In the past I have had a lot of trouble with DDNS services and client software (both provided by my linksys router and through ddclient). I was thinking the easiest solution would be to simply have the computer I need to work on e-mail me its IP address every so often. Is there a small program or script that does this? Better yet, is there one that would e-mail me only when the IP address changes?

Another benefit (as I see it) of this approach would be that this machine wouldn't be sitting on the web quite so wide open as it would with a DDNS address. I am the only one that needs access to this machine remotely anyway.

Thanks much,

Jeremy

The only ways for a machine behind NAT to know it's external IP are to a) contact an external site that will respond with the IP that it receieved the connection from and parse that output or b) connect to the admin interface of the NAT device and download the page that contains the WAN IP address, then parse the output.

I used wget to do the latter at one point by sending the authentication headers to my Linksys firewall and downloading the status page that contained the WAN IP address. More recently I wrote a script to SSH to connect to one of my machines that has a static IP address and use a false username to attempt login. This causes an error message in my authlog with the IP address that attempted the connection (so I know what IP the remote host is coming from).

If you're able to use DDNS I would do it. Just because you have a DNS name associated with your IP doesn't make it any more likely to be attacked than it already is. Most attack scanners just go for ranges of IP addresses know to belong to certain ISPs any way, so not having a DNS record wouldn't make any difference. It's a lot more convenient to be able to do the name-to-IP resolution via DNS than always needing to have access to wherever the IP reports are being sent to.

Hi,
Similar strategy, but easier (IMHO) and without "breaking attempt" would be to write a little php or perl script (should be less than 10 lines) that checks a given secret and mails the ip adress if positive. Something like:
Code may be incorrect, writing unchecked
Adding the functionality to mail only if the address really changed should be easy. Your home server can access this site with "links -dump url/to/your/script.php. If your script gives some html output, you can do exit code checking.
Greets,
Clemente

I concur with chort

Its a real pain writing scripts to do this for you as you need an external machine to be able to know your public IP address.

I had to resort to scripts to find my DHCP provided VPN address at work. I setup a special username on my office desktop SunBlade-1000 which anyone could rsh to, but the login shell was replaced with a script which did a who am i to get the ip address and then editted my hosts file with another setuid script. This didn't interfere with the IT depts DNS, and allowed me to rsh from my office SunBlade-1000 to my home Ultra-10. Until I got the error handling right I'd occasionally trash my /etc/hosts file.

In a nutshell, if you've got access to DDNS, use it.

Thank you all very much for your suggestions, but I have tried DDNS from dyndns.org as provided by two dfferent linksys routers in two different states (same model BEFSR41), ddclient set up under OpenSuSe 10.2, Gentoo 2006.1 and 2006.0, etc...with no luck! Perhaps there is some secret to setting it up properly? It just seems very finicky. As soon as I think I have it working, I go somewhere (perhaps only 40 miles, but an inconvenient distance no less) and it fails to update my IP address and I have no access to my machine. I was thinking it would at least be nice to have a dead simple script that mailed me the IP address every five minutes or so (so if I was locked out by DDNS I could log in and try and guess what the problem might be.

I don't know Perl or PHP and I have only a cursory knowledge of bash shellscripting, but I was thinking something along the lines of:

#!/bin/bash
5 * * * * wget checkip.dyndns.org (I can get my IP address from this page very easily) \
&& sendmail index.html my@mail.com (Can I use sendmail to send attachments? I've never used it before)

Sorry about the formatting. So basically I could just have a cron job that did this every x times (in this case every five minutes: perhaps a bit excessive)

Could anyone help me with a basic script like that?

Have any of you used ddclient? If so, how did you get it (and keep it) working? Perhaps I am missing something obvious. Is there a good way to get detailed debug output from a program like this? Perhaps something simple is wrong with the way I have set up /etc/ddclient.conf

Oh, and thanks for pointing out that DDNS is no security threat, I don't know a whole lot about networking, so I assumed having a DDNS name made a machine that much easier to find.

Thanks,

Jeremy

I used DynDNS.org before and one of the automatic update scripts (it may have been ddclient, I don't remember). There wasn't any special "trick". I just followed the instructions in the installation documentation and it worked as described. Are you sure that you've read all the documentation that came with the software?

#!/bin/bash

wget -O ~/newip checkip.dyndns.org

cmp ~/newip ~/oldip >/dev/null || {
mv ~/newip ~/oldip
mailx -s "My IP changed" you@domain.com < ~/oldip
}

Then before you run it for the first time run

touch ~/oldip

Then set it to run as frequently as you like in your crontab. It will email you the output from wget whenever it changes (its not refined so it will email even if the format of the output changes not just the IP address).

Enjoy...

Wow, thanks ojnab. I'll have to give that a shot. I've got to wait until I get an actual person to e-mail me the IP of the machine that needs this script though. :-/ This will save me loads of trouble once I get it going. Thanks!

Wow. Is it possible for posts to be deleted? I could swear that a few of you guys were helping me find info on learning to shellscript yesterday, and I recall there being a few posts about efficient ways to find shellscripts in /etc/, and now they're gone! What's happened?!

You lost track of your threads, you want to be here
.

Yet another reason not to double post.

That's bizarre. I have no recollection of starting another thread by that name. I thought that thread was part of this one...Could a mod have done this?

Yes. New topic = new thread.

Oh, ok then. It really was stupid of me to double post and then change topics. That has made things just as confusing for me as for everyone else!

Thanks,
Jeremy

I was going to suggest doing a 'ping -r 1 us.cnn.com' (or website of your choice) and then extracting the WAN IP address from the ping results, but the above looks quite elegant.