#! /bin/sh# Simple Script to start and monitor an OpenVpn Connection# Feel fr

1. #! /bin/sh
2. # Simple Script to start and monitor an OpenVpn Connection
3. # Feel free to Fork, Edit, Optimize....
4. # Usefull command to check the VPN connection
5. # watch -n 10 'traceroute -m 2 www.yahoo.com'
6. # watch -n 10 'dig +short myip.opendns.com @resolver2.opendns.com'
7.  
8. #SLEEPTIME is the amount to wait between check
9. SLEEPTIME=5m
10. PUBLICIPTOHIDE="176.141."
11.  
12. # Helper to direcly log message to console and log file
13. function log()
14. {
15. #TODO : see if we can optimize this function
16. LOGDIRECTORY=/var/log/openvpn/client
17. LOGFILE="/var/log/openvpn/client-$(date +%Y-%m).log"
18. STRLINE="$(date "+%a %b %d %H:%M:%S %Y ") $1"
19. echo $STRLINE & echo $STRLINE >> $LOGFILE
20. chmod 666 $LOGFILE
21. }
22.  
23. # Function that start the OpenVpn Connection
24. function startconn()
25. {
26. STR="OPENVPN CONNECTION Started at $(date +%Y-%m-%d-%k-%M-%S)"
27. log "$STR"
28. #openvpn --config /etc/openvpn/client/client.conf --daemon --ca /etc/openvpn/client/ca.crt --tls-auth /etc/openvpn/client/Wdc.key --auth-user-pass /etc/openvpn/client
29. openvpn --daemon --config /etc/openvpn/client/client.conf --ca /etc/openvpn/client/ca.crt --tls-auth /etc/openvpn/client/Wdc.key --auth-user-pass /etc/openvpn/client/auth.txt --script-security 2 --route-up "/bin/sh /etc/openvpn/vpn-up.sh" --down "/bin/sh /etc/openvpn/vpn-down.sh" --verb 3 --log-append $LOGFILE --mute 100000
30. }
31.  
32. #function that stop all the OpenVpn Connection
33. function stopconn()
34. {
35. killall -w openvpn
36. STR="OPENVPN CONNECTION Closed at $(date +%Y-%m-%d-%k-%M-%S)"
37. log "$STR"
38. }
39.  
40. #Function for trapping the end signal
41. function trap_finish {
42. log "Exit signal received..."
43. stopconn
44. }
45. trap trap_finish EXIT
46.  
47.  
48. #Check if a string $2 is a substring of another string $1
49. #Return 1 if $2 is found in $1, 0 if not found
50. function is_substring()
51. {
52. my_string=$1
53. substring=$2
54. STRFOUND=0
55. if [ "${my_string/$substring}" = "$my_string" ] ; then
56. #echo "DEBUG-[${substring}] is not in [${my_string}]"
57. STRFOUND=0
58. else
59. #echo "DEBUG-[${substring}] was found in [${my_string}]"
60. STRFOUND=1
61. fi
62.  
63. #echo "DEBUG-STRFOUND=$STRFOUND"
64. return $STRFOUND
65. }
66.  
67. #Function that test if the VPN connection is UP and if the Public IP is hidden
68. #Return values :
69. # 0 public ip is hidden
70. # 1 public ip is not hidden
71. # 2 not enable to get external ip
72. function checkvpnok()
73. {
74. RETURNVALUE=2
75. EXTERNALIP=$(dig +short myip.opendns.com @resolver1.opendns.com)
76. #log "IPTOHIDE=[$PUBLICIPTOHIDE] CURRENT PUBLIC=[$EXTERNALIP]"
77. if [ -z $EXTERNALIP ]
78. then
79. RETURNVALUE=2
80. log "CHECKVPNOK : ERROR (not able to get external IP )"
81. #return $RETURNVALUE
82. fi
83.  
84. is_substring $EXTERNALIP $PUBLICIPTOHIDE
85. IPFOUND=$?
86.  
87. #echo "DEBUG-IPFOUND=[$IPFOUND]"
88.  
89. if [ $IPFOUND == "1" ]
90. then
91. #echo "KO : Public IP is not hidden"
92. log "CHECKVPNOK : KO_PUBLIC_IP_NOT_HIDDEN (EXTERNALIP=[$EXTERNALIP] PUBLICIPTOHIDE=[$PUBLICIPTOHIDE])"
93. RETURNVALUE=1
94. else
95. #echo "OK : Public IP is hidden"
96. log "CHECKVPNOK : OK_PUBLIC_IP_HIDDEN (EXTERNALIP=[$EXTERNALIP] PUBLICIPTOHIDE=[$PUBLICIPTOHIDE])"
97. RETURNVALUE=0
98. fi
99.  
100. #echo "DEBUG-RETURNVALUE=$RETURNVALUE"
101. return $RETURNVALUE
102. }
103.  
104.  
105. #MAIN PROGRAM
106. echo "Simple script that start and monitor an OpenVpn connection endlessly"
107. echo "Hit [CTRL+C] to stop !"
108. killall -w openvpn
109.  
110. while true
111. do
112. checkvpnok
113. #if public IP is not hidden or if there is a problem on the connection, restarting the OpenVpn Client
114. PUBLICIPHIDDEN=$?
115. if [ $PUBLICIPHIDDEN == "1" ]
116. then
117. startconn
118. fi
119. #Waiting for sometime
120. sleep $SLEEPTIME
121. done
122.  
123. #Stopping connections before exiting
124. stopconn
125.  
126. exit 0