Trying to create a openVPN monitoring script SOLVED
-
Hey all, long time open source Linux user, and Linux admin, first time poster.
I am trying to create a monitoring script for my outbound openVPN client that drops like twice a week. I have to constantly start it again,
With DD-WRT I created a shell script that pinged the VPN gateway provider and took corrective action as needed and logged all it's activity.
Would like to do the same thing with a cronjob but I can't see the vpn process running or how to start it via the Command Line.
ps -aux | grep -i vpn shows nothing.
With DD-WRT I could start it via command line and the GUI picked up the change no problem, can this be done? All I need is the ability to start the VPN via command line.
-
I figured this out.
Using php to restart openvpn wasn't expected and explains why I couldn't find it in the process list.
I wrote a quick script that checks your gateway provider IP and cycles VPN services upon 3 consecutive failures. I did some basic testing and it's working.
I am posting my script for others. It requires creating php script called pfsenceVPNrestart.php to cycle OpenVPN services. The script is called by the main script VPNCheck.sh you would enter as a cron job. Rename the file extensions so they are not .txt
You need to run netstat -r to try and find your VPN gateway IP address of your VPN provider and use it as a script parameter to my script.
Be sure to make them both executable with a chmod +x /root/scriptname command.
I didn't create that much input validation or safety checks so use at your own risk, perhaps I will later. I am also not fluent with pfsence and some of the changes I had to make to the shell script due to syntax was a little new to me. Linux veteran, pfsence noob here. Any veterans see issues with the shell code here, just feel free to edit it and share. The script outputs 1 to 4 lines to /tmp/VPNCheckLog each run to check up on what it's been doing.
An example of a cron job that runs every 4 hours would be like this substituting for your own IP address vpn gateway of course.
#VPN monitoring script
0 0,4,8,12,16,20 * * * /root/VPNCheck.sh 9.9.9.9I see this is a busy forum with more people that need help compared to those available to provide it. Here's my small contribution should it be helpful.
-
Update, had to update the VPNcheck.txt file due lazy scripting and not being familiar with pfsence :P. Script wouldn't run correctly via cron prior to the update. Manual script run was fine.
-
Are these scripts available anywhere ?
Thanks -
I see the attachment links are dead. I came here to get a copy of my old script having lost it myself and noticed the attachment links don't work.
I started using this.
https://www.foxypossibilities.com/2018/05/23/reestablish-pfsense-openvpn-clients-with-cron/
I like how it uses native capabilities to restart openvpn client, I might add a for loop to this so it doesn't restart the vpn on a single failure later when I have time.