Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Picking up computer's ip address after redial
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
thauer
n00b
n00b


Joined: 28 Aug 2004
Posts: 22
Location: Switzerland

PostPosted: Wed Sep 15, 2004 10:58 pm    Post subject: Picking up computer's ip address after redial Reply with quote

I have struggled with this for a long time. I need to log in to my home machine from work. Easy, but my home computer is on a dialup (ADSL) line without a fixed IP address. Thus when the line is dropped (once a day or so), the machine disappears behind a dynamically assigned new IP address upon redial which I won't see until I get to the computer physically.

So this is what I do:

My home computer "pings" my work computer every ten minutes:
Code:
localhost root $ crontab -l
*/10 * * * * /usr/bin/curl myhost.atwork.com:44444 --connect-timeout 1 >/dev/null 2>&1


On my work computer I have a firewall (iptables) running with a chain called "HOMEGATE" which has three rules, the first lets me through from "home", the second logs the "ping" (see above) and the third simply forwards into the real firewall chain. INPUT and FORWARD are all going to HOMEGATE. Notice that as long as the ip address of home is valid, the pings never reach the second rule, they are accepted by the first (and then dropped because there is no service there obviously)

Code:
$ cat /etc/hosts
127.0.0.1       localhost
111.111.111.111 home
$ iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    HOMEGATE   all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    HOMEGATE   all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain HOMEGATE (2 references)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  home                 anywhere
2    LOG        tcp  --  anywhere             anywhere            tcp dpt:44444 LOG level warning prefix `REPORTINGHOMEIP'
3    MYFIREWALL  all  --  anywhere             anywhere

Chain MYFIREWALL (1 references)
num  target     prot opt source               destination
[...]
6    REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited


Allright, we captured the change of the IP address, now we need to process the log message. metalog is my friend:
Code:
$ cat /etc/metalog/metalog.conf
[...]
Home IP logging :

  regex    = "REPORTINGHOMEIP"
  command  = "/usr/local/sbin/gethomeip.sh"
[...]
$ cat /usr/local/sbin/gethomeip.sh
#!/bin/bash
# Extract IP address from the log message:
homeip=`echo $* | sed 's/.*SRC=\([^ ]\+\) .*/\1/'`
# Patch /etc/hosts:
sed -i -e "s/.* home/"$homeip" home/" /etc/hosts
# Patch (the running) iptables
iptables -R HOMEGATE 1 -j ACCEPT -p tcp -s home

That's it. In summary:
    Home computer pings every ten minutes to port 44444
    Work computer's firewall ignores 44444 as long as it is coming from what is currently known as home computer
    When the IP address of my home computer changes, the logging does happen and metalog calls a script
    The script updates /etc/hosts and the running firewall
    ssh thauer@home works again!
Back to top
View user's profile Send private message
tminos
n00b
n00b


Joined: 10 Apr 2002
Posts: 25
Location: California

PostPosted: Thu Sep 16, 2004 3:28 am    Post subject: Reply with quote

Why not just use something like dyndns.org ... ?
Back to top
View user's profile Send private message
thauer
n00b
n00b


Joined: 28 Aug 2004
Posts: 22
Location: Switzerland

PostPosted: Thu Sep 16, 2004 7:06 am    Post subject: Reply with quote

tminos wrote:
Why not just use something like dyndns.org ... ?


For one, I did not know about it. Thanks, this is a great forum!

Two more things in my defense:

I actually liked my solution, maybe pieces can be useful for something related after all: it shows a little bit of how iptables can be used for non-default things and I just learned how to use metalog...

There is one thing which the dyndns service does not do for me: updating my iptables rules on my non-home machine. I have strict firewall rules on that computer which do not allow generic access, but accepts connections from my home machine. Given that iptables stores the rules with ip-addresses, the table gets broken when my home machine gets assigned a new ip address.
Back to top
View user's profile Send private message
giftnudel
n00b
n00b


Joined: 04 Nov 2003
Posts: 20

PostPosted: Thu Sep 16, 2004 8:55 am    Post subject: Reply with quote

Hi,

but you do realize, that if one finds out your port, he might get full access to your pc?

Otherwise this is a very interesting solution :D

giftnudel
Back to top
View user's profile Send private message
venkat200
n00b
n00b


Joined: 14 Sep 2009
Posts: 1

PostPosted: Mon Sep 14, 2009 6:54 am    Post subject: Ip-address Details Reply with quote

In this site http://www.ip-details.com/domain-host-search/ you can easily check out the Ip-address of any website & i checked out there
Back to top
View user's profile Send private message
depontius
Advocate
Advocate


Joined: 05 May 2004
Posts: 3509

PostPosted: Mon Dec 07, 2009 5:13 pm    Post subject: Reply with quote

There's another option here. You don't have to poll - dhcp has provisions to call your own script, so this can be event-driven. To be honest, I'm running dhcpcd-3.X, so anything I can tell you is hopelessly obsolete. I masked >=dhcpcd-4.X until I could learn how to replace my dhcpcd-3.X scripts. I never got around to it, and I believe I've heard that dhcpcd-5.X is going to do it differently, so I'm hoping to skip dhcpcd-4.X entirely.

With dhcpcd-3.X I was able to specify an executable with this line in /etc/conf.d/net :
Code:
dhcpcd_eth0="-h myName -R -c /usr/local/sbin/dhcpcd.sh"

Whenever dhcpcd did anything significant it would call my dhcpcd.sh with a few arguments, which I could parse and do what was needed.

I'm under the impression that this same type of capability is still in place in newer versions, just implemented differently.
_________________
.sigs waste space and bandwidth
Back to top
View user's profile Send private message
MacGyver031
Tux's lil' helper
Tux's lil' helper


Joined: 11 Jul 2004
Posts: 141
Location: Ilavalai, Sri Lanka

PostPosted: Wed Oct 31, 2012 9:16 am    Post subject: Reply with quote

I have net-misc/dhcpcd-5.6.2 on my systems. This has hooks which can be programmed easily. Everytime there is a change in dhcp-process, the files in dhcp-hooks are executed. So you could do the following:

/lib/dhcpcd/dhcp-hooks/50-update_remotesys
Code:

# BOUND:
#       binding to a new adress has been done.
#       $new_ip_address
#       $new_subnet_mask
#       $interface
#       $media
# RENEW:
#       renewing a binding
#       $new_ip_address, $old_ip_address
#       ....
# REBIND:
#       same as RENEW, except ARP tables are cleared
# REBOOT:
#       got the same address after sys-reboot, same as bound
# TIMEOUT:
#       
# EXPIRE:
#       giving up IP-address.
# IPVLL
# FAIL:
#       Unable to contact dhcp-server, handling as same as EXPIRE
# PREINIT|CARRIER

if [ $interface == "eth0" ]; then
 case "${reason}" in
  BOUND|RENEW|REBIND)
   # THESE BASH COMMANDS WILL BE EXECUTED AFTER SUCCESSFULLY OBTAINING IP.
   # Variable $new_ip_address has the newly obtained IP.
  ;;

  EXPIRE|FAIL|STOP|TIMEOUT)
   logger "Unable to obtain new IP. Retrying later."
  ;;

 esac
fi

_________________
Sincerely your
Joanand K.

MacBook Pro 5.1: 2.4GHz Core2 Duo, 4096MB, 500GB, NVidia 9400/9600 M GT
Gentoo, Kernel 3.4.9, XOrg, Fluxbox.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum