It looks like DDNS client in IPfire cannot talk with DDNS based on GnuDIP.
Dynu.com is DDNS that supports several protocols, it understands GnuDIP too.
This could be used for a test… 
Details of GnuDIP protocol
I would like to use DDNS for “freedombox” on IPfire but their free domains are not supported in IPfire core 194.
Freedombox DDNS service has two free domains:
- freedombox.rocks
- fbx.one
Users can create an account at https://ddns.freedombox.org/
I assume that new service has to be added to file “/usr/lib/python3.10/site-packages/ddns/providers.py”.
It seems that “GnuDIP DDNS” protocol is used by other DDNS services too (like DYNU).
Example shell script, this works for ddns.fredombox.org:
#!/bin/sh
# Register current IP
# Refer to: http://gnudip2.sourceforge.net/gnudip-www/latest/gnudip/html/protocol.html
addr="" # IP address, optional; IPv4 only...
#addr="0.0.0.0" # activates OFFLINE mode, not documented
#addr="OFFLINE" # documented way to activate OFFLINE mode
TMP1=/tmp/gnudip1.html
TMP2=/tmp/gnudip2.html
URLBASE="https://ddns.freedombox.org/gnudip/cgi-bin/gdipupdt.cgi"
wget -qO $TMP1 $URLBASE
salt=$(sed -n '/^<meta name="salt"/s/.*content="\(.*\)">/\1/p' $TMP1)
time=$(sed -n '/^<meta name="time"/s/.*content="\(.*\)">/\1/p' $TMP1)
sign=$(sed -n '/^<meta name="sign"/s/.*content="\(.*\)">/\1/p' $TMP1)
user="myhost"
pass="mysecret"
domn="fbx.one"
#domn="freedombox.rocks"
pass=$(echo -n "$(echo -n $pass | md5sum | sed 's, .*,,').$salt" | md5sum | sed 's, .*,,')
case "$addr" in
"OFFLINE")
reqc="1"
URL="$URLBASE?salt=$salt&time=$time&sign=$sign&user=$user&pass=$pass&domn=$domn&reqc=$reqc"
;;
"")
reqc="2"
URL="$URLBASE?salt=$salt&time=$time&sign=$sign&user=$user&pass=$pass&domn=$domn&reqc=$reqc"
;;
*)
reqc="0"
URL="$URLBASE?salt=$salt&time=$time&sign=$sign&user=$user&pass=$pass&domn=$domn&addr=$addr&reqc=$reqc"
;;
esac
wget -qO $TMP2 $URL
if grep -q '^<meta name="retc"' $TMP2; then
exit $(sed -n '/<meta name="retc"/s/.*content="\(.*\)">/\1/p' $TMP2)
else
exit 1
fi
Example shell script, this works for dynu.com:
#!/bin/sh
# Register current IP
# Refer to: http://gnudip2.sourceforge.net/gnudip-www/latest/gnudip/html/protocol.html
addr="" # IP address, optional; IPv4 only...
TMP1=/tmp/gnudip1.html
TMP2=/tmp/gnudip2.html
URLBASE="http://gnudip.dynu.com:8245/gnudip/cgi-bin/gdipupdt.cgi"
URLBASE="https://gnudip.dynu.com/gnudip/cgi-bin/gdipupdt.cgi"
wget -qO $TMP1 $URLBASE
salt=$(sed -n '/^<meta name="salt"/s/.*content="\(.*\)">/\1/p' $TMP1)
time=$(sed -n '/^<meta name="time"/s/.*content="\(.*\)">/\1/p' $TMP1)
sign=$(sed -n '/^<meta name="sign"/s/.*content="\(.*\)">/\1/p' $TMP1)
user="myusername"
pass="mysecret"
domn="myhost.dynu.net"
pass=$(echo -n "$(echo -n $pass | md5sum | sed 's, .*,,').$salt" | md5sum | sed 's, .*,,')
if [ -z "$addr" ]; then
reqc="2"
URL="$URLBASE?salt=$salt&time=$time&sign=$sign&user=$user&pass=$pass&domn=$domn&reqc=$reqc"
else
reqc="0"
URL="$URLBASE?salt=$salt&time=$time&sign=$sign&user=$user&pass=$pass&domn=$domn&addr=$addr&reqc=$reqc"
fi
wget -qO $TMP2 $URL
if grep -q '^<meta name="retc"' $TMP2; then
exit $(sed -n '/<meta name="retc"/s/.*content="\(.*\)">/\1/p' $TMP2)
else
exit 1
fi
I see there is a small difference in the API. “freedombox” API has in domain parameter just domain (fbx.one), without hostname, but dynu.com requires full domain name (myhost.dynu.net).
I assume that GnuDIP API is more secure compared with DYNU API because it encrypts password with MD5 (and salt), that means the secret sent in the URL is always different. The question is if MD5 cipher is strong enough…
The GnuDIP protocol will only transport a salted MD5 value of the password, in a way that is secure against replay attacks.
pass=$(echo -n "$(echo -n $pass | md5sum | sed 's, .*,,').$salt" | md5sum | sed 's, .*,,')
Maybe, that “dyndns.berlin” supports GnuDIP; they have page GnuDIP Web Interface. But their HOWTO page doesn’t describe GnuDIP. They offer several free domains:
- dyndns.berlin
- free-dyndns.org
- free-ddns.de
- free-dyndns.de
- box.frox.eu
It looks like GnuDIP doesn’t support IPv6. IPv6 support is listed in TODO list…
