I don’t know if you’re aware but, there’s porn on the Internet. Lot’s of it. I mean, like, a lot lot. As a father of three, one of whom is entering her teenage years, it was time for me to revisit some DNS filtering using OpenDNS. Sure, I could chain proxy servers on my network and use Dan’s Guardian to help block content but, OpenDNS is just so damned easy to implement and, despite their recent acquisition by Cisco, they’ve done a lot to improve the way we use the web. In other words, I’ve been paying for their Home VIP service for years and intermittently actually implementing it. Recently, I decided to go active with it again.
To use the service is ridiculously easy. Just set up an account (preferably a paid one, support what you use, right?) and point your router at their DNS servers. Easy. Peasy. However, most of us aren’t paying for static IP addresses from our ISP and therefore, our external address can change from once every few months to several times a day. Since it’s our own external IP address that we associate with our OpenDNS account, it’s important that you update their servers when ever our dynamic address changes. If you have either a Windows box or Mac it’s a breeze to install the available IP address updater client thing but, not all of us use those operating systems. No judgement.*
So what’s a Linux family to do? Easy, just install the incredibly lightweight ddclient software (really just a Perl script) on your Linux machine that you leave up full time. For me, this is no big deal. I have a whole slew of Linux servers running all the time. Each of them with more than enough resources to add a simple little script/daemon on. With that said, I wanted to geek this task out a bit and decided to run ddclient on one of my Raspberry Pi devices. I already have a RasPi 1 B+ running Squeezeslave (software that acts as a client device to play music from the Logitech Media Server that currently runs on my Synology NAS) that, frankly, isn’t breaking enough of a sweat. So I decided to add the OpenDNS updater/ddclient software on it and let it work it’s magic. Instructions are here. In order to install, you could likely just use your distro’s package system (apt, yum, pacman, etc.), though. For me, running Raspian (Debian Wheezy), I just run sudo apt-get install ddclient and then walk through the installer. The installer won’t have options to add OpenDNS credentials but, don’t fret. We can make short work of that. Instead, I entered my DynDNS credentials (different service, maybe another blog post) with no intention of actually using them in the ddclient software. Instead, once the install is complete, I just open the config file (sudo nano /etc/ddclient.conf), remove the erroneous account and put in the following…
# Configuration file for ddclient generated by debconf
login=OPENDNS ACCOUNT EMAIL ADDRESS
NAME OF OPENDNS NETWORK
Now, note that 1) you’ll need to enter the email account associated with your account, 2) your password must be enclosed in single quotes (‘) and 3) the network you assign in the last name can’t have spaces in it and 4) your OpenDNS account must be set up for dynamic updates through the advanced tab. If, like me, you choose the daemon option (in my case, set to a 900 second or 15 minute interval), you’ll also need to open /etc/default/ddclient and enter similar to…
# Configuration for ddclient scripts
# generated from debconf on Mon Aug 24 19:04:49 MDT 2015
# Set to “true” if ddclient should be run every time a new ppp connection is
# established. This might be useful, if you are using dial-on-demand.
# Set to “true” if ddclient should run in daemon mode
# If this is changed to true, run_ipup must be set to false.
# Set the time interval between the updates of the dynamic DNS name in seconds.
# This option only takes effect if the ddclient runs in daemon mode.
…and then restart the software by running sudo /etc/init.d/ddclient restart. That’s it. You now have an OpenDNS updater running that will update your account with your dynamic, external IP address every fifteen minutes. Super easy and just another way to eak some utility out of something as simple as a Raspberry Pi or other linux boxen you have available on your network.
*Scratch that. I’m totally judging you but, trying to stay reasonably polite about it, too.