Floke/Brancheneinstufung2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docs: Add FritzBox Rebind Protection & Client Troubleshooting guides.

Browse Source 
- Updated 'duckdns_setup.md' with critical instructions for configuring FritzBox DNS Rebind Protection to enable internal access (NAT Loopback).
- Added steps for clearing client-side DNS cache (Windows).
- Included Cloudflare DNS switch in documentation reflecting recent monitor script changes.
This commit is contained in:
Floke
2026-01-06 13:19:32 +00:00
parent b0e727f3ee
commit f2394e322f
2 changed files with 68 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
dns-monitor/monitor.sh
View File

@@ -1,31 +1,24 @@
#!/bin/sh
# Ensure dependencies are installed
# We check for 'dig' specifically. If missing, we try to install bind-tools.
if ! command -v dig >/dev/null 2>&1; then
echo "[DNS-MONITOR] 'dig' not found. Installing bind-tools..."
if apk add --no-cache bind-tools; then
echo "[DNS-MONITOR] bind-tools installed successfully."
else
echo "[DNS-MONITOR] ERROR: Failed to install bind-tools. Check internet connection or repo mirrors."
fi
fi
# DNS-Monitor v2.0 - Optimized for Synology/Docker stability
# Monitoring: Public IP vs. Cloudflare DNS (1.1.1.1)
# Ensure curl is installed (though it seems to be present based on logs)
# Ensure dependencies
if ! command -v dig >/dev/null 2>&1; then
apk add --no-cache bind-tools
fi
if ! command -v curl >/dev/null 2>&1; then
echo "[DNS-MONITOR] 'curl' not found. Installing curl..."
apk add --no-cache curl
fi
echo "[DNS-MONITOR] Service started. Monitoring $SUBDOMAINS every 5 minutes..."
echo "[DNS-MONITOR] Service started. Monitoring $SUBDOMAINS via Cloudflare (1.1.1.1)"
while true; do
# 1. Fetch Public IP (via external service)
# We use -4 to force IPv4
PUBLIC_IP=$(curl -s -4 -m 10 https://api.ipify.org)
# 1. Fetch Public IP
PUBLIC_IP=$(curl -s -4 -m 15 https://api.ipify.org)
if [ -z "$PUBLIC_IP" ]; then
PUBLIC_IP="Error: Could not fetch IP"
PUBLIC_IP="Error: Public IP fetch failed"
fi
# Get the first subdomain to check
@@ -36,34 +29,32 @@ while true; do
else
FULL_DOMAIN="${FIRST_SUB}.duckdns.org"
# 2. Resolve Global IP (Google DNS @8.8.8.8) to check propagation
# We look for the A record (IPv4)
if command -v dig >/dev/null 2>&1; then
GLOBAL_IP=$(dig @8.8.8.8 +short A "$FULL_DOMAIN" | head -n 1)
LOCAL_IP=$(dig +short A "$FULL_DOMAIN" | head -n 1)
else
GLOBAL_IP="Error: dig missing"
LOCAL_IP="Error: dig missing"
fi
# 2. Resolve Global IP (Cloudflare 1.1.1.1)
# Using +time and +tries for high reliability on shaky connections
GLOBAL_IP=$(dig @1.1.1.1 +short +time=8 +tries=3 A "$FULL_DOMAIN" | head -n 1)
# 3. Resolve Local IP (Internal Docker/Host DNS)
# This checks if the local cache is still stuck
LOCAL_IP=$(dig +short +time=8 +tries=3 A "$FULL_DOMAIN" | head -n 1)
if [ -z "$GLOBAL_IP" ]; then GLOBAL_IP="Unresolved"; fi
if [ -z "$LOCAL_IP" ]; then LOCAL_IP="Unresolved"; fi
TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')
# Logic to determine status
STATUS="OK"
if [ "$PUBLIC_IP" != "$GLOBAL_IP" ]; then
STATUS="ALERT"
elif [ "$PUBLIC_IP" != "$LOCAL_IP" ]; then
# If Global is correct but Local is wrong, it's a local caching issue, still an alert but specific
STATUS="CACHE_ALERT"
# Status Logic
if [ "$PUBLIC_IP" = "$GLOBAL_IP" ]; then
STATUS="OK"
elif [ "$GLOBAL_IP" = "Unresolved" ]; then
STATUS="NETWORK_WAIT" # Network or DNS provider issue, not necessarily DuckDNS
else
STATUS="ALERT" # Public IP != Global IP (DuckDNS update missing or zombie active)
fi
# Log format: Time | Status | Public vs Global vs Local
echo "[$TIMESTAMP] [DNS-MONITOR] $STATUS | Public: $PUBLIC_IP | Global(8.8.8.8): $GLOBAL_IP | Local: $LOCAL_IP"
# Log entry
echo "[$TIMESTAMP] [$STATUS] Pub: $PUBLIC_IP | CF: $GLOBAL_IP | Loc: $LOCAL_IP"
fi
# Check every 5 minutes
sleep 300
done
done