Inadyn Client Blocked for Abuse

Question

I am deploying inadyn client to update my IP address, but it always reports the IP needs to be updated, and I was eventually blocked. Why is this client recommended if it does not work?

This is my command:

inadyn -u user -p pass -a http://site.dyndns.org --iterations 1 --verbose 5

Here is my log (with changes to protect the innocent)

INADYN: Started 'INADYN version 1.96' - dynamic DNS updater.
The request for IP server:
GET http://checkip.dyndns.org/ HTTP/1.0


DYNDNS: IP server response: HTTP/1.1 200 OK
Content-Type: text/html
Server: DynDNS-CheckIP/1.0
Connection: close
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 105

<html><head><title>Current IP Check</title></head><body>Current IP Address: 24.25.200.1</body></html>

W: DYNDNS: My IP address: 24.25.200.1
I:INADYN: IP address for alias 'site.dyndns.org' needs update to '24.25.200.1'
DYNDNS my Request:
GET http://members.dyndns.org/nic/update?system=dyndns&hostname=mauirc.dyndns.org&myip=24.25.200.1&wildcard=ON&mx=site.dyndns.org&backmx=NO&offline=NO HTTP/1.0
Host: http://members.dyndns.org
Authorization: Basic ##################
User-Agent: inadyn/1.96 inarcis2002@hotpop.com


W:INADYN: Error validating DYNDNS svr answer. Check usr,pass,hostname!
W:INADYN: DYNDNS Server response:
HTTP/1.1 200 OK
Date: Wed, 14 Apr 2010 00:53:06 GMT
Server: Apache
X-UpdateCode: N
Content-Type: text/plain
Connection: close

abuse

Answer 1

0

After stepping through the source code, it's clear that the inadyn does not verify the current DNS value before trying the first update.

So it will always update your IP on the first run, therefore the only way this program will work is if you leave it running in the background.

answered Apr 14 at 01:39 AM

$mauirc\'s gravatar image$

mauirc
31 ● 2 ● 2 ● 8

This has been fixed since the 1.97.3 release of inadyn.

Nov 05 at 01:16 AM Troglobit

Answer 2

My powers are too weak to "op" mauirc, but he's correct. You need to keep inadyn running in the background to get continuously updated status.

Put something like this in your /etc/inadyn.cfg:

--syslog
--forced_update_period 604800
--wildcard
--username USER
--password PASS
--dyndns_system dyndns@dyndns.org
--alias YOUR.DYNDNS-ALIAS.TLD
--update_period_sec 600

It would probably also be useful, like mauirc says, to use a patched up inadyn that supports IP caching. For the benefit of everyone I've recently picked up inadyn and have merged most sane patches I've found lingering on the web. See project details and download the latest v1.97.1 at http://freshmeat.net/projects/inadyn

Good Luck!

Answer 3

I created a script to check the DNS value before performing the update. Use at your own risk:

#!/bin/bash

while getopts "f" opt; do
   case $opt in
      f) shift; FORCE=1;;
      *) exit -1 ;;
   esac
done

if ! [ "$1" -a "$2" -a "$3" ]; then
   echo "missing args: [login] [password] [hostname]"
   exit -1
fi

LOGIN=$1
PASSWORD=$2
HOST=$3

IP_ADDRESS=$(wget -q -O - http://checkip.dyndns.com/index.html |
      grep -Eo "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+")
DNS_ADDRESS=$(dig $HOST +short)

if ! [ "$IP_ADDRESS" ]; then
   echo "Bad IP Address: '$IP_ADDRESS'"
   exit -1
fi
if ! [ "$DNS_ADDRESS" ]; then
   echo "Bad DNS Address: '$DNS_ADDRESS'"
   exit -1
fi

if [ "$IP_ADDRESS" != "$DNS_ADDRESS" -o "$FORCE" ]; then
   echo "old IP: $DNS_ADDRESS"
   echo "new IP: $IP_ADDRESS"
   wget -q -O - \
      "http://${LOGIN}:${PASSWORD}@members.dyndns.org/nic/update?hostname=${HOST}"
fi

Update:

Do not call this script more than once every 10 min, as it relies on http://checkip.dyndns.com. Doing so would violate the client policies set in place.

Answer 4

0

Note that checking the current value through DNS lookups is against the DynDNS guidelines and may itself lead an account to being blocked for abuse.

Either leave it running as a daemon, use a patched version that supports caching the value or use ddclient, which is correctly behaved.

answered Apr 14 at 08:50 AM

$Cry Havok\'s gravatar image$

Cry Havok ♦
52k ● 13 ● 26 ● 222

I'm afraid you misunderstood the policy "Perform DNS updates to determine whether the client IP needs to be updated." They talk about DNS Updates, not about DNS lookups. Preventing from making DNS lookups wouldn't make any sense; they never knew if a lookup came from an update client or from any other "legit" application. Also, there is no limitation regarding the number of lookups. This is what the whole system's real purpose is - recursive DNS.

Apr 14 at 09:37 AM RotBlitz ♦

I also want to point out that inadyn is already non-conforming to the "only update when the IP address is different from the IP of the last update" requirement. In any deployment, if you restart the inadyn process due to system reboot or process crash, then it will perform an update even if the IP address has not changed.

Apr 15 at 01:39 AM mauirc

I agree with RotBlitz, first of all there is no way for DynDNS to know who is making the request. It will come from my some up-stream DNS at my ISP or higher. The fact that the default TTL is 60 means that making one request every 5 to 15 minutes, is likely going to be insequonsiquential. I would image the "checkip" address would cause more concern for abuse, but I think many, if not all clients are using that, and hitting it frequently.

Apr 15 at 06:51 AM mauirc

Inadyn Client Blocked for Abuse

Dyn Community Support

Get Involved

Related Questions

Follow this question