http://www.dyndns.org has an excellent service that should solve your woes.

Is there a way for a box behind a firewall to tell what IP address the firewall is using

As DamnDirtyApe notes, a static hostname is a good way of solving this particular problem, but an alternative is something like...

use LWP::Simple;
if (get('http://www.whatismyip.com/') =~ /(\d+[.]\d+[.]\d+[.]\d+)/) {
    print $1;
}
[download]

Another solution (if you have control over the firewall), is to install SNMP and then query the firewall remotely using Net::SNMP (alt.) or Net::SNMP::Interfaces (alt.).

    --k.

Update: Fixed snippet.

DynDNS provide a really useful service as DirtyDamnApe suggests above, however, the service is predicated on some machine inside your home network being able to determine the external IP when it changes. If your router/firewall is a programable machine this is usually not a problem as they have a selection of user written (quality and facilities vary) update agents available for download from their website.

What can be a problem is finding a way to determine the external IP from stand-alone firewall boxes like SonicWall etc.

If your lucky, the box will have a html status screen--available from its internalip:port 80 (or 8080)--that will list the current external IP. Writing your own agent to extract this and update the DynDNS profile is reasonably simple to do.

You may find, (as I did) that you need to download the latest firmware for your firewall box in order to get the latest version of the status screen that has the external IP displayed.

Good luck.

I have a similar setup. The way I deal with it is described in this post. Basically, it involves pinging a CGI on my external website periodically, and remembering the remote IP address (i.e., the one assigned to my router by my DSL provider).

Hmm is tracert too simple? The second IP will probably be your external ip which will be easy enough to parse out and do what you want with:

C:\Documents and Settings\administrator>tracert perlmonks.org

Tracing route to perlmonks.org [209.197.123.153]
over a maximum of 30 hops:

  1   <10 ms   <10 ms   <10 ms  SpeedTouch.lan [10.0.0.1]
  2    20 ms    10 ms    21 ms  bthg134-hg2.broadband.bt.net [217.32.6
8.201]
  3    20 ms    10 ms    20 ms  217.32.68.162
  4    10 ms    30 ms    20 ms  217.32.68.238
  5    10 ms    10 ms    20 ms  inh2cs01-601.btopenworld.com [62.7.250
+.129]
  6    21 ms    10 ms    20 ms  213.120.62.149
  7    10 ms    20 ms    30 ms  ^C
C:\Documents and Settings\administrator>

# so something simple like....

$tracert = `tracert google.com`;
@ips = $tracert =~ /(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/g;
print "$_\n" for @ips;
print "External IP gateway is $ips[1]\n"; # or whatever index is corre
+ct
[download]

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

Traceroute shouldn't work. The incoming interface should decrement the TTL, see that it became 0 and report back to the source. The external interface doesn't even see the packet. So, the first answer should be from the internal interface of your router. The second answer should then be from the router one hop away, ie. the ISP equipment. If it does work, the broadband router does strange things. However, some equipment might report back it's "main" IPaddress instead of said interface address, but don't count on it.

And anyway, you should use the -m (maximum ttl) flag, or it's win32 equivalent, to not let the probes wander of to far.

As far as I understand your setup, the broadband router and the firewall is the same box, and this box is also the one that is changing it's outer IPaddress through DHCP all the time. Your problem is that you do not know how to see the IPadress on the router/firewall's outer interface from the Linux box. Am I correct so far? Also, the router/fw is essentially a black box that you can't install software on, at least not Linux software, correct?

So, you need to access to router/firewall in some way to get that IPadress. I would guess you can either telnet into it or surf to it, or perhaps even use SNMP. SNMP is, at least for me, hard to work with, you probably need the MIB and stuff, so let's not bother. If you can surf to it, use LWP to fetch the data you need. If you can telnet to it, use Expect and catch the data.

When you have the data you need, use any technique for distributing that data to you, either through a mail, or a call using LWP to dyndns et al. See also freshmeat, I think there are some dyndns update utilities already written.