Search Results for os x server 3 2 2

20分钟搭建一个自用的DDNS服务

08年的时候，在学校，花了点时间做了个ddns服务，不知道现在是否还活着，ddns.bitunion.org。当时的方案，powerdns + mysql + php ui，php ui是自己做的，简单地做了个校内邮箱的校验，使用了个简单的token机制来更新记录。这回，有个需求是需要做一个ttl < 10的ddns服务，之前所有域名都在dns.he.net上，最小ttl限制到了300，这样以来，更新的延迟特定场景下不够用。自用DDNS的需求里，域名不会被广泛知晓并使用，否则NS服务器的压力会是个问题。方案还是一样，powerdns + mysql，写了个最简单的http接口页面给ddclient用。服务器是 ubuntu 17.04，公网IP 1.2.3.4. 目标域名 xxx.ddns.sskaje.me 安装软件按下列命令安装必备软件，全默认

apt install  pdns-server pdns-tools pdns-backend-mysql

1	apt install pdns-server pdns-tools pdns-backend-mysql

配置powerdns 考虑到现在的linux服务器，本地53端口经常被占用，所以需要修改 /etc/powerdns/pdns.conf，指定监听的IP

local-address=1.2.3.4

1	local-address=1.2.3.4

配置zone和records 在sskaje.me的域名服务器上，添加NS记录 ddns.sskaje.me，指向IP 1.2.3.4。考虑到未来可能改IP，可以加一个A记录 ddns1.sskaje.me，指向 1.2.3.4，这样ddns.sskaje.me的NS设置成 ddns1.sskaje.me。创建zone

# pdnsutil create-zone ddns.sskaje.me
Jul 16 08:59:55 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
Creating empty zone 'ddns.sskaje.me'

# pdnsutil create-zone ddns.sskaje.me

Jul 16 08:59:55 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed

Creating empty zone 'ddns.sskaje.me'

更正SOA记录

# pdnsutil add-record ddns.sskaje.me @  SOA 2592000 "dns.sskaje.me. dns.sskaje.me. 1 10800 3600 604800 3600"
Jul 16 09:13:47 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
New rrset:
ddns.sskaje.me. IN SOA 3600 a.misconfigured.powerdns.server hostmaster.ddns.sskaje.me 1 10800 3600 604800 3600
ddns.sskaje.me. IN SOA 2592000 dns.sskaje.me dns.sskaje.me 1 10800 3600 604800 3600

# pdnsutil add-record ddns.sskaje.me @ SOA 2592000 "dns.sskaje.me. dns.sskaje.me. 1 10800 3600 604800 3600"

Jul 16 09:13:47 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed

New rrset:

ddns.sskaje.me. IN SOA 3600 a.misconfigured.powerdns.server hostmaster.ddns.sskaje.me 1 10800 3600 604800 3600

ddns.sskaje.me. IN SOA 2592000 dns.sskaje.me dns.sskaje.me 1 10800 3600 604800 3600

添加 xxx.ddns.sskaje.me，设置ttl=10

# pdnsutil add-record ddns.sskaje.me xxx A 10 127.0.0.1
Jul 16 09:14:55 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
New rrset:
xxx.ddns.sskaje.me. IN A 10 127.0.0.1

# pdnsutil add-record ddns.sskaje.me xxx A 10 127.0.0.1

Jul 16 09:14:55 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed

New rrset:

xxx.ddns.sskaje.me. IN A 10 127.0.0.1

简单的更新脚本 DynDNS的更新接口参数类似：

/nic/update?system=dyndns&hostname=xxx.ddns.sskaje.me&myip=4.3.2.1

1	/nic/update?system=dyndns&hostname=xxx.ddns.sskaje.me&myip=4.3.2.1

认证使用 http basic auth 完成的。所以一个简单的服务端脚本

<?php

$auth = [
    'xxx.ddns.sskaje.me' =>  'This.15.p4ssw0rd',
];


if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
    die('badauth');
}

if (!isset($auth[$_SERVER['PHP_AUTH_USER']])) {
    die('badauth');
}

if ($auth[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']) {
    die('badauth');
}

if (!isset($_GET['hostname'])) {
    die('badauth');
}

if ($_GET['hostname'] != $_SERVER['PHP_AUTH_USER']) {
    die('badauth');
}

$db = new mysqli('localhost', 'root', '123123123', 'pdns');
$db->set_charset('utf8');
try {
    $db->autocommit(0);

    $result = $db->query("SELECT * FROM records WHERE name='{$_SERVER['PHP_AUTH_USER']}' FOR UPDATE ");

    if (!$result->num_rows) {
        throw new Exception('nohost');
    }

    $record = $result->fetch_assoc();
    if ($record['type'] != 'A') {
        throw new Exception('nohost');
    }

    if (!isset($_GET['myip'])) {
        $ip = get_client_ip();
    } else {
        $ip = long2ip(ip2long($_GET['myip']));
    }

    if ($ip == $record['content']) {
        throw new Exception('nochg');
    }

    $db->query("UPDATE records SET content='{$ip}' WHERE id={$record['id']}");

    $db->commit();

    echo "good {$ip}\n";

} catch (Exception $e) {
    $db->rollback();

    echo $e->getMessage() . "\n";
} finally {
    $db->close();
}

function get_client_ip()
{
    if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
        return $_SERVER['HTTP_CF_CONNECTING_IP'];
    }

    return $_SERVER['REMOTE_ADDR'];
}

<?php

$auth = [

'xxx.ddns.sskaje.me' => 'This.15.p4ssw0rd',

];

if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {

die('badauth');

}

if (!isset($auth[$_SERVER['PHP_AUTH_USER']])) {

die('badauth');

}

if ($auth[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']) {

die('badauth');

}

if (!isset($_GET['hostname'])) {

die('badauth');

}

if ($_GET['hostname'] != $_SERVER['PHP_AUTH_USER']) {

die('badauth');

}

$db = new mysqli('localhost', 'root', '123123123', 'pdns');

$db->set_charset('utf8');

try {

$db->autocommit(0);

$result = $db->query("SELECT * FROM records WHERE name='{$_SERVER['PHP_AUTH_USER']}' FOR UPDATE ");

if (!$result->num_rows) {

throw new Exception('nohost');

}

$record = $result->fetch_assoc();

if ($record['type'] != 'A') {

throw new Exception('nohost');

}

if (!isset($_GET['myip'])) {

$ip = get_client_ip();

} else {

$ip = long2ip(ip2long($_GET['myip']));

}

if ($ip == $record['content']) {

throw new Exception('nochg');

}

$db->query("UPDATE records SET content='{$ip}' WHERE id={$record['id']}");

$db->commit();

echo "good {$ip}\n";

} catch (Exception $e) {

$db->rollback();

echo $e->getMessage() . "\n";

} finally {

$db->close();

}

function get_client_ip()

{

if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {

return $_SERVER['HTTP_CF_CONNECTING_IP'];

}

return $_SERVER['REMOTE_ADDR'];

}

Incoming search terms:powerdns … Continue reading “20分钟搭建一个自用的DDNS服务”

SoftEther Error 13 with HAProxy or SNIProxy

I set up an HAProxy (also tried SNIProxy) on my EdgeRouter, sharing port 443 for internal port forwarding and SoftEther Server on Router. When I connect to port 443 from another SoftEther Server, I got a Timeout error, my error message was in Simplified Chinese on my Windows box, I googled and found other ppl … Continue reading “SoftEther Error 13 with HAProxy or SNIProxy”

Virtualize macOS Sierra on Ubuntu (Vmware)

I need to run something on macOS, but I don’t have any dedicated Mac devices running as server/workstation. This is a simple tutorial running macOS VM on Ubuntu with VMware workstation server. Environment VMware Fusion 8.5.3 macOS Sierra Ubuntu Server 16.04 VMware workstation server 12.5.2 Incoming search terms:https://sskaje me/2016/12/virtualize-macos-sierra-ubuntu-vmware/Ubuntu vmware macvirtualize macos sierravmware ubuntu osxLink … Continue reading “Virtualize macOS Sierra on Ubuntu (Vmware)”

DNSMASQ Send Different DHCP Options by Hosts

I choose DNSMASQ as DHCP server, and I want to push different ‘router’ setting to clients. DNSMASQ supports tagging on hosts/ip ranges/subnets, I tag my mac address (with static ip-mac binding) as ‘prx’ and set ‘option:router’ to 192.168.1.20 if tag matches ‘prx’. Here is my configuration:

# default dhcp range
dhcp-range=192.168.1.100,192.168.1.199,12h

# default router and dns-server options
dhcp-option=option:router,192.168.1.1
dhcp-option=6,192.168.1.1

# bind 00:11:22:33:44:55 to 192.168.1.50, named as 'sskaje', tagged as 'prx'
dhcp-host=00:11:22:33:44:55,192.168.1.50,sskaje,set:prx

# sed hosts tagged as 'prx' default router to 192.168.1.20
dhcp-option=tag:prx,option:router,192.168.1.20

# default dhcp range

dhcp-range=192.168.1.100,192.168.1.199,12h

# default router and dns-server options

dhcp-option=option:router,192.168.1.1

dhcp-option=6,192.168.1.1

# bind 00:11:22:33:44:55 to 192.168.1.50, named as 'sskaje', tagged as 'prx'

dhcp-host=00:11:22:33:44:55,192.168.1.50,sskaje,set:prx

# sed hosts tagged as 'prx' default router to 192.168.1.20

dhcp-option=tag:prx,option:router,192.168.1.20

Incoming search terms:merlin dnsmasq option6Link to this post!

Set up dante-server on Ubuntu

I use ssh -D as SOCKS5 server at my VPS, and an dNAT is used to map local port to internal port on my VPS. But Firefox+FoxyProxy usually get a connection closed while curl –socks5 works well. I don’t try to dig on this, but replaced ssh -D with a standalone socks5 server, dante-server, on … Continue reading “Set up dante-server on Ubuntu”