Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- DEBUG=; set -x # uncomment/comment to enable/disable debug mode
- # name: ddwrt-ovpn-client-watchdog.sh
- # version: 2.0.2, 24-jul-2022, by eibgrad
- # purpose: (re)start failed/stopped/unresponsive openvpn client
- # script type: wanup (autostart)
- # installation:
- # 1. enable jffs2 (administration->jffs2)
- # 2. enable syslogd (services->services->system log)
- # 3. use shell (telnet/ssh) to execute one of the following commands:
- # curl -kLs bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
- # or
- # wget -qO - bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
- # 4. (optional): use vi editor to modify options:
- # vi /jffs/etc/config/ddwrt-ovpn-client-watchdog.wanup
- # 5. reboot
- (
- # ------------------------------ BEGIN OPTIONS ------------------------------- #
- # time (in secs) between checks for failed/stopped/unresponsive openvpn clients
- INTERVAL=60
- # internet host used for ping checks
- PING_HOST='8.8.8.8'
- # time (in secs) between ping checks
- PING_INTERVAL=10
- # maxmium number of ping checks before being considered a failure
- PING_MAXTRY=3 # (3 recommended, 0 disables ping checks)
- # ------------------------------- END OPTIONS -------------------------------- #
- # ---------------------- DO NOT CHANGE BELOW THIS LINE ----------------------- #
- WAN_IF="$(ip route | awk '/^default/{print $NF}')"
- OVPN_CONF='/tmp/openvpncl/openvpn.conf'
- # function _ping()
- _ping() {
- [ $PING_MAXTRY -gt 0 ] || return 0
- local i=1
- local dev="$(grep '^dev\s' $OVPN_CONF | tail -1 | awk '{print $2}')"
- # it's best to check multiple times to prevent false negatives
- while :; do
- ping -qc1 -W3 -I $dev $PING_HOST &>/dev/null && return 0
- [ $(( i++ )) -ge $PING_MAXTRY ] && break || sleep $PING_INTERVAL
- done
- return 1
- }
- # reject uninitialized wan and additional instances
- { [ "$WAN_IF" ] && mkdir /tmp/$(basename $0 .wanup).lock &>/dev/null; } || exit 0
- # wait for *reliable* internet connection
- until ping -qc1 -W3 -I $WAN_IF $PING_HOST &>/dev/null; do sleep 10; done
- while sleep $INTERVAL; do
- # openvpn client must be enabled
- [ "$(nvram get openvpncl_enable)" != '0' ] || continue
- # check for failed connection or unresponsive tunnel
- ps | grep -q [o]penvpncl && _ping && continue
- # fall-through means failure; restart the openvpn client
- openvpn --config $OVPN_CONF --daemon
- echo "openvpn client (re)started @ $(date)"
- done
- ) 2>&1 | logger -p user.$([ ${DEBUG+x} ] && echo 'debug' || echo 'notice') \
- -t $(echo $(basename $0) | grep -Eo '^.{0,23}')[$$] &
Add Comment
Please, Sign In to add comment