• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

I'm providing my he.net scripts!

Started by tptpcc-infinity, July 18, 2012, 01:33:33 PM

Previous topic - Next topic


I thought that if anyone else is on a dynamic endpoint and wants some examples of excellent update scripts then I have provided these which I wrote for my edge NETBSD edge router!

[example begin]
root@ultra30: echo > last_ip
root@ultra30: ./ip_change.sh
[./ip_change.sh 16760] Last IP/Current IP:
[./ip_change.sh 16760] Updating network...
[/etc/scripts/update_tunnel.sh 16808] Updating he.net tunnel...
-ERROR: This tunnel is already associated with this IP address.  Please try and limit your updates to IP changes.
[/etc/scripts/update_dns.sh 5493] Updating he.net dns...
[/etc/scripts/update_dns.sh 5493] ultra30.tptp.cc... nochg
[/etc/scripts/update_dns.sh 5493] v40z.tptp.cc... nochg
[/etc/scripts/update_dns.sh 5493] tptp.cc... nochg
add net default: gateway 2001:470:7:33e::1
net.inet6.ip6.forwarding: 1 -> 1
[example end]

[ip_change.sh begin]
# handle an ip change

LAST_IP=$(cat /etc/scripts/last_ip)
MYIP=$(ifconfig hme1 | awk '/inet /' | awk '{ printf $2 }')
if [ "$MYIP" = "" ]; then MYIP=$LAST_IP; fi

echo "[$0 $$] Last IP/Current IP: $LAST_IP/$MYIP"

if [ "$LAST_IP" = "$MYIP" ]; then echo "[$0 $$] No change.";
else echo "[$0 $$] Updating network..."
       ifconfig gif0 down
       ifconfig gif0 destroy

       echo -n $MYIP > /etc/scripts/last_ip;
       exit 0

exit 1
[ip_change.sh end]

[update_dns.sh begin]

## update dns
echo "[$0 $$] Updating he.net dns..."

echo -n "[$0 $$] ultra30.tptp.cc... "
/usr/pkg/bin/curl -k -4 --retry 1112 -K /etc/scripts/HE_AUTH_CRED_1
echo ""
echo -n "[$0 $$] v40z.tptp.cc... "
/usr/pkg/bin/curl -k -4 --retry 1112 -K /etc/scripts/HE_AUTH_CRED_2
echo ""
echo -n "[$0 $$] tptp.cc... "
/usr/pkg/bin/curl -k -4 --retry 1112 -K /etc/scripts/HE_AUTH_CRED_3
echo ""
[update_dns.sh end]

[update_tunnel.sh begin]

MYIP=$(ifconfig hme1 | awk '/inet /' | awk '{ printf $2 }')
if [ "$MYIP" = "" ]; then MYIP=$LAST_IP; fi

echo "[$0 $$] Updating he.net tunnel... $MYIP"

/usr/pkg/bin/curl -k --retry 1024 -K /etc/scripts/HE_AUTH_CRED-TUNNEL
echo ""
[update_tunnel.sh end]

[up_ipv6_interface.sh begin]

MYIP=$(ifconfig hme1 | awk '/inet /' | awk '{ printf $2 }')
if [ "$MYIP" = "" ]; then MYIP=$(cat /etc/scripts/last_ip); fi

ifconfig gif0 create
ifconfig gif0 tunnel $MYIP
ifconfig gif0 inet6 2001:470:7:33e::2 2001:470:7:33e::1 prefixlen 128
route -n add -inet6 default 2001:470:7:33e::1

ifconfig gif0 inet6 alias 2001:470:e216::1
ifconfig gif0 inet6 alias 2001:470:e216::2
ifconfig gif0 inet6 alias 2001:470:e216::3
ifconfig gif0 inet6 alias 2001:470:e216::4

sysctl -w net.inet6.ip6.forwarding=1
[up_ipv6_interface.sh end]

Further more, you can either run ip_change.sh on a normal basis from crontab or via atd or somewhat, either that or you can do as I have and modify add a dhcpcd hook for RENEW and BOUND exceptions that will run the script, example:

[/libexec/dhcpcd-hooks/40-update-ip begin]

if [ "$reason" = "BOUND" ] || [ "$reason" = "RENEW" ];
       then if ! /etc/scripts/ip_change.sh;
               then /etc/scripts/up_ipv6_interface.sh;
[/libexec/dhcpcd-hooks/40-update-ip end]

These are tools I wrote for the NetBSD sparcv9 edge router at tptp.cc !!

Yeah, you know, so like keep it pro, yo.

ip_change.sh - run from crontab or as dhcpcd hook, monitors for an ip change, touch /etc/scripts/last_ip
up_ipv6_interface.sh - runs from ip_change.sh and also the dhcpcd hook to up the ipv6 interfaces when apropriate
update_dns.sh - runs from ip_change.sh if there is an ip change, to update the he.net dns respectively
update_tunnel.sh - runs from ip_change.sh if there is an ip change, to update the he.net tunnel respectively
40-update-ip - hook for dhcpcd to run ip_cahnge.sh and up interfaces on new lease or bind, on netbsd: /libexec/dhcpcd-hooks/

The AUTH files are in the form of

url <url> # like for tunnel https://ipv4.tunnelbroker.net/ipv4_end.php?tid=<tunnel id>
user <user>:<pass> # like for tunnel <he.net user>:<he.net password>

url <url> # like for dynamic dns https://dyn.dns.he.net/nic/update?hostname=<hostname>
user <user>:<pass> # like for dns <hostname>:<key generated from he.net dns interface>

-- Infinity of teh ArkNet at tptp.cc [ first word at tptp.cc ]

http://tptp.cc/scriptz/he-net-scriptz.tar.xz 1.46 kB

Uther AWEZOME net script references hosted:

http://tptp.cc/scriptz/iptables.save.txt <iptables save from a linux install, has nat, port forward, filter, redirect, conn # rate limit>
http://tptp.cc/scriptz/tc.sh.txt <tc linux traffic control extensive packet scheduler and quality of service>
http://tptp.cc/scriptz/pf.conf.txt <NetBSD/FreeBSD/OpenBSD> packet filter, packet scheduler, qos, conn # rate limit>


Aye, thanks for the edit mtindle!

Also, I've deduced that for the sake of being complete, you may also add the REBIND event to the hook script.

It'z not clear from the dhcpcd-run-hooks man page if a BOUND event is triggered WITH a REBIND and RENEW, vise versa, or all independantly. In which case source code may have to be referenced. In the meantime, for saftey, I'd add all three -^.^-

Take it ez,



FYI, you can combine the tunnel endpoint update with the DNS update.  Use the dyn-compatible updates noted here, add in the hostname and API key for the dynamic DNS hostname in the advanced settings for your tunnel.  Now you update in one spot, get two things done.



note: updated pf.conf.txt now reflects major changes and current stable state.

also noted that the tc script is an old copy



Hello my good buddy!  ;D
    It is teh one and only haqnet :P ... (xd) ... just wanted to see if you have those scriptz still handy buds... could u pls login to my ircd ? if thats not tomuch trouble... i have sage on here, and, i am not using netbsd atm , altho, i still remember your mad setup on the v340z or that, LOUD thing!
Anyhow buddy, thanks for these, it is handy for some of us! (Sage users.. specially...) although i do not YET use dns of he.net .. howver now im considering it..
Anyhow, irc.haqnet.net , or ipv6.* will get you there ... and, i hope to c ya there my friend.. i left efnut ...and all public networks basically.. they are pretty pathetica... srsly.. and, i gues i found bug also in ratbox ircd ,wich is another reason i HAD to leave :P

it was simply in identdify , you slip in like this:
print "USER UNIX 8 irc.server.bs :realname"; , in perl.. or sprintf it in .c .. this would in ratbox, cause it to allow me to make my host *@0:: ! LOL!

Yes, on ALL of efnuts shitty ass .ipv6. servers, until some snitcher gave it up :s .. but, it was ONLY adding in the 8 digit ,and that was it. kaboom.. spoofing eveytime.. was great for while. then i decided i should show others.. within 5 minutes i had opers bannin me, again :s
anyhow, i kinda had enuff of public nets, so, im runnin many awesome projects on the ircd i mentioned.. i should email you, but, i do not even know wich email, is up.. i see tptp is up but, it strangely behaving in browser..unable to connect but even stranger.. in guess will explain wen we speak :)
OK! Thats awesome script work, as always, your king of code  ... NetBSd , is awesome, we know this.. but, the scripts can be used for *BSD ... so, i gues, id like to grab them, altho, unsure if already did once.. i recall once you showed me a cpl but, i doubt it is same ones as here..and, i do not see mirrored scripts..so, i gues, i hope to hear from ya!
thanks bro!
xd / dru


Hint:  On modern unices, "/etc/scripts/last_ip" would be "/var/scripts/last_ip".  The "/etc" directory is meant for static configuration files, while "/var" is meant for configuration values which change over time.

QuoteMYIP=$(ifconfig hme1 | awk '/inet /' | awk '{ printf $2 }')
"awk"(1) instead of "grep"?  Hmmmm.

Comment - Where you do this:
Quoteif [ "$LAST_IP" = "$MYIP" ]; then echo "[$0 $$] No change.";
else echo "[$0 $$] Updating network..."
I would have done this:
Quoteif [ "$LAST_IP" = "$MYIP" ]; then echo "[$0 $$] No change."; exit 1; fi;
echo "[$0 $$] Updating network..."
It's a matter of style, but I'd rather unfold a long if/then/else clause than have one.


Quote from: snarked on November 08, 2012, 10:22:22 AMQuery:
QuoteMYIP=$(ifconfig hme1 | awk '/inet /' | awk '{ printf $2 }')
"awk"(1) instead of "grep"?
The nice part about using awk in that command line is that you can do it with just one awk command.MYIP=$(ifconfig hme1 | awk '/inet / { printf $2 }')


Thanks for the updates guys. The links to scripts at the bottom of this thread are now working again. The server has been offline more than a year, as I am sorry to say that I was incarcerated. The server is back up, although it is not running netbsd or being hosted on a sparcv9 machine as usual. At the moment a friend is hosting it on its own Linode vm.