Here’s a script I wrote that will check the IP address of my FIOS connected firewall, update DNS and IPv6 tunnel settings and send me an email. This script assumes you have control of a DNS server somewhere that has resource records related to your firewall host. I use he.net’s tunnelbroker for my IPv6 tunnel and this script uses their facility to update the tunnel end point configuration and then restarts the tunnel on my side. Details and script are below.

First the script defines some variables. Note that CURRENTIP grabs the IP address from eth0. If your Internet facing interface is different you will need to change that line as appropriate.

1
2
3
4
5
6
7

#!/bin/bash
#
# Matt's IP change checker, DNS updater, he.net tunnel endpoint updater, etc, etc.
#
# Local Vars:
CURRENTIP=`/sbin/ifconfig eth0 | /bin/awk '/inet addr/ { sub(/inet addr:/, ""); print$1}'`
LASTIP=`/bin/cat /var/tmp/lastip`

Here are some variables for updating the he.net tunnel settings. I got this information from http://ipv6.he.net/certification/faq.php he.net’s tunnelbroker service is awesome! Thanks he.net! Be aware that MD5HASH != MD5SUM in this instance.

1
2
3
4
5

# Vars for he.net tunnel setup
IPV4ADDR="$CURRENTIP"
MD5PASS="YOURMD5HASHEDPASSWORDGOESHERE"
USERID="YOURHENETUSERIDGOESHERE"
GTUNID="TUNNELID"

Now we compare the CURRENTIP to LASTIP. If they are the same then the script exits.

1
2

if [ "$CURRENTIP" = "$LASTIP" ]; then
        exit

If they are different the script does a bunch of stuff starting re-running my firewall script. I use a custom iptables script that is probably not very useful to most people but I can provide it if people are interested in how I do stuff. Next the script restarts openvpn. I have some static openvpn tunnels and they need to be restarted when my IP address changes. Next the script updates DNS. In order for this to work your name server must allow dynamic updates and you should secure the transaction using keys. This is all pretty straight forward using BIND so I’m not going to get into how to do it here but if you have questions feel free to ask and I’ll help if I can.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

else
# Update the LASTIP tmp file to reflect new IP address      
        echo $CURRENTIP > /var/tmp/lastip
# Re-Run my firewall script so rules use new IP address
        /etc/firewall/v4firewall.sh 
# Restart static openvpn tunnels
        /etc/init.d/openvpn restart
# update planetfoo.org zone with leela's new IP
        /usr/bin/nsupdate -k /PATH/TO/KEY <<EOF
server "Your DNS Server IP address goes here"
zone planetfoo.org
update delete leela.planetfoo.org A
update add leela.planetfoo.org 60 A $CURRENTIP
send
EOF
# update home.planetfoo.org with ns's new IP
        /usr/bin/nsupdate -k PATH/TO/KEY <<EOF
server "Your DNS Server IP address goes here"
zone home.planetfoo.org
update delete ns.home.planetfoo.org A
update add ns.home.planetfoo.org 300 A $CURRENTIP
send
EOF

Next the script updates the IPv6 tunnel configuration with he.net’s tunnelbroker service, restarts the tunnel in order to get IPv6 connectivity working again.

1
2
3
4
5
6
7

# update the he.net tunnel configuration
/usr/bin/curl -k https://ipv4.tunnelbroker.net/ipv4_end.php?ipv4b=$IPV4ADDR\&pass=$MD5PASS\&user_id=$USERID\&tunnel_id=$GTUNID
sleep 5
# Stop the current tunnel
/etc/init.d/ipv6-tunnel stop $LASTIP
sleep 5
/etc/init.d/ipv6-tunnel start $CURRENTIP

The last thing the script does is send an email to my phone letting me know that my IP address has changed. This is kind of a fail safe in case the DNS changes don’t go through or something else happens. At least I have the new IP address.

1
2
3

# Send email to myself with new IPv4 address
echo $CURRENTIP | /bin/mail -s "Leela's IP New IP Address" YOUR_EMAIL_ADDRESS_GOES_HERE
fi

Download Complete Script