routeros/pfsense利用dnspod实现Ddns

最近花生壳莫名其妙挂了，看了一下是要实名认证。以前我也想过用顶级域名来做动态域名，又好记，我用的是NameSilo的域名，API倒是简单的http GET，但是，解析速度是真的慢，常常改了解析，要半天才更新到本地。之前公司里也用过DnsPod的服务，但是这个域名本来想着避免麻烦，不想和国内服务商有啥牵连，现在想来我也不干啥，这回趁此机会，把解析服务器转回国内。用得爽才是真的。

routeros的脚本反正大概就这一句：

/tool fetch http-method=post http-data="login_token=ID,token&format=json&domain_id=123456&record_id=123456&record_line_id=10%3D0&sub_domain=www&value=123.123.123.123" url="https://dnsapi.cn/Record.Ddns"/tool fetch http-method=post http-data="login_token=ID,token&format=json&domain_id=123456&record_id=123456&record_line_id=10%3D0&sub_domain=www&value=123.123.123.123" url="https://dnsapi.cn/Record.Ddns"

/tool fetch http-method=post http-data="login_token=ID,token&format=json&domain_id=123456&record_id=123456&record_line_id=10%3D0&sub_domain=www&value=123.123.123.123" url="https://dnsapi.cn/Record.Ddns"/tool fetch http-method=post http-data="login_token=ID,token&format=json&domain_id=123456&record_id=123456&record_line_id=10%3D0&sub_domain=www&value=123.123.123.123" url="https://dnsapi.cn/Record.Ddns"

其中ID和token密钥是在账户设置里面添加API密钥。这玩意只在添加成功后显示一次，记得保存，当然也可以删了重建密钥。domain_id在域名点进去，再点设置就能看见了。record_id复杂一点，我是用接口用http POST去获取。windows下就用

curl -Method 'POST' -Uri "https://dnsapi.cn/Record.List" -Body 'login_token=123456,23fjklefjl34j3lkjfnlw&format=json&domain_id=123456'

1	curl -Method 'POST' -Uri "https://dnsapi.cn/Record.List" -Body 'login_token=123456,23fjklefjl34j3lkjfnlw&format=json&domain_id=123456'

Linux下就用

curl -X 'POST' -d "login_token=123456,23fjklefjl34j3lkjfnlw&format=json&domain_id=123456" https://dnsapi.cn/Record.Ddns

1	curl -X 'POST' -d "login_token=123456,23fjklefjl34j3lkjfnlw&format=json&domain_id=123456" https://dnsapi.cn/Record.Ddns

然后子域名和IP，IP可以用脚本获取。这个和花生壳没有什么两样，花生壳因为不稳定，我还搞了一堆条件和循环。这个就简单了：

:local localip [/ip address get [/ip address find interface=<strong>pppoe-out1</strong>] address];
:local remoteip;
:set localip [:pick $localip 0 ([len $localip] -3)];
:set remoteip [:resolve www.163.com];
:if ($localip != $remoteip) do={
/tool fetch http-method=post http-data="login_token=123456,3lkh3rlfkjlk33lkj&format=json&domain_id=123456&record_id=123465&record_line_id=10%3D0&sub_domain=www&value=$localip" url="https://dnsapi.cn/Record.Ddns" keep-result=no;
}

:local localip [/ip address get [/ip address find interface=<strong>pppoe-out1</strong>] address];

:local remoteip;

:set localip [:pick $localip 0 ([len $localip] -3)];

:set remoteip [:resolve www.163.com];

:if ($localip != $remoteip) do={

/tool fetch http-method=post http-data="login_token=123456,3lkh3rlfkjlk33lkj&format=json&domain_id=123456&record_id=123465&record_line_id=10%3D0&sub_domain=www&value=$localip" url="https://dnsapi.cn/Record.Ddns" keep-result=no;

}

下面是pfsense，稍微麻烦一点，因为Dynamic DNS里面好像只能用GET方法，所以要用到shell和脚本。先把SSH给开了，进去后随便找个地方建个脚本，然后添加到crontab就行了。

#!/bin/sh
localip=$(ifconfig pppoe0 | grep "inet " | awk '{print $2}')
remoteip=$(nslookup www.163.com | awk 'NR==6{print $2}')
if [ $localip != $remoteip ]; then
curl -X 'POST' -d "login_token=123456,3lkh3rlfkjlk33lkj&format=json&domain_id=123456&record_id=123465&record_line_id=10%3D0&sub_domain=www&value=$localip" https://dnsapi.cn/Record.Ddns >/dev/null
fi

#!/bin/sh

localip=$(ifconfig pppoe0 | grep "inet " | awk '{print $2}')

remoteip=$(nslookup www.163.com | awk 'NR==6{print $2}')

if [ $localip != $remoteip ]; then

curl -X 'POST' -d "login_token=123456,3lkh3rlfkjlk33lkj&format=json&domain_id=123456&record_id=123465&record_line_id=10%3D0&sub_domain=www&value=$localip" https://dnsapi.cn/Record.Ddns >/dev/null