Add cloudflare ip lookup. Remove unnecessary feats
Added https:/cloudflare.com/cd-cgi/trace as default ip lookup method. Removed possibility of MiTM attack through dig. Cleaned script of unnecessary check for command existance.
This commit is contained in:
		| @@ -17,27 +17,21 @@ slackuri=""                                        # URI for Slack WebHook "http | |||||||
| ########################################### | ########################################### | ||||||
| ## Check if we have a public IP | ## Check if we have a public IP | ||||||
| ########################################### | ########################################### | ||||||
| # Use curl if curl is installed on the system. | ipv4_regex='([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])' | ||||||
| if [[ $(command -v curl &> /dev/null; echo $?) ]]; then | ip=$(curl -s -4 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip'); ret=$? | ||||||
|     ip=$(curl -s https://cloudflare.com/cdn-cgi/trace | grep -E '^ip' | sed -E 's/^ip=([0-9\.]*)$/\1/' || curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com/) | if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. | ||||||
|  |     # Attempt to get the ip from other websites. | ||||||
|  |     ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) | ||||||
| else | else | ||||||
|     logger -s "Error: 'curl' was not found on your system. Install it with 'sudo apt install curl' in order to use this script" |     # Extract just the ip from the ip line from cloudflare. | ||||||
|     exit 1 |     ip=$(echo $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") | ||||||
| fi | fi | ||||||
|  |  | ||||||
| # Use regex to check for proper IPv4 format. Try using 'dig' if curl requests failed. | # Use regex to check for proper IPv4 format. | ||||||
| ipv4_regex='^([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])$' |  | ||||||
| if [[ ! $ip =~ $ipv4_regex ]]; then |  | ||||||
|     logger -s "Warning: Neither 'cloudflare.com', 'api.ipify.org' nor 'ipv4.icanhazip.com' were able to obtain your ip-address. Trying to use less secure DNS lookup on 'myip.opendns.com' through 'dig' instead." |  | ||||||
|     if [[ $(command -v dig &> /dev/null; echo $?) ]]; then |  | ||||||
|         ip=$(dig +short myip.opendns.com @resolver1.opendns.com) |  | ||||||
|     fi |  | ||||||
|     # Also sanitize the 'dig' output through the same regex as before. |  | ||||||
| if [[ ! $ip =~ $ipv4_regex ]]; then | if [[ ! $ip =~ $ipv4_regex ]]; then | ||||||
|     logger -s "DDNS Updater: Failed to find a valid IP." |     logger -s "DDNS Updater: Failed to find a valid IP." | ||||||
|     exit 2 |     exit 2 | ||||||
| fi | fi | ||||||
| fi |  | ||||||
|  |  | ||||||
| ########################################### | ########################################### | ||||||
| ## Check and set the proper auth header | ## Check and set the proper auth header | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user