tunnelhome

1. #!/bin/sh
2. # This script was written to run under the busybox ash shell.
3. #
4. # Start a ssh reverse tunnel daemon back to the base server.
5.  
6. SSH_USER=probe1
7. SSH_PROXY_PORT=22201
8. SSH_HOST=foo.bar
9. SSH_KEYFILE=/root/.ssh/id_rsa
10. RECOVER_WAIT=10
11. SSH_SAI=15 # ServerAliveInterval
12. SSH_SACM=4 # ServerAliveCountMax
13.  
14. PIDFILE="/tmp/$(basename $0.pid)"
15. MYNAME=$(basename $0)
16. DEPENDENCIES="ssh netstat pgrep"
17.  
18. #--
19.  
20. echoerr() {
21.         # Print errors to stderr.
22.         echo "$@" 1>&2;
23. }
24.  
25. f_start() {
26.     # FIXME: Test for openssh clinent. Won't work with dbclient.
27.     #
28.     # Verify dependancies.
29.     for EACH in $DEPENDENCIES ; do
30.         DEP_TARGET=$(which $EACH 2> /dev/null)
31.         if [[ -z "$DEP_TARGET" ]] ; then
32.             DEP_FAIL=1
33.             echoerr ""
34.             echoerr "ERROR: $EACH not found."
35.         fi
36.         if [[ "$DEP_FAIL" == 1 ]] ; then
37.             echoerr ""
38.             echoerr "At least one required dependency is missing. Quitting."
39.             echoerr ""
40.             return 1
41.         fi
42.     done
43.     # Verify the keyfile's existence.
44.     if [[ ! -f "$SSH_KEYFILE" ]] ; then
45.         echoerr ""
46.         echoerr "ERROR: SSH_KEYFILE not found: $SSH_KEYFILE. Quitting."
47.         echoerr ""
48.         return 1
49.     fi
50.     # Bail out if the lockfile/PIDFILE already exists.
51.     if [[ -r "$PIDFILE" ]] ; then
52.         echoerr ""
53.         echoerr "ERROR: Already running at PID $(cat $PIDFILE)? Quitting."
54.         echoerr ""
55.         return 1
56.     fi
57.     echo ""
58.     echo -n "Starting daemon: "
59.     ( while true ; do
60.         # Wait until the network is up.
61.         if [[ $(netstat -rn | egrep "^0\.0\.0\.0" | wc -l) -lt 1 ]] ; then
62.             echoerr "Network not ready."
63.             sleep 3
64.             continue
65.         fi
66.         # Add timeout for ssh command?
67.         # How will we know that the tunnel is really up? Can we test that? How do we kill a bad tunnel?
68.         # dropbear sucks # dbclient -K 15 -I 0 -i $SSH_KEYFILE -N -R $SSH_PROXY_PORT:localhost:22 $SSH_USER@$SSH_HOST
69.         # FIME: Consider using autossh.
70.         echoerr "Starting tunnel."
71.         ssh -i $SSH_KEYFILE -o "ServerAliveInterval=$SSH_SAI" -o "ServerAliveCountMax=$SSH_SACM" -N -R $SSH_PROXY_PORT:localhost:22 $SSH_USER@$SSH_HOST
72.         X_SSHTUNNEL=$?
73.         echoerr "SSH tunnel quit with exit:$X_SSHTUNNEL"
74.         echoerr "Restarting in $RECOVER_WAIT seconds."
75.         sleep $RECOVER_WAIT
76.     done ) &> /dev/null &
77.     MYPID=$!
78.     echo "Done."
79.     echo "Running at PID $MYPID."
80.     echo "$MYPID" > $PIDFILE || (echoerr "ERROR: can't write to PIDFILE. Killing daemon." ; f_stop ; return 1)
81.     # Disown neither needed or available in busybox ash shell.
82.     # disown $MYPID
83.     echo ""
84. }
85.  
86. f_stop() {
87.     if [[ -r "$PIDFILE" ]] ; then
88.         echo ""
89.         echo -n "Stopping daemon: "
90.         MYPID=$(cat $PIDFILE)
91.         MYPID_CHILDREN=$(pgrep -P $MYPID)
92.         kill "$MYPID" || echoerr "Error trying to kill PID: $(cat $PIDFILE)"
93.         for EACH in $MYPID_CHILDREN ; do
94.             kill "$EACH"
95.         done
96.         rm -f "$PIDFILE"
97.         echo "Done."
98.         echo ""
99.     else
100.         echo ""
101.         echo "No PIDFILE found."
102.         echo ""
103.         return 2
104.     fi
105. }
106.  
107. #--
108.  
109. case "$1" in
110.     start)
111.         f_start
112.     ;;
113.     stop)
114.         f_stop
115.     ;;
116.     *)
117.         echo ""
118.         echo "Usage: $MYNAME start|stop"
119.         echo ""
120.         exit 1
121.     ;;
122. esac