eibgrad

ddwrt-ovpn-watchdog.sh

Apr 10th, 2021 (edited)
459
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. DEBUG=; set -x # uncomment/comment to enable/disable debug mode
  3.  
  4. #          name: ddwrt-ovpn-watchdog.sh
  5. #       version: 2.0.1, 03-feb-2022, by eibgrad
  6. #       purpose: (re)start failed/stopped/unresponsive openvpn client
  7. #   script type: wanup (autostart)
  8. #  installation:
  9. #    1. enable jffs2 (administration->jffs2)
  10. #    2. enable syslogd (services->services->system log)
  11. #    3. use shell (telnet/ssh) to execute one of the following commands:
  12. #         curl -kLs bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
  13. #       or
  14. #         wget -qO - bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
  15. #    4. (optional): use vi editor to modify options:
  16. #         vi /jffs/etc/config/ddwrt-ovpn-watchdog.wanup
  17. #    5. reboot
  18. (
  19. # ------------------------------ BEGIN OPTIONS ------------------------------- #
  20.  
  21. # time (in secs) between checks for failed/stopped/unresponsive openvpn clients
  22. INTERVAL=60
  23.  
  24. # internet host used for ping checks
  25. PING_HOST='8.8.8.8'
  26.  
  27. # time (in secs) between ping checks
  28. PING_INTERVAL=10
  29.  
  30. # maxmium number of ping checks before being considered a failure
  31. PING_MAXTRY=3 # (3 recommended, 0 disables ping checks)
  32.  
  33. # ------------------------------- END OPTIONS -------------------------------- #
  34.  
  35. # ---------------------- DO NOT CHANGE BELOW THIS LINE ----------------------- #
  36.  
  37. WAN_IF="$(ip route | awk '/^default/{print $NF}')"
  38. OVPN_CONF='/tmp/openvpncl/openvpn.conf'
  39.  
  40. # function _ping()
  41. _ping() {
  42.     [ $PING_MAXTRY -gt 0 ] || return 0
  43.  
  44.     local i=1
  45.     local dev="$(grep '^dev\s' $OVPN_CONF | tail -1 | awk '{print $2}')"
  46.  
  47.     # it's best to check multiple times to prevent false negatives
  48.     while :; do
  49.         ping -qc1 -W3 -I $dev $PING_HOST &>/dev/null && return 0
  50.         [ $(( i++ )) -ge $PING_MAXTRY ] && break || sleep $PING_INTERVAL
  51.     done
  52.  
  53.     return 1
  54. }
  55.  
  56. # reject uninitialized wan and additional instances
  57. { [ "$WAN_IF" ] && mkdir /tmp/$(basename $0 .wanup).lock &>/dev/null; } || exit 0
  58.  
  59. # wait for *reliable* internet connection
  60. until ping -qc1 -W3 -I $WAN_IF $PING_HOST &>/dev/null; do sleep 10; done
  61.  
  62. while sleep $INTERVAL; do
  63.     # openvpn client must be enabled
  64.     [ "$(nvram get openvpncl_enable)" != '0' ] || continue
  65.  
  66.     # check for failed connection or unresponsive tunnel
  67.     ps | grep -q [o]penvpncl && _ping && continue
  68.  
  69.     # fall-through means failure; restart the openvpn client
  70.     openvpn --config $OVPN_CONF --daemon
  71.     echo "openvpn client (re)started @ $(date)"
  72. done
  73.  
  74. ) 2>&1 | logger -p user.$([ ${DEBUG+x} ] && echo 'debug' || echo 'notice') \
  75.     -t $(echo $(basename $0) | grep -Eo '^.{0,23}')[$$] &
RAW Paste Data Copied