Services

Hello,

I can update my IP on DynDNS, it says something like "malformed-cache" and it's impossible for me to fix it.  I've rebooted the firewall and even I've tried to remove the ez-ipupdate.cache file using "exec.php", but nothing seems to work!!!

What can I do ?

Please help

PD:  I dont read this forum a lot, so if you would also reply to juan.fco.rodriguez@gmail.com it would be great, thanks.

Hi again,

The thing is working if I remove a NAT inbound rule that was mapping all TCP/UDP packets between
ports 1024 to 65535 to an internal machine.

I've experienced a lot of problems with this NAT rule.  I want to redirect all the incoming packets to this internal machine, creating something that I used to name asl a "DMZ machine".  I have read the monowall documentation and I dont quite catch how can you implement what I want to do without this inbound rule.

Besides, I think that this could be made to work properly. I mean, when I define an inbound rule from 1024 to 65535, I dont want to redirect the connections/packets sent by monowall, I want only to accept inbound connections, so a rule like mine should not create any interference with the services monowall uses, which should take precedence to work properly.... Im not sure if you understand what I am saying, please ask more concrete questions and I will be delighted o try to elaborate more.

Thanks

The malformed cache message is normal, that means it's never been updated previously and hence doesn't have a cache. Changing port forwards has no effect on dyndns.

If you want to be notified by email of replies, check the "Notify me of replies" box under "additional options" when you post.

Well, port forwarding do have very bad effects on dyndns and captive portal, as I've been
experiencing in my soekris 4500.  I can give you login/password into my firewall if you
want to test it, but I swear something goes crazy if you port forward 1024 - 65535 UDP/TCP
ports to an internal machine.  Captive portal and DynDNS do stop working.

Are you saying ports 1024 _through_ 65535 or some ports within that range?

Yes, if you forward the whole range to an inbound machine dyndns will fail because responses to the request for your own publicly available IP will never return if they are mapped to an internal machine.

I forget which ports dyndns uses but it is in the upper range.

And my question is... why don't you modify this behaviour ? I see it quite easy, any package
created by any monowall's application must come back to monowall, and any other packet
which is forwarded betwen interfaces should follow the inbound NAT rules.

How can I create a DMZ machine without forwarding all the ports ?

I'm also have a problem with ZoneEdit updates. However, I don't have any inbound NAT  rules and I do have valid DNS servers set. This is the first time I have tried using this particular M0n0wall feature so I wondering if it is know to work or If I'm just missing something simple. My goal was to eventually use the PPTP server on my M0n0wall.

System Log:
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: shuting down updater for www.area52net.com due to fatal error
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: failure to update ng0->70.132.21.111 (www.area52net.com)
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: malformed cache file: /var/db/ez-ipupdate.cache
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: /usr/local/bin/ez-ipupdate started for interface ng0 host www.area52net.com using server www.zoneedit.com and service zoneedit
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: ez-ipupdate Version 3.0.11b8, Copyright (C) 1998-2001 Angus Mackay.

Looking a little deeper with status.php I find:
ez-ipupdate.cache
cat: /conf/ez-ipupdate.cache: No such file or directory

Config:
 <dyndns>
        <type>zoneedit</type>
        <username>MyActualZoneEditLoginName</username>
        <password>xxxxx</password>
        <host>www.area52net.com</host>
        <mx/>
        <server/>
        <port/>
        <enable/>
    </dyndns>
    <dnsupdate>
        <host/>
        <ttl>60</ttl>
        <keyname/>
        <keydata/>
    </dnsupdate>
...

In reading the the post from  "cmb" I have to ask if "The malformed cache message is normal,.." then why does the service exit? Also, how will the cache ever become populated if the service exists at startup?

It won't exit because of a missing cache file, it's supposed to continue and create one. Never had a problem with DynDNS that wasn't missing DNS servers or wrong info on the DynDNS page, don't know what to tell you other than verify your DNS and configuration.

May 28 15:56:08    /usr/local/bin/ez-ipupdate[418]: shuting down updater for xxxx due to fatal error
May 28 15:56:08    /usr/local/bin/ez-ipupdate[418]: failure to update sis1->xx.xxx.xxx.xx (xxxx)
May 28 15:56:03    /usr/local/bin/ez-ipupdate[418]: malformed cache file: /var/db/ez-ipupdate.cache
May 28 15:56:03    /usr/local/bin/ez-ipupdate[418]: /usr/local/bin/ez-ipupdate started for interface sis1 host xxxx using server members.dyndns.org and service dyndns
May 28 15:56:03    /usr/local/bin/ez-ipupdate[418]: ez-ipupdate Version 3.0.11b8, Copyright (C) 1998-2001 Angus Mackay.

I'm getting the same error ;( It just appeared out of no where? I haven't touched my config in ages.

I'm also have a problem with ZoneEdit updates.
...
May 7 05:42:26    /usr/local/bin/ez-ipupdate[382]: /usr/local/bin/ez-ipupdate started for interface ng0 host www.area52net.com using server www.zoneedit.com and service zoneedit

I have never had any problem with zoneedit, but I read somewhere that you should set the server to...
Server: dynamic.zoneedit.com

...instead of the m0n0 default "www.zoneedit.com"

Maybe m0n0wall should change the default server for zoneedit.

Lonnie