You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[*] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
[*] When the request is meant for an existing plugin, I've added its name to the title.
Is your feature request related to a problem? Please describe.
The current-IP detection logic currently bails for any IP where ipaddress.is_global returns false, which makes it impossible to use this plugin to securely update internal DNS entries. While this is fine as a default, an override should be provided. See dns/ddclient/src/opnsense/scripts/ddclient/lib/address.py line 98
Describe the solution you'd like
I'd like to be able to do ddns updates also based on the firewall's non-internet interfaces. To that end, an override field should be available on the "edit account" dialogue, when a local interface check-ip modes is selected, allowing the user to provide 1 or more private subnets that should be considered a match.
Alternately, a checkbox could be provided in the same dialogue to skip the is_global check outright. This would interact poorly with IPv6 link local addresses and some extra logic would be needed since in IPv6 everything is multi-homed all the time.
Personally I only need the IPv4 Interface check-ip option.
Describe alternatives you've considered
Obviously DHCP is the more traditional way to do this, but it lacks the same robust options for cryptographic binding of host identities.
Or the ever popular, "just make an admin do it manually".
I'm liking the ddclient version instead because dns updates can be based on the same identity used for the ACME DNS-01 challenge.
The text was updated successfully, but these errors were encountered:
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
The current-IP detection logic currently bails for any IP where ipaddress.is_global returns false, which makes it impossible to use this plugin to securely update internal DNS entries. While this is fine as a default, an override should be provided. See dns/ddclient/src/opnsense/scripts/ddclient/lib/address.py line 98
Describe the solution you'd like
I'd like to be able to do ddns updates also based on the firewall's non-internet interfaces. To that end, an override field should be available on the "edit account" dialogue, when a local interface check-ip modes is selected, allowing the user to provide 1 or more private subnets that should be considered a match.
Alternately, a checkbox could be provided in the same dialogue to skip the is_global check outright. This would interact poorly with IPv6 link local addresses and some extra logic would be needed since in IPv6 everything is multi-homed all the time.
Personally I only need the IPv4 Interface check-ip option.
Describe alternatives you've considered
Obviously DHCP is the more traditional way to do this, but it lacks the same robust options for cryptographic binding of host identities.
Or the ever popular, "just make an admin do it manually".
I'm liking the ddclient version instead because dns updates can be based on the same identity used for the ACME DNS-01 challenge.
The text was updated successfully, but these errors were encountered: