Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CRON doesn't run my script

    Scheduled Pinned Locked Moved pfSense Packages
    7 Posts 2 Posters 720 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      k23ahnka
      last edited by

      I have the following script:

      it reconnects a vpn connection.

      #!/usr/bin/env bash
      SHELL=/bin/sh
      PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin/
      _scriptname="pfsense-vpnreset"
      set -u
      set -e
      
      function printusage
      {
      cat - >&2 <<EOF
      
      Description:
        Resets a pfSense VPN client connection
      
      Usage: ${_scriptname} <host> <vpnname>
        host: The name of the pfSense host. Consider using an IP address here if DNS depends on the VPN
        vpnname: The name of the VPN connection, as shown in the web interface "OpenVPN: Client" description field.
      		   The description field is also used to find IPSec connections.   
      		   You can put the vpnname in quotes if you need spaces.
      
      EOF
      }
      
      if (($# != 2)); then
      	printusage
      	exit $(($# == 0 ? 0 : 1))
      fi
      
      host=$1
      shift
      vpnname=$1
      shift
      
      script=$(
      	sed "s/<VPNNAME>/${vpnname}/g" <<-"EOF"
      		<?php
      			# Preload
      			require_once('service-utils.inc');
      			require_once("ipsec.inc");
      
      			# Init
      			function fubar($reason) {print $reason . "\n"; exit(1);}
      			$xml=simplexml_load_file("/cf/conf/config.xml") or fubar("Error: Cannot load config.xml");
      			$found = false;
      
      			# IPsec
      			foreach($xml->ipsec->{'phase1'} as $vpn) {
      				$desc = html_entity_decode((string)$vpn->descr);
      				print "Found IPsec: $desc\n";
      				if (strcasecmp($desc, "VPN_LINK") != 0) continue;
      				if ($found) print "Warning: Multiple matching VPN connections\n";
      				$found = true;
      				print "Restarting VPN with ID " . $vpn->ikeid . "\n";
      
      				# code from /usr/local/www/status_ipsec.php ("ikedisconnect")
      				$_GET = array(ikeid => $vpn->ikeid . "000"); # wtf is up with the zeroes?
      				mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
      
      				# code from /usr/local/www/status_ipsec.php ("connect")
      				$_GET = array(ikeid => $vpn->ikeid);
      				$ph1ent = ipsec_get_phase1($_GET['ikeid']);
      				if (!empty($ph1ent)) {
      					if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1' || isset($ph1ent['splitconn'])) {
      						$ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']);
      						for ($i = 0; $i < $ph2entries; $i++) {
      							$connid = escapeshellarg("con{$_GET['ikeid']}00{$i}");
      							mwexec_bg("/usr/local/sbin/ipsec down {$connid}");
      							mwexec_bg("/usr/local/sbin/ipsec up {$connid}");
      						}
      					} else {
      						mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
      						mwexec_bg("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
      					}
      				}
      			}
      
      			# The End
      			if (!$found) fubar("Error: No VPN with the name '<VPNNAME>'");
      		?>
      	EOF
      )
      
      ssh "$host" /usr/local/bin/php -q <<<"$script"
      
      

      when i run it in the ssh command line :

       /usr/local/bin/php -q /usr/local/bin/pfsense-vpnreset
      

      it runs without an issue.

      However when I create

              • root php /usr/local/bin/pfsense-vpnreset

      nothing happens. my other cron jobs for dyndns.updates work without an issue.

      what am i doing wrong?

      i already tried:

      chmod +rx /usr/local/bin/pfsense-vpnreset 
      chmod a+x /usr/local/bin/pfsense-vpnreset 
      chmod 755 /usr/local/bin/pfsense-vpnreset
      
      

      without success.

      Also tried /usr/local/bin/php -q /usr/local/bin/pfsense-vpnreset as the command in cron job, also without success. what am i doing wrong?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Use the full path to PHP in the cron definition as you did on the CLI when testing it.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        K 1 Reply Last reply Reply Quote 0
        • K
          k23ahnka
          last edited by k23ahnka

          @jimp
          Sorry I didn't mention that I had done that already

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Actually I'm a bit blind apparently. The shell script you posted above is not PHP. It's just a plain shell script. I'm surprised that worked in the command prompt if you ran it through PHP.

            Just run it on its own without the extra PHP stuff in front of it.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • K
              k23ahnka @jimp
              last edited by

              @jimp

              Thanks for your reply. but when i run it with just /usr/local/bin/pfsense-vpnreset it's not working via cron. and when i run it as /usr/local/bin/pfsense-vpnreset in the console, it gives me 'function: not found' error.

              when i use bash infront so bash /usr/local/bin/pfsense-vpnreset, in the console, it throws _scriptname: unbound variable.

              something tells me it does need the php infront of it. or i need to do modifications in my script?

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                pfSense does not include the bash shell by default. If that isn't a plain sh script, then you have to install bash and explicitly run it through bash. For example, pkg install -y bash and then change the shabang line to #!/usr/local/bin/bash.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                K 1 Reply Last reply Reply Quote 1
                • K
                  k23ahnka @jimp
                  last edited by

                  This post is deleted!
                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.