane defaults, the ats7=15 sets the time to wait for a carrier, the ','s are pauses, and the '*'s are used to signify dashes (at least they do on my pager, hopefully they will on yours). Oh yes, and you might have better results if you put your own pager number in place of 638-4658, as that is my pager number :-) Also, replace /dev/cua2 with the device name for your modem. Congratulations. You're done! ________ 10.0 Hack #10: xterm logins through a firewall by Brad Baker [***MODERATOR'S NOTE***: As the author of this hack notes, this hack may have inherent security problems, such as the possibility of password capture and the breach of your firewall's security inherent in handing out logins to sites outside your localnet. This hack is being included more for its hack value than its general usefulness. I wouldn't suggest doing this one unless you are the netadmin for that network or are on very good terms with him or her :-)] [And now, back to the hack] Here's another hack for you to try. This one works, and I'm not sure of the security risks yet, but it is amusing. It would be nice to be able to get access to my work machine (Sun) from home, and vice versa, yet telnet is firewalled at work. Here's a way around it. For purposes of this explanation I'll give the method for gaining access to my work machine from my home Linux machine, with a dial-up PPP connection to my ISP and dynamic IP assignment. >From home, when I want access to my work machine, I dial-in and fire up X, set "xhost +", determine my dynamic IP, and email my dynamic IP to my work machine in a mail message with a particular format. On my work machine I have a procmail recipe/script setup that parses the body of a message whose subject matches a target, say "X-W". If the body of that message meets certain requirements then it extracts the IP from the message and spawns an xterm with the display directed to my home dynamic IP like this: xterm -display my.ip.i.sent:0.0 -e login Voila! In about 30 secs to a minute, an xterm login shell appears on my home machine! I haven't tried going the other direction yet because my home machine isn't on full time, but using the other methods of determining the dynamic IP from a remote machine it should work the same way. I'm quite concerned about security issues though and so I've got it disabled until I find out more. When the xterm shows up at home it gives a login prompt, and Secure Keyboard can be used to avoid capture of the password (I'm not sure how secure this feature is in xterm). Still, I'm not real sure at this time what the security features of X are. I'm most concerned about my xterm popping up on the wrong IP, or to an IP that I had before my line connection got dropped just now, though, most users are using Windows and the X access request will not succeed. Further required security procedures are to encrypt the IP in the email message with PGP or common key encryption and to restrict the dynamic IPs to a range, though my ISP won't divulge the range of their dynamic IPs to me. Here's the .procmailrc rule, script file, and sample email message that I used to test it (say 111.222.333.444 is the dynamic ip). -- rule set in ~/.procmailrc -- : ^Subject: X-W | cat | $HOME/scripts/send_xterm -- end -- -- ~/scripts/send_xterm -- #!/bin/sh XX=`cat $1 | grep "^IP: .*" | sed "s/IP: \(.*\)/\1/"` xterm -display $XX -e login & -- end -- -- sample email message -- To: bpb@my.machine.com Subject: X-W IP: 111.222.333.444:0.0 -- end -- You can try it out on your own machine by mailing it to yourself (after you've setup .procmailrc and send_xterm locally of course). ________ 11.0 Hack #11: Dynamic Home Page via CGI by Michael Driscoll This hack is similar to hack #8, but differs in method. While hack #8 involves using ftp access to your ISP's http server to update a page containing a link to your new IP, this one accesses a .cgi script on your ISP's http server which sets up our new page by itself. To use this script you'll have to convince your ISP's sysadmin to put this CGI on their http server. It is not unreasonable for them to charge you money to check the script for security since it takes them time and is a bit of insurance for the risk of them putting it on the server in the first place (although I'll try my best to make this one 'secure'). For example, my ISP (lightspeed.net) charges $50 per script to check it. ***Warning*** Not only is this script new and (largely) untested, but I'm writing it at 02:52 PDT to avoid doing my Philosophy mid-term. If you don't know anything about CGI and how to make it secure, then I'd suggest you wait until any bugs are worked out before you try foisting this upon a poor sysadmin. Section 11.1: Overview of what we'll try to do. Basically, all you'll need to do is take the following script and do a little interpretation in filling in the values. In the script we'll try to do the following: * Parse a newip= parameter, making sure it is a legitimate IP * Parse a password= parameter as a *very* loose security to make sure some hoodlums can't easily screw with your script to fill in their own IP values (Note: I know this won't be 100% foolproof but the ramifications if it fail shouldn't be *too* bad, and at least a failure should be non-destructive and there will be server logs noting who the perpitrator is). * Check the cgi's $REMOTE_HOST and $REMOTE_ADDR environment variables against your domain name to make sure that it's at least a local request. * Finally, if everything checks out, set up the page. Section 11.2: The script (dynip.pl) #!/usr/bin/perl # Written by Michael Driscoll # Suggestions very welcome require 5; # Require perl5 use CGI; # This is the CGI.pm module, available at CPAN sites everywhere # like ftp://ftp.cdrom.com/pub/perl/CPAN/modules/by-module/CGI # Fill in these values $givendomain = "domain.net"; # Put in your ISP's domain name # (Actually the last two parts of # the domain, although this can # be changed below at the split()) $givenpassword = "potrzebie"; # Fill in a password to use $filename = "/some/path/to/my/index.html"; # Get your sysadmin to fill this # in (User's page to update). # The followings deal with IP numbers using the scheme aaa.bbb.ccc.ddd $higha = "255"; # Fill in the highest range of the aaa part of your # ISP's IP block. $lowa = "0"; # Same for the low range of the aaa part. Probably the # same as $higha since most ISP's don't have more than one # class A network :-) $highb = "255"; # Fill in the highest range for bbb $lowb = "0"; # Lowest range for bbb $highc = "255"; # You get the point. $lowc = "0"; # $highd = "255"; # $lowd = "0"; # # link $query to the cgi.pm module $query = new CGI; # $newip is our new IP via the newip variable $newip = $query->param("newip"); # $trypassword is the tentative password to check against $givenpassword $trypassword = $query->param("password"); # $hostname is the name of the host this is coming from to check against # $givendomain $hostname = $query->remote_host; # Check the password first of all unless ("$trypassword" eq "$givenpassword") { print "Content-type: text/plain\n\n"; print "Sorry, wrong password\n"; exit; } # Break up the IP into @IP # substitute out any non-numerics except for \. # splice() it to take out anything after the first dotted quad # (How did that get there?? Anyways, I'm trying to take as few # chances against hackability as possible). $newip =~ s/[^\d\.]//g; @IP = split /\./, $newip; splice(@IP, 4); # Check the IP to make sure it's within bounds unless (($lowa <= $IP[0]) && ($lowb <= $IP[1]) && ($lowc <= $IP[2]) && ($lowd <= $IP[3]) && ($higha >= $IP[0]) && ($highb >= $IP[1]) && ($highc >= $IP[2]) && ($highd >= $IP[3])) { print "Content-type: text/plain\n\n"; print "Sorry, that IP doesn't seem to be within bounds\n"; exit; } # Now let's check the hostname # Break it up into parts of @hostname ($dompart1, $dompart2) = splice(@IP, 2); # Check it unless (("$dompart1"."\.$dompart2" eq "$givendomain") || ("$hostname" eq "localhost")) { # Print an error print "Content-type: text/plain\n\n"; print "Sorry, you don't seem to have the right domain\n"; exit; } # Things seem to check out, let's set up the page # Make sure to escape out things like #, \, $, @, %, and ' open(FILE, ">$filename") || die "dynip.pl cannot open $filename to write: $!"; flock(FILE, 2); # Start html here. $newip is our new IP address. print FILE "Title etc.\n\n"; print FILE "

body here


\n"; print FILE "

blah blah blah\n"; print FILE "

And here is a link to my "; print FILE "current IP address.\n"; print FILE "\n"; flock(FILE, 8); close(FILE); # Send an ok to our accessing program print "Content-type: text/plain\n\n"; print "Setup was successful\n"; Section 11.3: Accessing the CGI when our link goes up Now all we do is access it with lynx in our /etc/ppp/ip-up. The following line should do it, using the /etc/ppp/ip-up usage of $4 for the new IP value: lynx -dump \ 'http://www.ispserver.net/cgi-bin/dynip.pl?newip=$4&password=potrzebie' \ >> /etc/ppp/lynxlog Put the password you chose in the place of potrzebie, of course. And be sure to chmod 700 /etc/ppp/ip-up when you're done, now that it has sensitive information in it. (BTW, the \'s are just used so that I can fit the command under 80 columns. what they do is escape out the newline so that it is considered one command) Also be sure to periodically reduce /etc/ppp/lynxlog as it will grow to be somewhat big after a while :-) There you go...hopefully you're done! [end of hacks] Appendix A: We need more hacks! If you have a Dynamic IP hack that you would like to contribute to this HowTo, then let me know. Be warned that if you do so that it will have to be covered under the copyright notice in Section 1.7, for reasons of CD publishing and whatnot. If you {liked this HowTo, didn't like this HowTo, thought this HowTo was too confusing, found something in this HowTo that doesn't work and/or is just plain wrong, want to send me email, don't want to send me email, found a security problem in this HowTo, etc} then please mail me at . I mean it, I really would appreciate *any* feedback on this HowTo, even if you just mailed me to say that you read it! Really! Just e-mail me on anything! I *really do* love getting e-mail! Flames will *not* go to /dev/null. I think if you feel that strongly about it, I should listen. If you write up a chapter for this HowTo not only will you be helping the Linux community, but you will receive full credit for your hack, your name will go into the credits at the end of this HowTo, you will be acknowledged as a contributor in the beginning of this HowTo, your idea will be archived with almost every CD Linux distribution in the world, you'll be the envy of all of your peers, etc. Appendix B: CREDITS Michael Driscoll is the HowTo moderator and the author of a few of the hacks. Christian G. Warden helped debug the keepalive.sh script used in hack one, now the thing will work in (hopefully) all cases, including those when the connection goes down but pppd does not. Justin Cragin gave me the idea for hack one, and then got mad when he found out I stole it. I also stole the message for my answering machine from him, so I guess I owe him this one. He also recently thought up a nice hack that has become hack seven, so he is now thrice credited. And he has now helped think of the idea of hack nine, so he is once again credited. Furrfu. gave me copies of some real neat scripts of his, see 8.0 for details. I seem to have lost his name, hopefully he'll send it to me again :) Ajit Deshpande wanted to be in the credits. Divya Mahajan sent me the info on diald, which could probably end up replacing the crontab entry in hack one. Ryan Klems sent me a bunch of his own hacks, see 4.x for details. Matthew Driver gave me a pointer to his page on dynamic DNS entries. Check out 5.0 for the URL. Matthew Nuckolls gave me hack six, which updates a .plan containing your new IP address on a remote server via ftp. Scott Johnston showed me a better way to set up hack one (took out long and confusing crontab entry and put it in script called by cron instead), and gave me various other pointers. Brad Baker wrote the really neat hack ten. Christian Hardmeier <101502.1521@CompuServe.COM> got me motivated to write hack eleven. Justin (Gus) Hurwitz let me know about his new service providing dynamic DNS entries for hosts with dynamic IP. Check out the pointer in chapter -- Michael Driscoll