Hi,

I want to post this information so that next time I need to set this up a quick google search will give me simple instructions. Of course, I hope others will benefit as well :-)

It seems amazing to me that no straightforward instructions for this are available on the web.
Methods are suggested using DNS-O-Matic and various OpenWRT software packages but they seem overly complicated.
The following is my method based on a ton of googling.

The goal:

OpenDNS web filtering (parental controls) work based upon 2 factors. Firstly you must set the DNS server records of your router and DHCP server to the OpenDNS servers 208.67.222.222, 208.67.220.220. (This is straightforward and not covered here)

Secondly, OpenDNS must be aware of your current external IP address given to you on a permanent or temporary basis by your ISP. If you have a fixed (permanent) IP address then this is no problem and you don't need to reed this post - just log in to your open DNS control panel go to settings and check that the IP address shown against your network matches your current IP address as shown at the top of the web page.

If you don't have a fixed IP then you can still set this manually as above, however whenever your DSL connection is restarted and possibly at other unpredictable times your external IP address may be changed by your ISP and your OpenDNS internet filter will no longer function.

Therefore it is necessary to have an automatic method of informing OpenDNS each time the DSL router restarts, or simply on a regular basis. OpenDNS provide a client program to run on Windows and Mac PCs that can do this when the PC is switched on, however this will not be enough if you are also protecting tablets and mobile phones on your network.

The method:

1. Install the curl software package in OpenWRT

2. Log in to your router over SSH:
    ssh root@10.0.0.1

3.  via SSH, download the HTTPS certificates from http://curl.haxx.se/docs/caextract.html
     curl -o /etc/ssl/certs/ca-certificates.crt http://curl.haxx.se/ca/cacert.pem

4. via SSH, create a script to talk to OpenDNS (note: this is a single line):
* Edit this line to enter your details *

echo curl --cacert /etc/ssl/certs/ca-certificates.crt https://[YourOpenDNSLoginName]:[YourOpendnsPassword]@updates.opendns.com/nic/update?hostname=[YourOpendnsLabel]  > /root/opendns_update.sh

5. Set up a cron job in OpenDNS to run the script every 10 minutes. In the OpenWRT interface go to System > Scheduled Tasks and enter:
*/10 * * * * /root/opendns_update.sh > /dev/null 2>&1

6. Test by: restarting your ADSL/VDSL connection, login in to opendns and confirm that the 2 IP addresses displayed do not match, wait for the script to run, refresh opendns page see that IP addresses now match.

(Last edited by OFelix on 22 Oct 2015, 20:22)

I had to change the cron entry to get it to run every 10min.

*/10 * * * * /root/opendns_update.sh > /dev/null 2>&1

Hi shdashley,

I'm not a certified expert :-) but the entry you suggest doesn't seem to make any sense.
Does it display as you printed it above in the Schedule Tab view in OpenWRT interface?
Does it display as you printed it above if you use ssh to run: crontab -l  ?

*     *     *   *    *        command to be executed
-     -     -   -    -
|     |     |   |    |
|     |     |   |    +----- day of week (0 - 6) (Sunday=0)
|     |     |   +------- month (1 - 12)
|     |     +--------- day of        month (1 - 31)
|     +----------- hour (0 - 23)
+------------- min (0 - 59)

http://www.adminschoice.com/crontab-quick-reference

Well for me your original entry was updating at 10 past the hour.
I just googled for a cron and 10 min job. Found a link to what I used.

Its working for me fine. just */10 * * * * etc.
I have 15.05 on a Netgear WNDR4300.

Battled for a while with ddns, as this had been working one on 14.07.

root@OpenWrt:~# crontab -l
*/10 * * * * /root/opendns_update.sh > /dev/null 2>&1root@OpenWrt:~#

yep.
Anyhow thanks .

(Last edited by shdashley on 22 Oct 2015, 19:26)

shdashley  - you are correct!  Thanks  :-)

The command I posted would only run the command at 10 minutes past each hour.

I will update the original post with the correct command as supplied by you.

No a problem, happy to contribute.

Also I plan to run a 'cleanup' job to remove the 'update?hostname=name' files that apear in /root once a week.
55 23 * * sat /root/opendns_update_cleanup.sh .... etc

(Last edited by shdashley on 22 Oct 2015, 22:38)

I don't see any files generated on my system that need clearing up. ???

Uptime is 10 days, in case they get cleared on reboot.

(Last edited by OFelix on 22 Oct 2015, 22:46)

Humm,

Must be some difference with wget and curl.

I get files with a :-
good <outside IP>

From router side it worked like a charm, only issue is that on opendns site I have to update the new IP with a "sync" button every time my IP change even if the opendns site already has the new one... anyway that's for the opendns forum.
Thanks again!

Hello again!

I've realised that my OpenWRT router isn't updating my OpenDNS, and I've followed all the steps.

I've tested running the command from inside the sh file via SSH to check the return messages,

first like this:

root@OpenWrt:~# curl --cacert /etc/ssl/certs/ca-certificates.crt https://[asdasd@asd.com]:[mypassword]@updates.opendns.com/nic/update?hostname=[home]
curl: (3) [globbing] bad range in column 14
root@OpenWrt:~#

then like this:

root@OpenWrt:~# curl --cacert /etc/ssl/certs/ca-certificates.crt https://asdasd@asd.com:mypassword@updates.opendns.com/nic/update?hostname=home
curl: (3) Port number out of range
root@OpenWrt:~#

What I'm doing wrong?

Hello! I've been trying the following:

curl --cacert /etc/ssl/certs/ca-certificates.crt --user asdasd@asd.com:mypassword https://updates.opendns.com/nic/update?hostname=home

But returned "badauth", is there any requisite for the password to work over URL?