Categories
Programming python python

namesilo dns update via python script and cron job on pfsense

I am using namesilo for my DNS, and they’ve got a solid little API system for stuff you can do to modify your DNS entries. So I use it as a poor mans dynamic DNS at home. For whatever reason though, their rrid changes every time you do an update, so you need to modify the URL to include the new rrid, which you pull from a dnsupdate api call. Thanks to a coworkers python skills, he wrote me this up, works great. Will only run the API call to update if the IP has changed. There are few things you must change for your own information though, and that is:

DOMAIN.TLDS (example: swamp.xyz) – there are 4 places to change this, line 11, 31, 32, and 43.
APIKEY (you get this from namesilo when you generate your API key) – there are two spots to change this, in line 11 and 43.
SUBDOMAIN (example: va) – there are two spots to change this: line 11 and 43.
SUB.DOMAIN.TLDS (example: va.swamp.xyz) – there are 3 spots to change this, line 30,31, and 32.

#send request to URL
new = requests.get(new_URL)

#print the xml reply, this doesn't need to be pretty
print(new.content)#Must install requests package if you don't have items
# pip install requests

import requests
import xml.etree.ElementTree as ET

RECORD_IP_ADDRESS_URL = 'https://www.namesilo.com/api/dnsListRecords?version=1&type=xml&key=xxxxxxxxxxxxxxxxxxx&domain=swamp.xyz'
CURRENT_IP_ADDRESS_URL = 'http://whatismyip.akamai.com/'

#get current IP address from CURRENT_IP_ADDRESS_URL
current = requests.get(CURRENT_IP_ADDRESS_URL).content

print('Current IP address from akamai: %s' % current)
#read xml file
r = requests.get(RECORD_IP_ADDRESS_URL, allow_redirects=True)

xml = ET.fromstring(r.content)

#begin parsing xml for correct host (swamp.xyz)
for record in xml.iter('resource_record'):
#read host, value, and record_id from current record in xml
host = record.find('host').text
value = record.find('value').text
record_id = record.find('record_id').text

#if host is va.swamp.xyz, process further
if (host == 'va.swamp.xyz'):
print('va.swamp.xyz record IP address: %s' % value)

#if record IP address matches CURRENT_IP_ADDRESS_URL, do nothing
if (value == current):
print('Current IP address matches namesilo record')

#IP addresses don't match, let's update it
else:
print('IP addresses do not match, generating URL to update')

#place the record_id in the url
new_URL = 'https://www.namesilo.com/api/dnsUpdateRecord?version=1&type=xml&key=xxxxxxxxxxxxxxxxxxxxx&domain=swamp.xyz&rrid='+record_id+'&rrhost=va&rrvalue='+current+'&rrttl=3600'
print(new_URL)

#send request to URL
new = requests.get(new_URL)

#print the xml reply, this doesn't need to be pretty
print(new.content)

Now if you are like me, and use pfsense, you have to install a module, which you can do by running these commands in shell:

python2.7 -m ensurepip
python2.7 -m pip install requests
python2.7 -m pip install –upgrade pip

Once you run that, chmod +x your .py script and you are good to go to add the script to a cronjob. I added it via the pfsense cron gui:

*/5 * * * * root /usr/local/bin/python2.7 /usr/local/namesilo_update.py

Do make sure it’s in a directory you can run as the user, and modify permissions to make sure.

Categories
powershell Programming scripting Windows 10 Windows 7 Windows 8

creating batch file to kick off powershell script in different versions of windows with different commands

I needed the ability to have a powershell script execute specific ways for specific versions of windows, so after some googling, I hodge podged this. Essentially you will run this script first, as a cmd, or batch file:

@echo off
setlocal
for /f "tokens=4-5 delims=. " %%i in ('ver') do set VERSION=%%i.%%j
REM Windows 10 is called be low this
if "%version%" == "10.0" powershell "C:\LocalAdminPolicyUpdate\LocalAdminPolicyUpdate.ps1"
REM Windows 8.1
if "%version%" == "6.3" powershell "C:\LocalAdminPolicyUpdate\LocalAdminPolicyUpdate.ps1"
REM Windows 8
if "%version%" == "6.2" powershell "C:\LocalAdminPolicyUpdate\LocalAdminPolicyUpdate.ps1"
REM Windows Vista
if "%version%" == "6.0" echo Windows Vista.
REM Windows 7
if "%version%" == "6.1" powershell "Set-ExecutionPolicy Unrestricted" && powershell C:\LocalAdminPolicyUpdate\LocalAdminPolicyUpdate.ps1
endlocal

and then this script, labeled LocalAdminPolicyUpdate.ps1 reload the script if it is not running as an admin. This section works for Windows 8+, and does not flag/error on Windows 7, which is why I needed the previous script to kick off ‘what version’ is the OS to run it elevated. I also am running these on PC’s WITHOUT UAC. If you have UAC, the user will get prompted to hit YES on the UAC popup.

The next bit finds all users in the local administrator group, and removes specific users with the $Group.Remove section, and then adds with the $Group.Add. I also added some debugging stuff to see what echo’d out to show me if it exists and it is truely seeing each user.

# Adds local uesr to local administrators account and removing software loaders
# revision 1
# created 2016-04-26

# Run this if you need to be running as ADMINISTARTOR
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
####################################################

$members = net localgroup administrators | where {$_ -AND $_ -notmatch "command completed successfully"} | select -skip 4
#write-output $members

$Computer = $env:COMPUTERNAME
$GroupName = 'Administrators'
$User = $env:USERNAME

$ADSI = [ADSI]("WinNT://$Computer")
$Group = $ADSI.Children.Find($GroupName, 'group')

if ($members -notcontains "E500NT\$env:USERNAME") {
$Group.Add(("WinNT://e500nt/$user"))
}
if ($members -contains "E500NT\Software Loaders") {
$Group.Remove(("WinNT://e500nt/Software Loaders"))
}
if ($members -notcontains "E500NT\ISTechGroup") {
$Group.Add(("WinNT://e500nt/ISTechGroup"))
}
if ($members -notcontains "E500NT\Domain Admins") {
$Group.Add(("WinNT://e500nt/Domain Admins"))
}
#if ($members -contains "E500NT\$env:USERNAME") { echo 1}
#if ($members -contains "E500NT\ISTechGroup") { echo 2}
#if ($members -contains "E500NT\Domain Admins") { echo 3}
#if ($members -notcontains "E500NT\Software Loaders") { echo 4}