Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Trying to get DDNS to work but cant update package list

  1. #1
    New Member
    Join Date
    Jul 2019
    Location
    Portland, OR
    Posts
    5

    Trying to get DDNS to work but cant update package list

    I set up my DDNS through FreeDNS and followed this but I cant get it to update the package list. I get this message:

    Downloading https://downloads.lede-project.org/s...es/Packages.gz
    Updated list of available packages in /var/opkg-lists/reboot_core
    Downloading https://downloads.lede-project.org/s...s/Packages.sig
    Signature check passed.
    Downloading https://downloads.lede-project.org/s...se/Packages.gz
    Updated list of available packages in /var/opkg-lists/reboot_base
    Downloading https://downloads.lede-project.org/s...e/Packages.sig
    Signature check passed.
    Downloading https://downloads.lede-project.org/s...er/Packages.gz
    *** Failed to download the package list from https://downloads.lede-project.org/s...er/Packages.gz

    Collected errors:
    * opkg_download: Failed to download https://downloads.lede-project.org/s...er/Packages.gz, wget returned 8.


    When I follow the link but 404s after /linkmeter/, everything up to that works. I tried changing the link to https since I read that helps sometimes but no go. I tried both builds too, currently on the SNAPSHOT build, using a pi zero w.

    Any ideas?

  2. #2
    TVWBB Honor Circle Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,758
    You can just go to System -> Software -> Configuration and comment out the linkmeter source (put a # in front of it) to get around that issue.

    But yeah the LEDE-Project packages are a bit of a mess. It was OpenWRT and then a bunch of the good developers said "We're going to do it THIS way now!" and so I ported HeaterMeter from OpenWRT to LEDE. Then less than a year later, they put aside their differences and remerged and redid all their source lists. I decided to not port back to OpenWRT immediately and just put it off until the next HeaterMeter version. As such, some of the package repositories are stale or broken. That one however is because there's an issue in the build process that forces that package source to be included or else it won't include any of our linkmeter/heatermeter software, so the work around is to comment it out in the sources list. There's a pretty good chance that you won't be able to get the packages you want anyway though since there will be version conflicts due to the current snapshot not being the snapshot we're built from.

    I'd recommend turning on DDNS on your home router if it supports it, not the HeaterMeter device.

    I've also bought the smoky.link domain with the intent of having DDNS built into the system, so everyone can have their own XXX.smoky.link url, but it was backburnered because it would probably create more support requests than anything else since it also requires a hole in the home firewall. I'm also not really sure how secure it is to have HeaterMeter sitting on the Internet.
    Last edited by Bryan Mayland; 07-10-2019 at 02:22 PM.
    I'm that HeaterMeter guy what ruins everybody's free time.

  3. #3
    TVWBB Pro
    Join Date
    Jun 2016
    Location
    Southeastern MN
    Posts
    683
    Bryan, I'd hazard a guess that a HeaterMeter exposed directly to the public Intardnet would still be far more secure than most, and especially Windows hosts. Is there any reason to have more than ports 22 (ssh,) and 80/443 (http[s],) open? No real reason to tempt trouble.

    You got the smoky.link TLD? Very cool.

    Yes, DDNS really belongs on interfaces that are exposed to the public. While you can set it up behind a firewall, it's not necessarily the best way to go about it.

  4. #4
    TVWBB Honor Circle Bryan Mayland's Avatar
    Join Date
    Apr 2010
    Location
    Tampa, FL
    Posts
    4,758
    Really the only port you need is for HTTP or HTTPS (take your pick). I'd keep the SSH port closed at the firewall since you probably can do as much normal config as needed from the webui, and can always SSH in from the local network if needed. I also map the external port on the firewall to something else (not 80 or 443 or 8080) and have it forward to port 80 or 443 on the HeaterMeter. Just having it on a non-standard port eliminates like 99% of bad guys just scanning looking for web servers.
    I'm that HeaterMeter guy what ruins everybody's free time.

  5. #5
    New Member
    Join Date
    Jul 2019
    Location
    Portland, OR
    Posts
    5
    Thanks for the reply Brian, So I changed the comments to:
    src/gz reboot_core https://downloads.lede-project.org/s...m2708/packages
    src/gz reboot_base https://downloads.lede-project.org/s...jzf-s_vfp/base
    src/gz reboot_linkmeter https://downloads.lede-project.org/s...176jzf-s_vfp/#
    # src/gz reboot_luci https://downloads.lede-project.org/s...jzf-s_vfp/luci
    # src/gz reboot_packages https://downloads.lede-project.org/s...p/#Packages.gz

    and it returned:

    Downloading https://downloads.lede-project.org/s...es/Packages.gz
    Updated list of available packages in /var/opkg-lists/reboot_core
    Downloading https://downloads.lede-project.org/s...s/Packages.sig
    Signature check passed.
    Downloading https://downloads.lede-project.org/s...se/Packages.gz
    Updated list of available packages in /var/opkg-lists/reboot_base
    Downloading https://downloads.lede-project.org/s...e/Packages.sig
    Signature check passed.
    Downloading https://downloads.lede-project.org/s.../#/Packages.gz
    Updated list of available packages in /var/opkg-lists/reboot_linkmeter
    Downloading https://downloads.lede-project.org/s...#/Packages.sig
    Signature check failed.
    Remove wrong Signature file.
    Failed to decode signature

    Any thoughts? I tried getting my router configured for DDNS but it starts to load where at the top of the page it will say "LuCi Lua configuration interface" but then times out :/

  6. #6
    TVWBB Guru Steve_M's Avatar
    Join Date
    Jul 2013
    Location
    Toronto
    Posts
    2,090
    Let the HM be a HM and let your router do DDNS

  7. #7
    TVWBB Pro
    Join Date
    Jun 2016
    Location
    Southeastern MN
    Posts
    683
    Quote Originally Posted by Bryan Mayland View Post
    Really the only port you need is for HTTP or HTTPS (take your pick). I'd keep the SSH port closed at the firewall since you probably can do as much normal config as needed from the webui, and can always SSH in from the local network if needed. I also map the external port on the firewall to something else (not 80 or 443 or 8080) and have it forward to port 80 or 443 on the HeaterMeter. Just having it on a non-standard port eliminates like 99% of bad guys just scanning looking for web servers.
    I was thinking on the HM itself, not what's available on the outside world. If at all possible, DDNS should be on at your NAT firewall with port forwarding, and can be used with multiple systems at that point. DDNS would be useful if the HM is directly hosted on the public network, and yeah, sshd running on a non-standard port is a good idea. That will eliminate nearly all penetration attempts.

  8. #8
    New Member
    Join Date
    Jul 2019
    Location
    Portland, OR
    Posts
    5
    Quote Originally Posted by Steve_M View Post
    Let the HM be a HM and let your router do DDNS
    I tried to but it will start to load and will say "LuCi Lua configuration interface" on a white screen but wont go past that, just tries to load till it times out. Any thoughts on what I might have set wrong? I tried forwarding port 80 then 443 on HM but neither worked.

  9. #9
    New Member
    Join Date
    Jul 2019
    Location
    Portland, OR
    Posts
    5
    Can I run what I have set up and will someone let me know if I have this right? On FreeDNS I have my heatermeter IP address linked to my DDNS address, then I have on my router my login creds for FreeDNS with the DNS address, then I have a port 80 forwarded on the Heatermeter IP address. Is that right?

  10. #10
    TVWBB Pro
    Join Date
    Jun 2016
    Location
    Southeastern MN
    Posts
    683
    Wait a sec.... you should have the external IP address from your router listed at FreeDNS (hopefully, your router has a DDNS feature for FreeDNS.) This shouldn't be a 192.168.x.y, 172.x.x (or some such) or 10.x.y.z address (all RFC1918 test network, non-routable, addresses.)

    Secondly, I would suggest that you use some other port other than 80 on the dirty side of your router for this just as a bit of security by obscurity. Hitting your FreeDNS address with the other port number will redirect to your HM on port 80.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •