API tools faq
paste
eibgrad

ddwrt-ovpn-client-watchdog.sh

eibgrad
Apr 10th, 2021 (edited)
681
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.62 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. DEBUG=; set -x # uncomment/comment to enable/disable debug mode
  3.  
  4. #          name: ddwrt-ovpn-client-watchdog.sh
  5. #       version: 2.0.2, 24-jul-2022, by eibgrad
  6. #       purpose: (re)start failed/stopped/unresponsive openvpn client
  7. #   script type: wanup (autostart)
  8. #  installation:
  9. #    1. enable jffs2 (administration->jffs2)
  10. #    2. enable syslogd (services->services->system log)
  11. #    3. use shell (telnet/ssh) to execute one of the following commands:
  12. #         curl -kLs bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
  13. #       or
  14. #         wget -qO - bit.ly/ddwrt-installer|tr -d '\r'|sh -s -- iNC273ER wanup
  15. #    4. (optional): use vi editor to modify options:
  16. #         vi /jffs/etc/config/ddwrt-ovpn-client-watchdog.wanup
  17. #    5. reboot
  18. (
  19. # ------------------------------ BEGIN OPTIONS ------------------------------- #
  20.  
  21. # time (in secs) between checks for failed/stopped/unresponsive openvpn clients
  22. INTERVAL=60
  23.  
  24. # internet host used for ping checks
  25. PING_HOST='8.8.8.8'
  26.  
  27. # time (in secs) between ping checks
  28. PING_INTERVAL=10
  29.  
  30. # maxmium number of ping checks before being considered a failure
  31. PING_MAXTRY=3 # (3 recommended, 0 disables ping checks)
  32.  
  33. # ------------------------------- END OPTIONS -------------------------------- #
  34.  
  35. # ---------------------- DO NOT CHANGE BELOW THIS LINE ----------------------- #
  36.  
  37. WAN_IF="$(ip route | awk '/^default/{print $NF}')"
  38. OVPN_CONF='/tmp/openvpncl/openvpn.conf'
  39.  
  40. # function _ping()
  41. _ping() {
  42.     [ $PING_MAXTRY -gt 0 ] || return 0
  43.  
  44.     local i=1
  45.     local dev="$(grep '^dev\s' $OVPN_CONF | tail -1 | awk '{print $2}')"
  46.  
  47.     # it's best to check multiple times to prevent false negatives
  48.     while :; do
  49.         ping -qc1 -W3 -I $dev $PING_HOST &>/dev/null && return 0
  50.         [ $(( i++ )) -ge $PING_MAXTRY ] && break || sleep $PING_INTERVAL
  51.     done
  52.  
  53.     return 1
  54. }
  55.  
  56. # reject uninitialized wan and additional instances
  57. { [ "$WAN_IF" ] && mkdir /tmp/$(basename $0 .wanup).lock &>/dev/null; } || exit 0
  58.  
  59. # wait for *reliable* internet connection
  60. until ping -qc1 -W3 -I $WAN_IF $PING_HOST &>/dev/null; do sleep 10; done
  61.  
  62. while sleep $INTERVAL; do
  63.     # openvpn client must be enabled
  64.     [ "$(nvram get openvpncl_enable)" != '0' ] || continue
  65.  
  66.     # check for failed connection or unresponsive tunnel
  67.     ps | grep -q [o]penvpncl && _ping && continue
  68.  
  69.     # fall-through means failure; restart the openvpn client
  70.     openvpn --config $OVPN_CONF --daemon
  71.     echo "openvpn client (re)started @ $(date)"
  72. done
  73.  
  74. ) 2>&1 | logger -p user.$([ ${DEBUG+x} ] && echo 'debug' || echo 'notice') \
  75.     -t $(echo $(basename $0) | grep -Eo '^.{0,23}')[$$] &
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!