#!/bin/bash KEY="/opt/ddns-scripts/keys/Kcompanioncu.be.*.key" if [ ! -z ${reason} ]; then echo "var '\$reason' is set. We got called from dhcpcd."; case "$reason" in ROUTERADVERT) IPV6=$(echo $nd1_addr1 | tr "/" "\n" | head -n 1) echo "Updating AAAA record for companioncu.be to $IPV6" echo " update delete companioncu.be. AAAA update delete *.companioncu.be. AAAA update add companioncu.be. 10 AAAA $IPV6 update add *.companioncu.be. 10 AAAA $IPV6 send " | nsupdate -k $KEY ;; *) echo "$reason not relevant for us. Skipping…" esac else #TODO: come up with some sanity-check for pppd # pppd parameters: interface-name tty-device speed local-link-local-address remote-link-local-address ippa‐ram IPV4=$4 echo "Updating A record for companioncu.be to $IPV4" echo " update delete companioncu.be. A update delete *.companioncu.be. A update add companioncu.be. 10 A $IPV4 update add *.companioncu.be. 10 A $IPV4 send " | nsupdate -k $KEY # The firewall resolves the domain to allow internal hosts to access forwarded ports. # This only happens at startup of iptables. Therefore a restart is only useful if the dns got updated. # Otherwise we exit and hope the next forced update will trigger the firewall restart NEXT_WAIT_TIME=0 until [ "$IPV4" = "$(dig companioncu.be A +short)" ]; do echo "Query is not what we expected, waiting" sleep $(( NEXT_WAIT_TIME++ )) if [ $NEXT_WAIT_TIME -eq 10 ]; then echo "TIMED OUT! Refusing to restart firewall because dns-query did not update to new ip ($IPV4) but stayed on old…" exit 0 fi done /etc/init.d/iptables restart fi