Trying to create a openVPN monitoring script SOLVED
Hey all, long time open source Linux user, and Linux admin, first time poster.
I am trying to create a monitoring script for my outbound openVPN client that drops like twice a week. I have to constantly start it again,
With DD-WRT I created a shell script that pinged the VPN gateway provider and took corrective action as needed and logged all it's activity.
Would like to do the same thing with a cronjob but I can't see the vpn process running or how to start it via the Command Line.
ps -aux | grep -i vpn shows nothing.
With DD-WRT I could start it via command line and the GUI picked up the change no problem, can this be done? All I need is the ability to start the VPN via command line.
I figured this out.
Using php to restart openvpn wasn't expected and explains why I couldn't find it in the process list.
I wrote a quick script that checks your gateway provider IP and cycles VPN services upon 3 consecutive failures. I did some basic testing and it's working.
I am posting my script for others. It requires creating php script called pfsenceVPNrestart.php to cycle OpenVPN services. The script is called by the main script VPNCheck.sh you would enter as a cron job. Rename the file extensions so they are not .txt
You need to run netstat -r to try and find your VPN gateway IP address of your VPN provider and use it as a script parameter to my script.
Be sure to make them both executable with a chmod +x /root/scriptname command.
I didn't create that much input validation or safety checks so use at your own risk, perhaps I will later. I am also not fluent with pfsence and some of the changes I had to make to the shell script due to syntax was a little new to me. Linux veteran, pfsence noob here. Any veterans see issues with the shell code here, just feel free to edit it and share. The script outputs 1 to 4 lines to /tmp/VPNCheckLog each run to check up on what it's been doing.
An example of a cron job that runs every 4 hours would be like this substituting for your own IP address vpn gateway of course.
#VPN monitoring script
0 0,4,8,12,16,20 * * * /root/VPNCheck.sh 188.8.131.52
I see this is a busy forum with more people that need help compared to those available to provide it. Here's my small contribution should it be helpful.
Update, had to update the VPNcheck.txt file due lazy scripting and not being familiar with pfsence :P. Script wouldn't run correctly via cron prior to the update. Manual script run was fine.
TomT last edited by
Are these scripts available anywhere ?
Randall526 last edited by Randall526
I see the attachment links are dead. I came here to get a copy of my old script having lost it myself and noticed the attachment links don't work.
I started using this.
I like how it uses native capabilities to restart openvpn client, I might add a for loop to this so it doesn't restart the vpn on a single failure later when I have time.