Script to beep on IPSEC fail



  • First of all, I am using pfsense version 2.0-RELEASE (i386).

    I have a number of pfsense boxes that all connect to a main box via IPSEC. However, due to either power failure to the pfsense boxes or ISP equipment failure, occasionally I lose the connection to the remote boxes.

    I want a script to load on startup that will run in the background continually checking the status of the VPN, and beep the system bell continually on fail until the connection comes back up. Now, I've narrowed down that the web GUI does this with a php function: "ipsec_phase2_status". In this function, I am pretty sure the relevant section of code is:

    
    if( ipsec_lookup_ipsec_sa($spd,$sad,"out",$loc_ip,$rmt_ip,$loc_id,$rmt_id) &&
    		ipsec_lookup_ipsec_sa($spd,$sad,"in",$rmt_ip,$loc_ip,$rmt_id,$loc_id))
    		return true;
    
    	return false;
    
    

    What I want to do is use the beep command in "beep.sh" (namely "/usr/local/bin/beep") in a script.

    How can I go about using the PHP function that already exists to check the IPSEC connection? Should I use a bash (shell) script, or a php script?



  • Ok, I got some more details figured out.

    I have a php script which I can execute (and it even beeps!) in "/usr/local/bin". However, I have no clue on how to use the aforementioned IPSEC check functions. I plan on just adding this script as a cron job.

    I know I can't just include relevant files, because they use GUI code.

    What are the relevant files that I will need to do this checking? I know "diag_ipsec.php" will be needed, but what others? Do I need "ipsec.inc"?



  • I decided to use a ping script to do this instead.


Log in to reply