QuoteCouple of notes regarding the updated web interface:
1) To update your tunnel's IPv4 endpoint, click on the tunnel for the details page, then click on your listed IPv4 endpoint. This will open a new page where you enter your new IPv4 endpoint address, and click submit to make the change.
Its occuring (as always occurs by murphy law) that my IPv4 endpoint address, choose to
changes IPv4 endpoint address, ONLY every time I'm away for some reason :lol:
example: I go to asleep , or I go to a meeting ... , etc.
Well , the day after I get fully automatic on updating my endpoint address
that updated web interface (excelent update for human use :D
rendered my script not working anymore :cry:
imho: there is no need to any web interface update to break any script
*just left the old php web interface into the web server (umodifyed)
*that old interface is accessible only by typing its full url ...
so, despite web page has been changed for humans use and shows up in java script instead of in php
*scripts contine working
btw: I have this entry in crontab
*/7 * * * * root /root/dns
this is the dns script
#!/bin/bash
cd /root/dyndns
/sbin/ip link show up | grep ppp0 &> /dev/null
if [ $? -eq 0 ]; then
# ./ipcheck.py -s -w -ippp0 --acctfile dados -d roberto.dnsalias.com
./ipcheck.py -w -ippp0 --acctfile dados -d roberto.dnsalias.com
./ipcheck.py -w -ippp0 --acctfile dados2 -d konectrix.dnsalias.com
./updateipv4.sh
fi
#/sbin/ip link show up | grep eth1 &> /dev/null
#if [ $? -eq 0 ];then
# ./ipcheck.py -s -w -ieth1 --acctfile dados -d roberto.dnsalias.com
# ./ipcheck.py -w -ieth1 --acctfile dados2 -d konectrix.dnsalias.com
#fi
cd -
and this is the script that get broken cause the removal of the php code from he-ipv6 web server
[root@crobertp dyndns]# cat updateipv4.sh
#!/bin/sh
#############################
# Hurricane's TunnelBroker Endpoint ipv4 address updater
# ------------------------------------------------------
#
# Command line usage:
# % updateipv4 [ipv4 [ tunnel_id [ login password ] ] ]
#
# Defaults values are taken from below
#
#############################
##################
# DEFAULT VALUES
##################
LOGIN="your_userid"
PASSWORD="your_password"
TUNNELID="12345" # your_tunnelid
# When empty, IPv4 value is fetched from whatismyip
# Modificacao local to get ip from ppp0 /* crp * 22 jul 2008 */
IPV4=$(ip -4 addr show dev ppp0 | awk '/inet/ {print $2}' | cut -d/ -f1)
O_IPV4=$( cat "O_IPV4")
if [ ".$O_IPV4" == ".$IPV4" ]
then exit
fi
echo $IPV4 > "O_IPV4"
exit # exit here cause php code on Hurricanes was removed
##########################################
# http headers templates
COOKIETEMPLATE="GET /index.php HTTP/1.1
Host: tunnelbroker.net
"
LOGINTEMPLATE="POST /index.php?COOKIE HTTP/1.1
Host: tunnelbroker.net
Referer: http://tunnelbroker.net/index.php
Content-Type: application/x-www-form-urlencoded
Content-Length: POSTSIZE
POSTDATA"
UPDATETEMPLATE="POST /ipv4_end.php?COOKIE&tunnelid=TUNNEL_ID HTTP/1.1
Host: tunnelbroker.net
Cookie: COOKIE
Content-Type: application/x-www-form-urlencoded
Content-Length: POSTSIZE
POSTDATA"
##########################################
# check if we're a host with busybox and need to strip some options
if [ -e '/bin/busybox' ]
then
TIMEOUTOPTION=''
else
TIMEOUTOPTION='20'
fi
# replace default parameters with command line ones
if [ ! -z $4 ]; then LOGIN=$4 ; fi
if [ ! -z $3 ]; then PASSWORD=$3 ; fi
if [ ! -z $2 ]; then TUNNELID=$2 ; fi
if [ ! -z $1 ]; then IPV4=$1 ; fi
# if we don't already know our new ip, let's find it by ourself
if [ -z "${IPV4}" ]
then
IPV4=`wget http://whatismyip.com/automation/n09230945.asp -O - 2>/dev/null`
if [ `expr length $IPV4` -gt 15 ]
then
echo "-IP Guess Failed."
exit 1
else
echo "+Guessed IP:"$IPV4
fi
fi
MD5PASSWORD=`echo -n $PASSWORD | md5sum | sed -e 's/ -//g'`
# sed command parsing hack, @ for &
LOGINPOSTDATA='username='$LOGIN'@clearpass=@password='$MD5PASSWORD'@Login=Login'
LOGINPOSTDATASIZE=`expr length "$LOGINPOSTDATA"`
UPDATEPOSTDATA='ipv4b='$IPV4'@update=Submit'
UPDATEPOSTDATASIZE=`expr length "$UPDATEPOSTDATA"`
echo "+Set password hash: "$MD5PASSWORD
# Get session cookie
echo "+Requesting cookie"
MYCOOKIE=`echo "${COOKIETEMPLATE}" | nc tunnelbroker.net 80 $TIMEOUTOPTION | grep Cookie | tr -d '{\r\n}' | sed -e 's+Set-Cookie: ++' -e 's+; path=/++'`
echo "+Got cookie value: "$MYCOOKIE
# log in with cookie and credentials
echo "+Logging in"
echo "${LOGINTEMPLATE}" | sed -e 's/POSTDATA/'$LOGINPOSTDATA'/' -e 's/POSTSIZE/'$LOGINPOSTDATASIZE'/' -e 's+COOKIE+'$MYCOOKIE'+' | tr '@' '&' \
| nc tunnelbroker.net 80 $TIMEOUTOPTION > /dev/null
echo "${LOGINTEMPLATE}" | sed -e 's/POSTDATA/'$LOGINPOSTDATA'/' -e 's/POSTSIZE/'$LOGINPOSTDATASIZE'/' -e 's+COOKIE+'$MYCOOKIE'+' | tr '@' '&' \
| nc tunnelbroker.net 80 $TIMEOUTOPTION > /dev/null
echo "+Switching tunnel" $TUNNELID "to: "$IPV4
# Update the tunnel ip endpoint
SUCCESS=`echo "${UPDATETEMPLATE}" | sed -e 's/POSTDATA/'$UPDATEPOSTDATA'/' -e 's/POSTSIZE/'$UPDATEPOSTDATASIZE'/' -e 's+COOKIE+'$MYCOOKIE'+g' \
-e 's+TUNNEL_ID+'$TUNNELID'+' | tr '@' '&' \
| nc tunnelbroker.net 80 $TIMEOUTOPTION | grep "IPv4 endpoint has been updated\|That IPv4 endpoint is already in use"`
if [ -z "${SUCCESS}" ]
then
echo "-Update FAILED"
exit 1
else
echo "+Updated Successfully"
#put here your code to do ifdown / ifup on sit0 / sit1 -and/or- he-ipv6
exit 0
fi
########################################
# v 0.5 Francois Cartegnie
# e-mail: echo "spnegrtavr@serr.se" | tr A-Za-z N-ZA-Mn-za-m
#
[root@crobertp dyndns]#TIA
same problem here
some changes in html code:
index.php -> login.php
username -> f_user
password -> f_pass
on Browser this works:
http://tunnelbroker.net/login.php?f_user=XXXXX&f_pass=YYYYY
edit: fixed, i think. [i forgot an '=' in my script ::)]
just change this
index.php -> login.php
username -> f_user
password -> f_pass
i missed this :)
ipv4_end.php?tunnelid -> ipv4_end.php?tunnel_id
Quote from: dragoon on July 28, 2008, 06:39:32 PM
i missed this :)
ipv4_end.php?tunnelid -> ipv4_end.php?tunnel_id
just updated my script , but still not working
*appears that before calling ipv4_end.php , is need to call tunnel_detail.php?tunnelid=nnnn
*note that tunnel_detail.php requires tunnelid , while ipv4_end.php requires tunnel_id
I wonder why ipv4_end.php didnt work direct after login , since tunnel_id=nnnnn is passed
so, im installing a network sniffer to try understanding whats happening
[edit] tbtw: is possible adding another param to ipv4_end.php ???
so, I will be able to call it direct , instead of having to type ip on that input field
example:
ipv4_end.php?tunnel_id=12345&new_ipv4_ip="201.65.96.199"
*may be the problem is that root do *not* run java script , from any web pages it eventually visit
[/edit]
Thanks
i use this script
update.sh 1.2.3.4
#!/bin/sh
# IPv6 Update
hetunid=XXXX <- tunnel id
heusrnm=XXXXX <- username
heusrpw=XXXXXXXXX <- md5 password
hesiteu=http://ipv4.tunnelbroker.net
optcurl="-s -L -b /tmp/cookies.he -c /tmp/cookies.he -A Mozilla/4.0"
ipv4pub=$1
helog=/tmp/he-net.log
curl ${optcurl} ${hesiteu}/ > /dev/null
curl ${optcurl} -d "f_user=${heusrnm}&f_pass=${heusrpw}" ${hesiteu}/login.php > ${helog}
curl ${optcurl} -d "ipv4b=${ipv4pub}&update=Submit" ${hesiteu}/ipv4_end.php?tunnel_id=${hetunid} >> ${helog}
curl ${optcurl} ${hesiteu}/logout.php > /dev/null
# end
maybe curl do some emulation
i test directly on browser, and i get this error:
Update IPv4 Endpoint
SELECT username from auth_user_md5 where password = '' limit 1That password is not valid
edit: this error is funny :)
Please use the format http://www.tunnelbroker.net/ipv4_end.php
?ipv4b=ipv4b&pass=md5_hash_of_pass&user_id=user_id_from_main_page&tunnel_id=global_tunnel_id_from_tunnel_details
Its almost like you were testing while I was pegging something in place to make it so you guys can automate without having to guess :)
The error code at :
http://www.tunnelbroker.net/ipv4_end.php should now have the proper code for calling that script.
basically in the change of platforms we ran up against a need to get rid of all the old session/authentication code from the old broker. As such the ipv4_end script was not going to work right anymore.
The tunnelbroker itself now uses ipv4_update.php to do stuff inside itself and ipv4_end should never need to be updated again.
All you need to do is grab your variables once (The user_id is on the main page for your account, the tunnel_id is the global id on the tunnel details page, and the password can be generated by doing an md5 hash of your password) and then it should run forever.
We are also going to be able to now add support for other interesting update mechanisms like dynamic dns, etc...
Sam
Quote from: dragoon on July 29, 2008, 04:17:05 PM
maybe curl do some emulation
i test directly on browser, and i get this error:
Update IPv4 Endpoint
SELECT username from auth_user_md5 where password = '' limit 1That password is not valid
edit: this error is funny :)
Please use the format http://www.tunnelbroker.net/ipv4_end.php
?ipv4b=ipv4b&pass=md5_hash_of_pass&user_id=user_id_from_main_page&tunnel_id=global_tunnel_id_from_tunnel_details
is better use https://ipv4.tunnelbroker.net/ipv4_end.php
tunnelbroker.net may cause problems when lost ipv6 connectivity
Not a bad point, message updated accordingly.
Sam
Quote from: dragoon on July 29, 2008, 04:47:58 PM
is better use https://ipv4.tunnelbroker.net/ipv4_end.php
tunnelbroker.net may cause problems when lost ipv6 connectivity
if ipv4_end.php is to use with scripts only
you can remove unneeded html code
errors messages are enough :)
Quote from: samh on July 29, 2008, 04:55:02 PM
Not a bad point, message updated accordingly.
Sam
Quote from: dragoon on July 29, 2008, 04:47:58 PM
is better use https://ipv4.tunnelbroker.net/ipv4_end.php
tunnelbroker.net may cause problems when lost ipv6 connectivity
the problem here is that it says that my password i WRONG ::)
disregard I had try
clear password
md5 password
with
http connecion
https connection
so , four trys , even un successful
+ wget 'https://ipv4.tunnelbroker.net/ipv4_update.php?ipv4b=201.51.92.101&pass=783eb4a07a51af015db6960418c5dc0b&user_id=crobertp&tunnel_id=11793'
--16:04:34-- https://ipv4.tunnelbroker.net/ipv4_update.php?ipv4b=201.51.92.101&pass=783eb4a07a51af015db6960418c5dc0b&user_id=crobertp&tunnel_id=11793
=> `ipv4_update.php?ipv4b=201.51.92.101&pass=783eb4a07a51af015db6960418c5dc0b&user_id=crobertp&tunnel_id=11793'
Resolving ipv4.tunnelbroker.net... done.
Connecting to ipv4.tunnelbroker.net[64.62.200.2]:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: error.php?e=2 [following]
--16:04:35-- https://ipv4.tunnelbroker.net/error.php?e=2
=> `error.php?e=2'
Connecting to ipv4.tunnelbroker.net[64.62.200.2]:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5,757 [text/html]
100%[==================================================================================>] 5,757 24.66K/s ETA 00:00
16:04:37 (24.66 KB/s) - `error.php?e=2' saved [5757/5757]
+ exit
[root@crobertp dyndns]#
So, please, fix your side
btw: I run a p2p search engine on ipv6
http://yacy.hack-inter.net:8181/
and cause this problem, my search engine was un available for the world by about 12 hours :'(
Thanks
Try using ipv4_end.php in your URL that you are fetching, like the other posts pointed out.
"ipv4_update.php" is not for the automated scripts, but rather the interactive website.
Quote from: broquea on July 30, 2008, 12:30:33 PM
Try using ipv4_end.php in your URL that you are fetching, like the other posts pointed out.
"ipv4_update.php" is not for the automated scripts, but rather the interactive website.
ipv4_end.php --> same error --> error.php?e=2 (in other words "wrong password")
ps: I have another script to do http://post
it succesfull login
then succeesfull select detail.php?tunnelid=nnnn
then he net web server claims that my password is wrong :lol:
indeed the error is not on our scripts :(
may be you can create an new xxxxx.php , test it (if working)
then post here its name as well is usable parameters
That I will glady to write an new script , and post it here, to everyone use (for free)
Thanks
user_id isn't your username :)
you can find your user_id after login at tunnelbroker
QuotePlease use the format https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=1&pass=2&user_id=3&tunnel_id=4
Where:
1 = The new IPv4 Endpoint
2 = The MD5 Hash of your password
3 = The User_id from the main page of the tunnelbroker
4 = The Global Tunnel ID from the tunnel_details page
it works here. :)
and... change your password. you writed your md5_pass in your post.
Thanks samh and broquea, the new ipv4_end script works great!
One thing I noted was that if I updated my endpoint too quickly it gave the following error:
<br />
<b>Warning</b>: unlink(/tmp/tb.config.change.txt209.51.161.14) [<a href='function.unlink'>function.unlink</a>]: No such file or directory in <b>/home/tb/public_html/modules/tb.inc</b> on line <b>100</b><br />
Your Tunnel Endpoint has been updated.
The tunnel was correctly configured with the new ip address (according to the website), but the tunnel was non-functional (I assume the router never got updated correctly). So perhaps there's a race condition somewhere if there's already a pending router change?
Cheers
Norman
Just in case there's someone out there that has trouble with the script as provided (I didn't have curl installed by default), here's a BASH script I whipped off in a few hours of work this afternoon instead:
http://lusk.dyndns.org/tech/updater.txt (http://lusk.dyndns.org/tech/updater.txt)
This one includes a method of automatically pulling the current public IP address from a specific interface. Initial testing indicates it's solid, and I'm leaving the troubleshooting code in place (although commented out) for now. Running it as a crontab job should work fine.
Comments and improvements are appreciated. More features might be needed, though, if you have more specific needs.
Brian
Hi,
I made a Debian/Ubuntu script for ip-up.d:
/etc/ppp/ip-up.d/dnsupdate
#!/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
# If pppconfig has been removed we are not supposed to do anything.
test -f /usr/sbin/pppconfig || exit 0
# If we don't have a provider we have nothing to do.
test -z "$CALL_FILE" && exit 0
# Strip options.
PROVIDER=`echo "$CALL_FILE" | cut -d' ' -f1`
ACTIVE_PROVIDER=""
HEIP=$PPP_LOCAL
HETUNNELID=
HEUSER=
HEPASS=
HELOG="/tmp/he-net.log"
HESITEURL="https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=${HEIP}&pass=${HEPASS}&user_id=${HEUSER}&tunnel_id=${HETUNNELID}"
CURL=/usr/bin/curl
CURLOPT="-k -# -#"
if [ -f /etc/default/dnsupdate ] ; then
. /etc/default/dnsupdate
fi
test -z "$ACTIVE_PROVIDER" && exit 0
test ! "$PROVIDER" = "$ACTIVE_PROVIDER" && exit 0
test -z "$HETUNNELID" && exit 0
test -z "$HEUSER" && exit 0
test -z "$HEPASS" && exit 0
echo "$(date): ${CURL} ${CURLOPT} ${HESITEURL}:" >> ${HELOG}
echo >> ${HELOG}
${CURL} ${CURLOPT} ${HESITEURL} >> ${HELOG}
echo >> ${HELOG}
/etc/default/dnsupdate
ACTIVE_PROVIDER=dsl-provider # your dial-up ppp "provider" (the name you use for "pon" "poff")
HETUNNELID=12345 # put here your numeric tunnel id
HEUSER=md5-user-id-from-main-page # put here your md5-user-id
HEPASS=md5-hash-of-password # put here your md5-hashed password (you can use echo -n "password" | md5 on your console, but you need sleuthkit)
of course you can use "wget" instead of curl ($CURL), but you have to change the command-line options ($CURLOPT) too, so an invalid ssl-cert will be accepted (thank you tunnelbroker.net for having an invalid ssl-cert)
Suggestion: Why don't give back the public-ipv4, at least when ipv4b=AUTO is used?