惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
The Blog of Author Tim Ferriss
S
Securelist
D
Docker
The Register - Security
The Register - Security
GbyAI
GbyAI
Recorded Future
Recorded Future
Engineering at Meta
Engineering at Meta
Stack Overflow Blog
Stack Overflow Blog
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
罗磊的独立博客
博客园 - 【当耐特】
F
Full Disclosure
WordPress大学
WordPress大学
腾讯CDC
小众软件
小众软件
大猫的无限游戏
大猫的无限游戏
D
DataBreaches.Net
SecWiki News
SecWiki News
L
Lohrmann on Cybersecurity
I
InfoQ
MyScale Blog
MyScale Blog
量子位
Cyberwarzone
Cyberwarzone
博客园 - 三生石上(FineUI控件)
The Hacker News
The Hacker News
F
Fortinet All Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Jina AI
Jina AI
博客园_首页
H
Help Net Security
K
Kaspersky official blog
酷 壳 – CoolShell
酷 壳 – CoolShell
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Webroot Blog
Webroot Blog
Blog — PlanetScale
Blog — PlanetScale
V
Vulnerabilities – Threatpost
Y
Y Combinator Blog
The Cloudflare Blog
P
Proofpoint News Feed
V
Visual Studio Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Tailwind CSS Blog
爱范儿
爱范儿
P
Privacy International News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
The GitHub Blog
The GitHub Blog
C
Cybersecurity and Infrastructure Security Agency CISA
B
Blog RSS Feed

思有云 - IOIOX - 群晖

我为什么将个人数据从私有云迁移至 iCloud ? - 思有云 群晖NAS高级服务 - 使用阿里云盘打造免费 WebDAV 服务 - 思有云 群晖NAS高级服务 - docker 部署 AnyLink 企业级远程办公 VPN 服务 - 思有云 群晖 Synology DSM 7.0 BETA 测试版正式开放下载 - 思有云 Synology Drive Client 客户端 for macOS Big Sur 11.0.1 官方临时修复版 - 思有云 Synology Moments 升级到 Synology Photos 后端口及应用程序门户域名等问题解决方法 - 思有云 群晖 DSM 7.0 Synology Photos 客户端下载安装 - 思有云 群晖 Synology DSM 7.0 测试版已正式发布 附下载地址 - 思有云 群晖NAS高级服务 - WordPress 配置内网穿透无端口访问教程 - 思有云
群晖NAS网络服务 - 原生 DDNS 部署配置 Cloudflare DDNS 动态域名解析 - 思有云
博主: Stille · 2026-02-04 · via 思有云 - IOIOX - 群晖

DSM7.2 纯ipv6脚本见下文,
ipv6脚本原理:由于在群晖DDNS面板配置中,无法指定ipv6地址的获取,故通过读取群辉网卡中的ipv6地址,实现ddns中ipv6地址的设置;
所以在使用该脚本时,需注意修改 第20行代码“ip6fetch=$(ip -6 addr show ovs_eth0 | grep -oE "$ipv6Regex" | head -n 1 || true)”获取的ipv6地址是否是真正的公网ipv6地址,在测试时,可以通过 bash -x /sbin/cloudflareddns.sh 查看输出的ipv6地址是否是正确的公网ip;其中涉及网口(尤其是双网口设备)的选择、正则的匹配、正则匹配结果正确ip行的选择。
关键命令行解析:
通过linux 命令
ip -6 addr 可以获取所有网卡的ipv6地址;
show ovs_eth0 只显示第一个网口的信息(此处可以通过 ip -6 addr 显示的信息,决定是否修改 ovs_eth0的值,有可能网线插的另一个网口,可能需要修改为 ovs_eth1 ,也有可能网卡命名规则不是 ovs_xxx的形式,需要根据实际情况修改为正确的网卡名称)
| grep -oE "$ipv6Regex" 正则匹配显示网口的ipv6地址
| head -n 1 值获取正则匹配结果后的第一行信息(ipv6地址可能有多个,只能取一个作为DDNS的更新ip)

也可以通过linux命令打印输出的ipv6地址,若不正确,需自行调整
ip -6 addr show ovs_eth0 | grep -oE "(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))" || true

!/bin/bashcopyright:https://raw.githubusercontent.com/joshuaavalon/SynologyCloudflareDDNS/master/cloudflareddns.sh

set -e;
ipv6Regex="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]).){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
ipv6="true"

proxy="true"ask for existing proxy, don't override it <.<DSM Config

username="$1"
password="$2"
hostname="$3"
ipAddr="$4"
recType6="AAAA"

Fetch and filter IPv6, if Synology won't provide it

if [[ $ipv6 = "true" ]]; then

# ip6fetch=$(ip -6 addr show eth0 | grep -oP "$ipv6Regex" || true)
# Look out: `ip -6 addr show {your ipv6 network card} [filter your one ipv6 addr] `
ip6fetch=$(ip -6 addr show ovs_eth0 | grep -oE "$ipv6Regex" | head -n 1 || true)
# ip6Addr=$(if [ -z "$ip6fetch" ]; then echo ""; else echo "${ip6fetch:0:$((${#ip6fetch})) - 7}"; fi) # in case of NULL, echo NULL
# Look out: ip6Addr final output your public ipv6 addr
ip6Addr=$(if [ -z "$ip6fetch" ]; then echo ""; else echo "${ip6fetch}"; fi) # in case of NULL, echo NULL
if [[ -z "$ip6Addr" ]]; then
    ipv6="false";     # if only ipv4 is available
    echo "not obtain ipv6 addr";
    exit 1;
fi

else

echo "not obtain ipv6 addr";
exit 1;

fi

above only, if IPv4 and/or IPv6 is provided

listDnsv6Api="https://api.cloudflare.com/client/v4/zones/${username}/dns_records?type=${recType6}&name=${hostname}" # if only IPv4 is provided

resv6=$(curl -s -X GET "$listDnsv6Api" -H "Authorization: Bearer $password" -H "Content-Type:application/json");
resSuccess=$(echo "$resv6" | jq -r ".success")

if [[ $resSuccess != "true" ]]; then

echo "badauth";
exit 1;

fi

recordIdv6=$(echo "$resv6" | jq -r ".result[0].id");
recordIpv6=$(echo "$resv6" | jq -r ".result[0].content");
recordProxv6=$(echo "$resv6" | jq -r ".result[0].proxied");

API-Calls for creating DNS-Entries

createDnsApi="https://api.cloudflare.com/client/v4/zones/${username}/dns_records" # does also work for IPv6

API-Calls for update DNS-Entries

updateDnsApi="https://api.cloudflare.com/client/v4/zones/${username}/dns_records/${recordId}" # for IPv4 or if provided IPv6
update6DnsApi="https://api.cloudflare.com/client/v4/zones/${username}/dns_records/${recordIdv6}" # if only IPv4 is provided

if [[ $recordIpv6 = "$ip6Addr" ]]; then

echo "nochg";
exit 0;

fi

if [[ $recordIdv6 = "null" ]]; then

# IPv6 Record not exists
proxy="false"; # new entry, enable proxy by default
res6=$(curl -s -X POST "$createDnsApi" -H "Authorization: Bearer $password" -H "Content-Type:application/json" --data "{\"type\":\"$recType6\",\"name\":\"$hostname\",\"content\":\"$ip6Addr\",\"proxied\":$proxy}");

else

# IPv6 Record exists
res6=$(curl -s -X PUT "$update6DnsApi" -H "Authorization: Bearer $password" -H "Content-Type:application/json" --data "{\"type\":\"$recType6\",\"name\":\"$hostname\",\"content\":\"$ip6Addr\",\"proxied\":$recordProxv6}");

fi;
res6Success=$(echo "$res6" | jq -r ".success");

if [[ $res6Success = "true" ]]; then

echo "good";

else

echo "badauth";

fi