Script to email a notification in case of failover.

adityanag · May 18, 2010, 5:55 AM

Hi,

I've got PFsense working well with two WAN connections to different ISPs. Failover and load balancing are working perfectly.

Now, my problem is that one of the WAN connections is only 1/4th of the speed of the other. When the primary goes down, and PFsense switches to the secondary, the net slows way down for the 50-odd clients behind the firewall. We then have to go into PFsense and check the status page to see that it's using the secondary, and then tell people to only use essential websites.

What I'd like to do is setup an automatic notification that emails an admin when Pfsense detects a failover. And when the primary ISP is back, another email goes out notifying us of that. I thought of the following:

Ping the primary ISPs gateway every 30 seconds and email if ping fails.

This doesn't work because the primary ISPs gateway replies to a ping even from other networks; it's not a private gateway.

Alternatively,

Get the default gateway from the pfsense machine every 30 seconds, and if it is a 51.xx.xx.xx (secondary ISP), then send out an email.

I'm not very good with scripting, so if someone could help me out, I'd be grateful. Not a total noob with scripts, but just don't do it very often. Also, any help with the best method to achieve what I want would be great.

Gloom · May 18, 2010, 9:41 AM

This is more the sort of thing you get a syslog server to do. Just setup pfsense to log to a remote syslog server and set the server to alert via mail when it receives a fail-over event. It has the advantage of storing logs off the firewall as well so you can inspect them in the event of a serious problem.
Nagios can also be used for this role and the plugin is an available port. If you add the Firefox plugin into the mix there is no way you'll miss it failing.

adityanag · May 18, 2010, 9:49 AM

Hmm, that's an interesting solution.

However, for this particular site, it won't work, since I can't setup another server for various reasons (cost, no other machines, management reluctance, etc etc.. you know how it goes). That's why the script has to run on the pfsense server.

Still, thank you for giving me this idea; I hadn't thought of this, and it'll make sense to deploy at larger sites where we are already running syslog servers.

BTW, by Firefox plugin, I assume you mean Nagios Checker? Or something else?

Gloom · May 18, 2010, 11:27 AM

Yes the Nagios checker, it makes enough noise to wake the dead.

As syslog wont work for you I'll see if I can think of a scripted approach. apinger springs to mind but that needs some sort of local mail system and I've no access to a v2 system at the moment to fiddle.

jimp · May 18, 2010, 1:54 PM

2.0 includes e-mail notification support, but I don't think anything hooks into that except for system alerts.

You might be able to rig up something that generates a system alert when a WAN fails, which would trigger the internal notification system.