<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Kleines Update V0.11:<br>
- 2 fach Ping aus Stabilitätsgründen<br>
- Status ins Syslog<br>
- Kommentarzeilen entfernt<br>
<br>
----------------<br>
<tt>#!/bin/bash</tt><tt><br>
</tt><tt><br>
</tt><tt>IF="tun0" # Interface used for ping</tt><tt><br>
</tt><tt>ping1_target="8.8.8.8" # IP no. 1 used for ping</tt><tt><br>
</tt><tt>ping2_target="82.165.229.31" # IP no. 2 used for ping</tt><tt><br>
</tt><tt>ping_intervall="5" # waiting time in-between two
pings</tt><tt><br>
</tt><tt>switchback_intervall="1000" # waiting time for interface
to recover before probing again </tt><tt><br>
</tt><tt>tunnel_grace="10" # waiting time to allow for
tunnel restart</tt><tt><br>
</tt><tt><br>
</tt><tt>openvpn_stop-cmd () { # command used disabling
tunnel</tt><tt><br>
</tt><tt> service openvpn stop # ubuntu</tt><tt><br>
</tt><tt> #/etc/init.d/openvpn stop # debian</tt><tt><br>
</tt><tt> #killall openvpn # hardcore</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>openvpn_start-cmd () { # command used enabling
tunnel</tt><tt><br>
</tt><tt> service openvpn start # ubuntu</tt><tt><br>
</tt><tt> #/etc/init.d/openvpn start # debian</tt><tt><br>
</tt><tt> #openvpn /etc/openvpn/*.conf & # hardcore</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>ping1 () {</tt><tt><br>
</tt><tt># echo "ping -q -c1 ${ping1_target} -I $IF"</tt><tt><br>
</tt><tt> ping -q -c 1 ${ping1_target} -I $IF >> /dev/null</tt><tt><br>
</tt><tt> ping1_ExitCode=$?</tt><tt><br>
</tt><tt># echo "Exit Status: ${ping1_ExitCode}"</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>ping2 () {</tt><tt><br>
</tt><tt># echo "ping -q -c1 ${ping2_target} -I $IF"</tt><tt><br>
</tt><tt> ping -q -c 1 ${ping2_target} -I $IF >> /dev/null</tt><tt><br>
</tt><tt> ping2_ExitCode=$?</tt><tt><br>
</tt><tt># echo "Exit Status: ${ping2_ExitCode}"</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt><br>
</tt><tt>while true</tt><tt><br>
</tt><tt>do</tt><tt><br>
</tt><tt> ping1</tt><tt><br>
</tt><tt> ping2</tt><tt><br>
</tt><tt> if ([[ ${ping1_ExitCode} -eq 0 ]] || [[ ${ping2_ExitCode}
-eq 0 ]]); then</tt><tt><br>
</tt><tt># echo "${ping_target} reached via $IF"</tt><tt><br>
</tt><tt> sleep ${ping_intervall}</tt><tt><br>
</tt><tt> else</tt><tt><br>
</tt><tt> logger -t "OPENVPN Monitoring:" "${ping1_target}
and ${ping2_target} not reached via $IF. Stopping interface $IF."</tt><tt><br>
</tt><tt> openvpn_stop-cmd</tt><tt><br>
</tt><tt> sleep ${switchback_intervall}</tt><tt><br>
</tt><tt> logger -t "OPENVPN Monitoring:" "Restoring $IF to
probe for recovery."</tt><tt><br>
</tt><tt> openvpn_start-cmd</tt><tt><br>
</tt><tt> sleep ${tunnel_grace}</tt><tt><br>
</tt><tt> fi</tt><tt><br>
</tt><tt>done</tt><tt><br>
</tt><br>
<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 13.10.2015 17:41, Tom Green wrote:<br>
</div>
<blockquote cite="mid:561D262C.6070508@gmx.de" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
Hallo Zusammen,<br>
<br>
Anbei ein erster Rohentwurf für ein Skript, dass den VPN-Tunnel
vom Gateway ins Internet überwacht. Der Tunnel wird, falls nicht
pingbar, deaktiviert, um olsr über das dynamic gw plugin ein
Re-Routing zu ermöglichen. Nach einer gewissen Zeit, wird der
Tunnel wieder aufgebaut und wieder auf Funktion überprüft.<br>
<br>
Das Skript ist -wie bei mir üblich- sehr einfach gehalten:<br>
- Über den Tunnel wird 8.8.8.8 gepingt<br>
- Wenn ping erfolgreich -> Warte 5 Sekunden<br>
- Wenn ping nicht erfolgreich -> Baue Tunnel ab -> warte
1000 Sekunden -> Baue Tunnel wieder auf -> Warte 5 Sekunden
auf Tunnelaufbau<br>
<br>
Danach wird in einer Endlosschleife erneut gepingt / beprobt. Das
Spiel beginnt jedesmal von vorne.<br>
<br>
Als Diskussionsgrundlage.<br>
<br>
Gruß<br>
Torben<br>
<br>
<font color="#3366ff">monitor_ovpn-tun.sh:</font><br>
<tt>#!/bin/bash</tt><tt><br>
</tt><tt><br>
</tt><tt>IF="tun0" # Interface used for ping</tt><tt><br>
</tt><tt>ping_target="8.8.8.8" # IP used for ping</tt><tt><br>
</tt><tt>ping_intervall="5" # waiting time in-between two
pings</tt><tt><br>
</tt><tt>switchback_intervall="1000" # waiting time for interface
to recover before probing again </tt><tt><br>
</tt><tt>tunnel_grace="5" # waiting time to allow for
tunnel restart</tt><tt><br>
</tt><tt><br>
</tt><tt>openvpn_stop-cmd () { # command used
disabling tunnel</tt><tt><br>
</tt><tt> service openvpn stop # ubuntu</tt><tt><br>
</tt><tt> #/etc/init.d/openvpn stop # debian</tt><tt><br>
</tt><tt> #killall openvpn # hardcore</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>openvpn_start-cmd () { # command used
enabling tunnel</tt><tt><br>
</tt><tt> service openvpn start # ubuntu</tt><tt><br>
</tt><tt> #/etc/init.d/openvpn start # debian</tt><tt><br>
</tt><tt> #openvpn /etc/openvpn/*.conf & # hardcore</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>Geben-Sie-mir-ein-Ping-Vassil () {</tt><tt><br>
</tt><tt># echo "ping -q -c1 ${ping_target} -I $IF"</tt><tt><br>
</tt><tt> ping -q -c 1 ${ping_target} -I $IF >> /dev/null</tt><tt><br>
</tt><tt> ping_ExitCode=$?</tt><tt><br>
</tt><tt># echo "Exit Status: ${ping_ExitCode}"</tt><tt><br>
</tt><tt>}</tt><tt><br>
</tt><tt><br>
</tt><tt>while true</tt><tt><br>
</tt><tt>do</tt><tt><br>
</tt><tt> Geben-Sie-mir-ein-Ping-Vassil</tt><tt><br>
</tt><tt> if [ ${ping_ExitCode} -eq 0 ]; then</tt><tt><br>
</tt><tt># echo "${ping_target} reached via $IF"</tt><tt><br>
</tt><tt> sleep ${ping_intervall}</tt><tt><br>
</tt><tt> else</tt><tt><br>
</tt><tt> echo "${ping_target} not reached via $IF.
Stopping interface $IF."</tt><tt><br>
</tt><tt> # defaultroute = $(ip route show table fff |
grep default | grep $IF)</tt><tt><br>
</tt><tt> # ip delete $defaultroute</tt><tt><br>
</tt><tt> openvpn_stop-cmd</tt><tt><br>
</tt><tt> sleep ${switchback_intervall}</tt><tt><br>
</tt><tt> echo "Restoring $IF to probe for recovery."</tt><tt><br>
</tt><tt> openvpn_start-cmd</tt><tt><br>
</tt><tt> sleep ${tunnel_grace}</tt><tt><br>
</tt><tt> fi</tt><tt><br>
</tt><tt>done</tt><br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>