/etc/hosts is restored to its defaults after common reboot

[GoogleCodeExporter]

What steps will reproduce the problem?
1.
Open /etc/hosts via terminal 

2.
Edit this file for secure host associations:
127.0.0.1 localhost.localdomain localhost
192.168.x.1 my.router
192.168.x.1 my.RT-N56U
192.168.x.1 RT-N56U
==>
127.0.0.1 localhost.localdomain localhost
192.168.x.1 mysurname.lol

3.
Reboot device to take effect

4.
Open /etc/hosts via terminal 

5.
Lol:
127.0.0.1 localhost.localdomain localhost
192.168.x.1 my.router
192.168.x.1 my.RT-N56U
192.168.x.1 RT-N56U

What is the expected output? What do you see instead?
As I have some guys with ASUS RT-N56U in my Internet network, I need to protect 
my roter from them and to change /etc/hosts file.
I is a security hole...

What version of the product are you using? On what operating system?
RT-N56U_1.0.1.8d-p3

Original issue reported on code.google.com by skurydi...@gmail.com on 29 Mar 2012 at 5:22

[GoogleCodeExporter]

edit the start-up script

# vi /etc/storage/start_script.sh

Add there the following:

echo "xxx.xxx.xxx.xxx some.domain some.domain.alias" >> /etc/hosts
...
echo "yyy.yyy.yyy.yyy some-Y.domain some-Y.domain.alias" >> /etc/hosts

/usr/bin/killall -SIGHUP dnsmasq

Then run:

# mtd_storage.sh save

or if you use the USB disk you can add this to /opt/etc/init.d/S01system
(it is probably called /opt/etc/init.d/K01system and you should rename it
# mv /opt/etc/init.d/K01system /opt/etc/init.d/S01system
as only scripts starting with 'S' are being auto-executed on start-up and 
shutdown)
That's it!

Original comment by d...@soulblader.com on 30 Mar 2012 at 3:50

• Changed state: Invalid

[GoogleCodeExporter]

Thanks a lot!

Original comment by skurydi...@gmail.com on 30 Mar 2012 at 6:28

[GoogleCodeExporter]

You are welcome! ;)

Original comment by d...@soulblader.com on 30 Mar 2012 at 8:00

[GoogleCodeExporter]

This is not working for me with 1.1.1.8f-b8-2. 
After reboot the host file is still

/home/root # cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.178.1 my.router
192.168.178.1 my.RT-N56U
192.168.178.1 RT-N56U

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 10:43

[GoogleCodeExporter]

Found it: a user file was added, thank you! =)

- Added load user mappings from /etc/storage/hosts

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 10:57

[GoogleCodeExporter]

The router answers correctly:
;; ANSWER SECTION:
domain.com.     0   IN  A   192.168.178.100

But when used in the browser, I just get a timeout. Using the IP works 
instantly...

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 11:16

[GoogleCodeExporter]

Hi! Please write some details.
What is the ip - 192.168.178.100? Is there any local web server or some other 
service? 
Also, is the domain name "domain.com" (I guess you've changed it )) registered 
by you?..

Original comment by d...@soulblader.com on 23 Jun 2012 at 2:07

[GoogleCodeExporter]

Are you sure that machine 192.168.178.100 is able to resolve the name 
"domain.com" to its own ip address?

I use some services on my local server. For example, there is web gui for 
VirtualBox. So it works in browser with name vbox.srv.dev...

Original comment by d...@soulblader.com on 23 Jun 2012 at 2:18

[GoogleCodeExporter]

Hi! Sorry for the short info.
The reason I'm trying to change the host file (and configured through WAN) is 
that I cannot access my own dyndns from within the network. Outside the net 
e.g. via phone or vpn works fine.
Configuration:
Cable modem/router -- WAN of RT-N56U (DHCP) - LAN of Server (http, ssh etc) 
with static IP 192.168.178.100
Domain: mydomain.com -- cname to subdomain at afraid.org mydomain.org.org
The server updates the dyndns at afraid.org via link every hour since I cannot 
use the DDNS function behind the cable modem.
Host file at /etc/storage/hosts
192.168.178.100 mydomain.com

#dig mydomain.com
A record 192.168.178.100

A check from remote returns my global address. So everything seems to work as 
it is supposed to.
Now I want to access mydomain.com via http or ssh but I do not get redirected 
to 192.168.178.100 (http worked just twice all of a sudden) .

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 2:26

[GoogleCodeExporter]

This seems to be strange...
if I understood right you're using some machine running Linux...
Let's check...
is in /etc/resolv.conf (on local machine) : nameserver 192.168.178.100 ?
Also try to do #tracepath mydomain.com

Original comment by d...@soulblader.com on 23 Jun 2012 at 3:00

[GoogleCodeExporter]

"server" is an Ubuntu 11.10 BeagleBoard

This is my client's resolve.conf:
domain asus
nameserver 192.168.178.1 #the RT-N56U IP

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 3:12

[GoogleCodeExporter]

Aaa, sorry )
I thought that 192.168.178.100 - is the ip of RT-N56U. Now I've got it! )
Have you added '192.168.178.100 mydomain.com' to /etc/hosts on Ubuntu?..

Original comment by d...@soulblader.com on 23 Jun 2012 at 3:23

[GoogleCodeExporter]

Some more informations: the server is a Beagleboard with an internal usb-eth 
adapter which seems to have a dynamic MAC address. Thus forcing me to use a 
static IP instead of DHCP and letting the Asus router handle the MAC address to 
192.168.178.100.

traceroute to mydomain.com (192.168.178.100), 64 hops max, 52 byte packets
 1  mydomain.com (192.168.178.100)  2.265 ms  1.291 ms  2.221 ms

Ubuntu:
$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 myservername
127.0.1.1 mydomain.com

auto lo
iface lo inet loopback

/etc/network/interfaces  
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.178.100
netmask 255.255.255.0
network 192.168.178.1
broadcast 192.168.178.255
gateway 192.168.178.1

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 3:29

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Actually you need only address, netmask and gateway to get the static ip. Other 
parameters are not required. (but this shouldn't affect anyway). Also, you can 
put 'pre-up /sbin/ethtool -s eth0 wol g' after 'iface eth0 inet static' in 
order if you'd like to use wake-on-lan. (check if ethtool is installed)

The record '127.0.1.1 mydomain.com' in /etc/hosts is incorrect I think.
It should be '192.168.178.100 mydomain.com'. Try to comment that line and add 
new one. Then do #sudo /etc/init.d/networking restart. It should be accessed 
after that I hope.

Original comment by d...@soulblader.com on 23 Jun 2012 at 3:42

[GoogleCodeExporter]

I have the entry in the router /etc/storage/hosts
# Custom user hosts file
# Example:
# 192.168.1.100         Obi-Wan
192.168.178.100         mydomain.com
192.168.178.100         http://mydomain.com
192.168.178.100         www.mydomain.com
192.168.178.100         myservername

Why would the Ubuntu server redirect himself to 178.100 instead of 127.0.0.1?
I changed it to 

127.0.0.1 myservername
127.0.0.1 mydomain.com

and it works like 6 times on 3 browsers and the just timesout...

Thanks for the WOL hint, there is no ethool package for arm yet. Maybe in 12.04.

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 4:02

[GoogleCodeExporter]

UP: It's even better to add '192.168.178.100 myservername mydomain.com' to 
/etc/hosts on Ubuntu. In this case it will work correctly in local network in 
my opinion.

PS: I'm also running Ubuntu on server... ;) It is 10.10, but it doesn't matter )

Original comment by d...@soulblader.com on 23 Jun 2012 at 4:06

[GoogleCodeExporter]

'192.168.178.100         http://mydomain.com' - this line is incorrect too! You 
should remove it!!
You cat replace it with one line : '192.168.178.100 name name.alias1 
name.alias2 ... etc'.
Ubuntu should do this way in order to send packages back in network. It works 
this way on my server. The only difference it has several virtual interfaces. 

For WOL, check then first that network card supports WOL. Just run #sudo 
ethtool eth0. There should be smth. like 'Supports Wake-on: pg'.
And what machine are you using for server with arm processor arch?.. o_O

Original comment by d...@soulblader.com on 23 Jun 2012 at 4:19

[GoogleCodeExporter]

Linux host should be able to resolve it own hostname to network ip anyway! 
That's why line 'lan_ip_address machine_hostname' is required anyway.
For example, I'm using machine with Ubuntu desktop on it now. It gets ip 
address by DHCP.
#cat /etc/hosts. And the first line is '192.168.130.105 desktop # Added by 
NetworkManager'

Original comment by d...@soulblader.com on 23 Jun 2012 at 4:28

[GoogleCodeExporter]

executed twice within minutes:

traceroute to mysubdomain.org.org (31.16.99.147), 64 hops max, 52 byte packets
 1  my.router (192.168.178.1)  1.098 ms  0.700 ms  0.621 ms
 2  31-16-99-147-dynip.supercabel.com (31.16.99.147)  1.210 ms  1.135 ms  1.064 ms

Warning:  mydomain.com has multiple addresses; using 192.168.178.100
traceroute to mydomain.com (192.168.178.100), 64 hops max, 52 byte packets
 1  myservername (192.168.178.100)  2.006 ms  2.940 ms  1.069 ms

It works occasionally. Why does the router change his mind about the IP address?

It is a Beagleboard with enough power for a webserver, git etc needing just 5W 
;)

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 5:01

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

what a nice device!... I wanted to buy one, thanks!! )
Sorry, but I haven't understood the question...

Original comment by d...@soulblader.com on 23 Jun 2012 at 5:17

[GoogleCodeExporter]

http://beagleboard.org/bone
or 
http://www.raspberrypi.org/ for $25 ;)

I have changed both host files as you adviced:
192.168.178.100 myservername mydomain.com

When executing traceroute several times, he directs me either to the global or 
the local address. If he redirects to the global IP, I get a timeout since this 
was my initial problem.

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 5:52

[GoogleCodeExporter]

I think dnsmasq updates its cache when it gets the request to mydomain.com from 
outside or itself. So it puts your external ip address for mydomain.com to 
cache. Also dnsmasq puts records from hosts files when it starts to cache.
You can't reach local network with external ip address when Hardware_NAT is 
switched on (from local machine). If you disable it it should work...

And what is the aim? Just to be able to access your webserver with the same 
address being in/outside home network?..

Original comment by d...@soulblader.com on 23 Jun 2012 at 5:53

[GoogleCodeExporter]

Thank you for the links, I had read about it when I wrote that I'd liked one.. )
I was trying to find some 'head' device for my device based on Arduino. And 
this one seems to be very good at this role! So, thanks again!

Original comment by d...@soulblader.com on 23 Jun 2012 at 6:02

[GoogleCodeExporter]

Yes I just got this new cable router and all of a sudden I could not reach my 
own dyndns from inside my own network. As you might have guessed, I am no 
network expert and installing the moded firmware and changing the host file was 
the only thing I could think of. Is there an easier way? Sorry to bother you 
off topic!
I disabled the Hardware NAT and rebooted - no change... :-/

Original comment by MagreetM...@gmail.com on 23 Jun 2012 at 6:14

[GoogleCodeExporter]

I don't know if there some solution... =/ The only way I see is to use 
different names for service when you in and outside the network. The second 
name shouldn't have any external dns records.

The thing you can try - is to edit /etc/dnsmasq.conf and add there 
address=/mydomain.com/192.168.178.100
then
#killall dnsmasq
#dnsmasq

the following is from dnsmasq config example file:

# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
#local=/localnet/

# Add domains which you want to force to an IP address here.
# The example below send any host in doubleclick.net to a local
# webserver.
#address=/doubleclick.net/127.0.0.1

Original comment by d...@soulblader.com on 23 Jun 2012 at 7:12

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Or I've found another way )) ...if you run inadyn (ddns service on router)
Copy inadyn config to router internal flash

# cp /etc/inadyn.conf /etc/storage/inadyn.conf

Edit /etc/storage/post_iptables_script.sh
Add there the following (I haven't tested the code):

#!/bin/sh

if [ -z "`pidof inadyn`" ] ; then
  # !! Check if '--background' option is already in /etc/storage/inadyn.conf !!
  # !! if it is, remove it below !!
  inadyn --background --input_file /etc/storage/inadyn.conf --exec $0
  exit 0
fi

LAN_IF=`nvram get lan_ifname`
CACHE_PATH=/tmp/extip
# You can set specific port if needed, i.e. 192.168.178.100:80
SERVER_IP=192.168.178.100

IP=""

if [ -f $CACHE_PATH ] ; then
  IP=`cat $CACHE_PATH 2>/dev/null`
  if [ -n "$IP" ] ; then
    iptables -t nat -D PREROUTING -i $LAN_IF -p tcp --dst $IP -j DNAT \
          --to-destination $SERVER_IP 2>/dev/null
  fi
fi

IP=""

# I don't remember other service name, which shows your ip address
# You can add some in case if these two don't work
IP=`wget -qc http://ip1.dynupdate.no-ip.com -O- 2>/dev/null`

if [ -z "$IP" ] ; then
  IP=`wget -qc http://dynamic.zoneedit.com/checkip.html -O- 2>/dev/null | sed 's/[^0-9\.]//g'`
fi

if [ -n "$IP" ] ; then
  iptables -t nat -I PREROUTING -i $LAN_IF -p tcp --dst $IP -j DNAT \
          --to-destination $SERVER_IP 2>/dev/null
else
  exit 1
fi

echo $IP > $CACHE_PATH

exit 0

#mtd_storage.sh save

Then disable inadyn service in web GUI and reboot the router. This should 
forward all requests to your external ip from local network (which were sent to 
br0 interface) to your server address.

Original comment by d...@soulblader.com on 23 Jun 2012 at 9:33

[GoogleCodeExporter]

Forgot to say: remove all records to 192.168.178.100 from /etc/storage/hosts. 
Let all requests go to external ip address. iptables should do the rest of work.

Original comment by d...@soulblader.com on 23 Jun 2012 at 9:50

[GoogleCodeExporter]

Wow, thank you so much! This is a little over my head though. I tried your hint 
with the /etc/dnsmasq.conf file and it seems to work even with HardwareNAT on 
=D 
Unfortunately it gets overwritten after reboot, so I tried this in 
/etc/storage/startup_script_sh

#local redirect
echo "address=/mydomain.com/192.168.178.100" >> /etc/dnsmasq.conf

But /etc/dnsmasq.conf seems to get overwritten afterwards.

Then I tried the same in /etc/storage/post_wan_script.sh

#local redirect
echo "address=/mydomain.com/192.168.178.100" >> /etc/dnsmasq.conf
killall dnsmasq
dnsmasq

And this seems to work after reboot! Thank you very much!

Original comment by MagreetM...@gmail.com on 24 Jun 2012 at 8:00

[GoogleCodeExporter]

You are welcome! :) But be careful, I'm not sure that this 'trick' will always 
work. But it seems firewall rules should be always updated after dnsmasq 
reconfiguration by rc.

Original comment by d...@soulblader.com on 24 Jun 2012 at 2:23