Help with script for single DHCP WAN IP in HA pair



  • I have been working on a script to automatically enable or disable the WAN interface based on which device, in a pair, has the Master for CARP on the LAN interface. Running the script manually on both devices works great. I have even added it to the "/usr/local/etc/rc.d/" directory for it to start at boot and it works just fine. However, where the problem is, is for reboots and shutdowns. The script won't stop and hangs the reboot process until I kill the PIDs.

    [root@pfSense-a ~]# ps ww -a -U root | grep carp.sh
    20400 - I 0:00.01 /usr/local/bin/bash /usr/local/etc/rc.d/carp.sh start
    56442 - S 0:00.27 /usr/local/bin/bash /usr/local/etc/rc.d/carp.sh start
    66862 - S 0:00.00 /usr/local/bin/bash /usr/local/etc/rc.d/carp.sh stop
    85966 - S 0:00.01 /usr/local/bin/bash /usr/local/etc/rc.d/carp.sh stop
    87118 0 S+ 0:00.00 grep carp.sh
    [root@pfSense-a ~]# kill 20400 56442 66862 85966
    [root@pfSense-a ~]# Connection to 192.168.2.2 closed by remote host.

    More background info: This is for Comcast residential internet and I have set both WAN interfaces to have the same MAC Masquerade address so that the WAN DHCP remains the same.

    Through some searching, I think my problem is that I don't have it configured correctly to run as a daemon. Everything that pops up is for "sh" shell and not bash. I am more familiar with bash that's why I used it. Anyone know how to reconfigure this so it will shutdown properly when it is being started from rc.d? Or even rewrite it for "sh"?

    A couple notes about the script:

    1. I created another log file so that the script doesn't have to evaluate every new log in system.log. Plus, it made my 2nd note easier.
    2. The "sleep" command is inserted so that when the script is initially started, there is a few seconds wait so that it reduces the chance of interface flapping if there are several carp entries in the system.log. In a lab/testing environment, there can easily be 20.
    3. I have already been told by a co-worker that the syntax I use is a little bit odd, but, it does work.
    4. This is on pfSense 2.4.4-p3.
    5. In the logger commands, I added "carp.sh" so I could easily filter the entries with grep.

    Here is the script:

    #!/usr/local/bin/bash
    logLocation1="/var/log/system.log"
    logLocation2="/var/log/carp.log"
    wan=vtnet0
    clog -f $logLocation1 | grep --line-buffered 'carp:' > $logLocation2 & sleep 3 ; tail -f -n1 $logLocation2 | while read line;do
    if [[ $line = *"-> MASTER"* ]]; then
            logger "carp.sh Going Master";
            status=$(ifconfig $wan | grep BROADCAST)
            if [[ $status = *"UP"* ]]; then
                    logger "carp.sh WAN interface $wan is already UP";
            else
                    logger "carp.sh WAN interface $wan is DOWN enabling $wan"
                    ifconfig $wan up
            fi
    else if [[ $line = *"-> BACKUP"* ]]; then
            logger "carp.sh Going Backup";
            status=$(ifconfig $wan | grep BROADCAST)
            if [[ $status = *"UP"* ]]; then
                    logger "carp.sh WAN interface $wan is UP, disabling"
                    ifconfig $wan down;
            else
                    logger "carp.sh WAN interface $wan is already DOWN"
            fi
    else
    	logger "carp.sh nothing to do"
    fi
    fi
    done
    

Log in to reply