Trying to create a openVPN monitoring script SOLVED



  • Hey all, long time open source Linux user, and Linux admin, first time poster.

    I am trying to create a monitoring script for my outbound openVPN client that drops like twice a week.  I have to constantly start it again,

    With DD-WRT I created a shell script that pinged the VPN gateway provider and took corrective action as needed and logged all it's activity.

    Would like to do the same thing with a cronjob but I can't see the vpn process running or how to start it via the Command Line.

    ps -aux | grep -i vpn shows nothing.

    With DD-WRT I could start it via command line and the GUI picked up the change no problem, can this be done?  All I need is the ability to start the VPN via command line.



  • I figured this out.

    Using php to restart openvpn wasn't expected and explains why I couldn't find it in the process list.

    I wrote a quick script that checks your gateway provider IP and cycles VPN services upon 3 consecutive failures.  I did some basic testing and it's working.

    I am posting my script for others.  It requires creating php script called pfsenceVPNrestart.php to cycle OpenVPN services.  The script is called by the main script VPNCheck.sh you would enter as a cron job.  Rename the file extensions so they are not .txt

    You need to run netstat -r to try and find your VPN gateway IP address of your VPN provider and use it as a script parameter to my script.

    Be sure to make them both executable with a chmod +x /root/scriptname command.

    I didn't create that much input validation or safety checks so use at your own risk, perhaps I will later.  I am also not fluent with pfsence and some of the changes I had to make to the shell script due to syntax was a little new to me.  Linux veteran, pfsence noob here.  Any veterans see issues with the shell code here, just feel free to edit it and share.  The script outputs 1 to 4 lines to /tmp/VPNCheckLog each run to check up on what it's been doing.

    An example of a cron job that runs every 4 hours would be like this substituting for your own IP address vpn gateway of course.

    #VPN monitoring script
    0 0,4,8,12,16,20 * * * /root/VPNCheck.sh 9.9.9.9

    I see this is a busy forum with more people that need help compared to those available to provide it.  Here's my small contribution should it be helpful.

    pfsenceVPNrestart.txt
    VPNCheck.txt



  • Update, had to update the VPNcheck.txt file due lazy scripting and not being familiar with pfsence :P.  Script wouldn't run correctly via cron prior to the update.  Manual script run was fine.



  • Are these scripts available anywhere ?
    Thanks



  • I see the attachment links are dead. I came here to get a copy of my old script having lost it myself and noticed the attachment links don't work.

    I started using this.

    https://www.foxypossibilities.com/2018/05/23/reestablish-pfsense-openvpn-clients-with-cron/

    I like how it uses native capabilities to restart openvpn client, I might add a for loop to this so it doesn't restart the vpn on a single failure later when I have time.