Linux Setting time in NAS (wd my cloud)

Ramadhir Singh

Ramadhir Singh

Wasseypur
Level G
i hope this is the current section to post.

As you know, i had disabled internet in my WD MyCloud a little while ago, by putting a random IP in DNS.

Because of this NTP services are also cut off from internet and the time on the device is not updating after every restart it will reset the time/date to 2016.

is there any way to set time in the wd mycloud via alternate methods such as command via ssh ( i can create a schedule task in PC to run a certain batch command which will set the time of the device)


or i have one more workaround which i extensively use in macOS, by using custom nameserver via dns resolver per domain.

will this methord work in linux ( running the mycloud) ?

if so which will be the location where linux looks for DNS resolver ? (i can see multiple etc/ressolver/ directory )


UPDATE:

in-fact, unix DNS ressolver doesnt work like macOS.
dnsmasq is not an option for this device as the memory, etc limits.

what worked form me is :-
i have hard coded the hostname-to-IP mappings, now my cloud is not longer has to consult DNS for resolving the hostname.

this can be done by entering below lines in /etc/hosts
Code: 
188.166.215.214  pool.ntp.org

this above example is for my NTP server which i use - pool.ntp.org
 
Last edited:
netant said:
i hope this is the current section to post.

As you know, i had disabled internet in my WD MyCloud a little while ago, by putting a random IP in DNS.

Because of this NTP services are also cut off from internet and the time on the device is not updating after every restart it will reset the time/date to 2016.

is there any way to set time in the wd mycloud via alternate methods such as command via ssh ( i can create a schedule task in PC to run a certain batch command which will set the time of the device)

or i have one more workaround which i extensively use in macOS, by using custom nameserver via dns resolver per domain.

wil this methord work in linux ( running the mycloud) ?

if so which will be the location where linux looks for DNS resolver ? (i can see multiple etc/ressolver/ directory )
Click to expand...

It should work, you need to check the resolver and whether it supports - mostly yes.

Alternatively, DNS blocking of internet is not the best way - many systems do have hardcoded IPs.
 
vivek.krishnan said:
Alternatively, DNS blocking of internet is not the best way - many systems do have hardcoded IPs.
Click to expand...

looks like my cloud don't use any hard-coded DNS, as after putting fake dns, it stopped updating time and it stopped looking for software updates.

just for my knowledge, what could be the other way to block internet in my cloud, i know it could be via router - but my router running in stock firmware which don't have option to "allow LAN only" for any device, upgrading to ddwrt will be hell lot of task to reconfigure my entire home network .
 
netant said:
looks like my cloud don't use any hard-coded DNS, as after putting fake dns, it stopped updating time and it stopped looking for software updates.

just for my knowledge, what could be the other way to block internet in my cloud, i know it could be via router - but my router running in stock firmware which don't have option to "allow LAN only" for any device, upgrading to ddwrt will be hell lot of task to reconfigure my entire home network .
Click to expand...

Not hardcoded DNS - I am talking about phone home IPs.

Blocking via router is the best, as that is edge case.

For doing custom NS and etc - you need to jailbreak/get SSH access to your device and do the needful by looking at the backend.
 
why do you need to stop internet for the wd? isn't the router nat more than enough? try to stop the wd from forwarding ports in the router.
doesn't the wd have a firewall or something to block outside infiltration?
 
6pack said:
why do you need to stop internet for the wd? isn't the router nat more than enough? try to stop the wd from forwarding ports in the router.
doesn't the wd have a firewall or something to block outside infiltration?
Click to expand...
im still running stock firmware in my router, waiting for openwrt updates then im going to flash in a week or two .
touching anything in the router firewall defaults is disturbing my home network.

WD doesn't have anything such, it wide open to public. the only option is to stop cloud access. Enabling cloud mean anyone from internet can access.
it one of the most insecure device. every device is profiled at their WD website once we give lan access to it for a phone, even if he is not in my network he can access. ( i was shocked to know this, when i configure my brother's phone as guest to access it when he was in my home network. But he was still able to access from 1000km away via mobile network).
 
well, that's really bad. what a stupid device by WD. even one compromised device on a network is enough for virus to propagate.
 
I bought that when i had limited budget, and it was freshly launched, so not much information available for these devices back then.
plus this is a single drive NAS with no redundancy. I will buy a 2 bay Synology in couple of years down the lane until than i have to use this and it serving the purpose.
 
netant said:
UPDATE:

in-fact, unix DNS ressolver doesnt work like macOS.
dnsmasq is not an option for this device as the memory, etc limits.

what worked form me is :-
i have hard coded the hostname-to-IP mappings, now my cloud is not longer has to consult DNS for resolving the hostname.

this can be done by entering below lines in /etc/hosts
Code: 
188.166.215.214  pool.ntp.org

this above example is for my NTP server which i use - pool.ntp.org
Click to expand...

This need an another update based on my new learning.
ntp.org - is not recommended as those IP address are not static & can change in future.
Seems like this services has now migrated as dynamic IP range. for example pool.ntp.org can now resolve to multiple addresses: at present their IP addresses are - 162.159.200.123, 210.23.25.77, 103.47.76.177, 162.159.200.1
This update and multiple IP is in effect from 14/October/2019 and can no longer be used to set static NTP services.

Solution:
migrated old NTP services to NIST (nist.gov) - They use static IP and has IP4 as well as IP6 Static addresses.

Code: 
utcnist2.colorado.edu    128.138.141.172
time-e-b.nist.gov        132.163.96.6
time-e-b.nist.gov        2610:20:6f96:96::6
are few of their sample servers.
 
Bumping old thread
the nst.org are phasing out "time" protocol used for static IP and moving to ntp protocol .. thus breaking the time sync again.
im back to square one.

vivek.krishnan said:
If you have a smaller RPi or anything, you can setup your own NTP server.
Click to expand...

unfortunately i don't have. any other option ?



6pack said:
why do you need to stop internet for the wd? isn't the router nat more than enough? try to stop the wd from forwarding ports in the router.
doesn't the wd have a firewall or something to block outside infiltration?
Click to expand...

by any chance you are familiar with TP-Link stock firmware?

im trying to use "Access control" to block all sites for this WD mac-address, and only allowing ntp.org site. but the moment i enable access control, internet in my entire network in blocked.
not even not.org is accessible.
See attached image.

Any thoughts ?

( created a separate thread for more visibility about TP link setting here - https://techenclave.com/community/threads/enable-internet-access-control-in-tp-link-frmware.191559/ . )
 

Attachments

  • tp_link_AC.png
    tp_link_AC.png
    17.8 KB · Views: 192
Last edited:
netant said:
im trying to use "Access control" to block all sites for this WD mac-address, and only allowing ntp.org site.
Click to expand...

I don't think that's the right way to do it. Maybe a firewall on the WD would be better option.

If you can install ufw on the WD this is a good tutorial to allow/ deny incoming or outgoing packets.

How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server | DigitalOcean

Learn how to setup a firewall with UFW on an Ubuntu / Debian cloud server.
www.digitalocean.com www.digitalocean.com


For that NTP problem, if you have an old android phone lying around, you could use this app.
Make the WD get it's time from the Android device.

play.google.com

Time Server - Apps on Google Play

The ultimate NTP Server, simple to use and free! Use your Android device as your own Time Server! Use the Network Time Protocol (NTP) or the simpler Time Protocol for the server. Even with support for Dynamic DNS Updating! The app supports logging and can be set to automatically start/stop a...
play.google.com play.google.com
 
Last edited:
netant said:
Bumping old thread
the nst.org are phasing out "time" protocol used for static IP and moving to ntp protocol .. thus breaking the time sync again.
im back to square one.



unfortunately i don't have. any other option ?





by any chance you are familiar with TP-Link stock firmware?

im trying to use "Access control" to block all sites for this WD mac-address, and only allowing ntp.org site. but the moment i enable access control, internet in my entire network in blocked.
not even not.org is accessible.
See attached image.

Any thoughts ?

( created a separate thread for more visibility about TP link setting here - https://techenclave.com/community/threads/enable-internet-access-control-in-tp-link-frmware.191559/ . )
Click to expand...

What @6pack suggests is a very good option. I would suggest to do that.
 
6pack said:
If you can install ufw on the WD this is a good tutorial to allow/ deny incoming or outgoing packets.
Click to expand...

WD is FreeBSD based OS, not sure it will allow me to install any software, i tied installing few in past it didn't went well.
I will try to install uft and see how it goes.

In past i tried to edit the some network tables & bricked the unit.. had to had the firmware again.

i will check the android app as well.
 
Back
Top