Auto DHCP on WAN not working when ISP WAN DCHP renews on PFsense 2.1
-
All,
I kept having issues with PFsense 2.1 when my ISP would renew the DHCP WAN IP of the my cable modem. The only way I was finding to correct this was rebooting the Pfsense machine when this would happen weekly. I was exploring other options and came across the shell script in the following link (https://forum.pfsense.org/index.php?topic=51786.0). I implemented the script as described and uncommented the ping lines to see if the log file would generate when the crontabs packaged had it scheduled, but it seemed to not be running. Then I tried to trigger it from the command line and got the following error output._sh -n -v /usr/local/bin/pingtest.sh
#!/bin/sh#=====================================================================
pingtest.sh, v1.0.1
Created 2009 by Bennett Lee
Released to public domain
(1) Attempts to ping several hosts to test connectivity. After
# first successful ping, script exits.
(2) If all pings fail, resets interface and retries all pings.
(3) If all pings fail again after reset, then reboots pfSense.
History
1.0.1 Added delay to ensure interface resets (thx ktims).
1.0.0 Initial release.
#=====================================================================
#=====================================================================
USER SETTINGS
Set multiple ping targets separated by space. Include numeric IPs
(e.g., remote office, ISP gateway, etc.) for DNS issues which
reboot will not correct.
ALLDEST="google.com yahoo.com 24.93.40.36 24.93.40.37"
Interface to reset, usually your WAN
BOUNCE=em0
Log file
LOGFILE=/root/pingtest.log
#=====================================================================COUNT=1
while [ $COUNT -le 2 ]
dofor DEST in $ALLDEST
do
/usr/local/bin/pingtest.sh: 36: Syntax error: word unexpected_I do not understand why it is throwing this error based on the research I have done.
When I run the same test with the OOB ping_host.sh shell script it executes fine as far as syntax with an exit code of 0. See below. Any help or suggestion on how to fix this or what I may be doing wrong would be greatly appreciated.
_sh -n -v /usr/local/bin/ping_hosts.sh
#!/bin/shpfSense ping helper
written by Scott Ullrich
(C)2006 Scott Ullrich
All rights reserved.
Format of file should be deliminted by |
# Field 1: Source ip
# Field 2: Destination ip
# Field 3: Ping count
# Field 4: Script to run when service is down
# Field 5: Script to run once service is restored
# Field 6: Ping time threshold
# Field 7: Wan ping time threshold
# Field 8: Address familyRead in ipsec ping hosts and check the CARP status
if [ -f /var/db/ipsecpinghosts ]; then
IPSECHOSTS="/var/db/ipsecpinghosts"
CURRENTIPSECHOSTS="/var/db/currentipsecpinghosts"
IFVPNSTATE=ifconfig $IFVPN | grep "carp: BACKUP vhid" | wc -l
if [ $IFVPNSTATE -gt 1 ]; then
echo -e "CARP interface in BACKUP (not pinging ipsec hosts)"
rm -f $CURRENTIPSECHOSTS
touch $CURRENTIPSECHOSTS
else
echo -e "CARP interface is MASTER or non CARP (pinging ipsec hosts)"
cat < $IPSECHOSTS > $CURRENTIPSECHOSTS
fi
fiGeneral file meant for user consumption
if [ -f /var/db/hosts ]; then
HOSTS="/var/db/hosts"
fiPackage specific ping requests
if [ -f /var/db/pkgpinghosts ]; then
PKGHOSTS="/var/db/pkgpinghosts"
ficat $PKGHOSTS $HOSTS $IPSECHOSTS >/tmp/tmpHOSTS
if [ ! -d /var/db/pingstatus ]; then
/bin/mkdir -p /var/db/pingstatus
fiif [ ! -d /var/db/pingmsstatus ]; then
/bin/mkdir -p /var/db/pingmsstatus
fiPINGHOSTS=
cat /tmp/tmpHOSTS
PINGHOSTCOUNT=
cat /tmp/tmpHOSTS | wc -l
if [ "$PINGHOSTCOUNT" -lt "1" ]; then
exit
fifor TOPING in $PINGHOSTS ; do
echo "PROCESSING $TOPING"
SRCIP=echo $TOPING | cut -d"|" -f1
DSTIP=echo $TOPING | cut -d"|" -f2
COUNT=echo $TOPING | cut -d"|" -f3
FAILURESCRIPT=echo $TOPING | cut -d"|" -f4
SERVICERESTOREDSCRIPT=echo $TOPING | cut -d"|" -f5
THRESHOLD=echo $TOPING | cut -d"|" -f6
WANTHRESHOLD=echo $TOPING | cut -d"|" -f7
AF=echo $TOPING | cut -d"|" -f8
if [ "$AF" == "inet6" ]; then
PINGCMD=ping6
else
PINGCMD=ping
fi
echo Processing $DSTIP
# Look for a service being down
$PINGCMD -c $COUNT -S $SRCIP $DSTIP
if [ $? -eq 0 ]; then
# Host is up
# Read in previous status
PREVIOUSSTATUS=cat /var/db/pingstatus/$DSTIP
if [ "$PREVIOUSSTATUS" = "DOWN" ]; then
# Service restored
if [ "$SERVICERESTOREDSCRIPT" != "" ]; then
echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT"
echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT" | logger -p daemon.info -i -t PingMonitor
echo "UP" > /var/db/pingstatus/$DSTIP
sh -c $SERVICERESTOREDSCRIPT
fi
fi
else
# Host is down
PREVIOUSSTATUS=cat /var/db/pingstatus/$DSTIP
if [ "$PREVIOUSSTATUS" = "UP" ]; then
# Service is down
if [ "$FAILURESCRIPT" != "" ]; then
echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT"
echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
echo "DOWN" > /var/db/pingstatus/$DSTIP
sh -c $FAILURESCRIPT
fi
fi
fi
echo "Checking ping time $DSTIP"
# Look at ping values themselves
PINGTIME=$PINGCMD -c 1 -S $SRCIP $DSTIP | awk '{ print $7 }' | grep time | cut -d "=" -f2
echo "Ping returned $?"
echo $PINGTIME > /var/db/pingmsstatus/$DSTIP
if [ "$THRESHOLD" != "" ]; then
if [ "$PINGTIME" -gt "$THRESHOLD" ]; then
echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT"
echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
sh -c $FAILURESCRIPT
fi
fi
# Wan ping time threshold
#WANTIME=rrdtool fetch /var/db/rrd/wan-quality.rrd AVERAGE -r 120 -s -1min -e -1min | grep ":" | cut -f3 -d" " | cut -d"e" -f1
echo "Checking wan ping time $WANTIME"
echo $WANTIME > /var/db/wanaverage
if [ "$WANTHRESHOLD" != "" ]; then
if [ "$WANTIME" -gt "$WANTHRESHOLD" ]; then
echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT"
echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
sh -c $FAILURESCRIPT
fi
fi
sleep 1
doneexit 0_
-
What issues? What are we supposed to do with the obviously incomplete script you created?
-
The issue the script does not run when it is in a cron job, and when executing the shell script from the commnd line it fails with a "syntax error line 36" unexpected word. I did not develop the script I pulled it from another message thread where users were having the same issues, it seems they have been able to get it to work, but for some reason the same exact script in a copy and paste fails to execute by cron or command line on my machine. The full script can be found at https://forum.pfsense.org/index.php/topic,51786.0.html . Thanks
-
Let me state this again - the script snippet you posted is incomplete, broken and useless. If that's what you are trying to run via cron, so no, that will not ever work. Plus, the real question here was what issues are you having with DHCP WAN IP renewal.
-
This is the full script I am trying to run through CRON, it is the one the link went to, but here is it posted in its entirety. Thanks
_#!/bin/sh
#=====================================================================
pingtest.sh, v1.0.2
Created 2009 by Bennett Lee
Released to public domain
(1) Attempts to ping several hosts to test connectivity. After
# first successful ping, script exits.
(2) If all pings fail, resets interface and retries all pings.
(3) If all pings fail again after reset, then reboots pfSense.
History
1.0.2 Added turn dhclient on for the interface. (Dice81)
1.0.1 Added delay to ensure interface resets (thx ktims).
1.0.0 Initial release.
#=====================================================================
#=====================================================================
USER SETTINGS
Set multiple ping targets separated by space. Include numeric IPs
(e.g., remote office, ISP gateway, etc.) for DNS issues which
reboot will not correct.
ALLDEST="google.com yahoo.com 24.93.40.36 24.93.40.37"
Interface to reset, usually your WAN
BOUNCE=rl0
Log file
LOGFILE=/root/pingtest.log
#=====================================================================COUNT=1
while [ $COUNT -le 2 ]
dofor DEST in $ALLDEST
do
#echodate +%Y%m%d.%H%M%S
"Pinging $DEST" >> $LOGFILE
ping -c1 $DEST >/dev/null 2>/dev/null
if [ $? -eq 0 ]
then
#echodate +%Y%m%d.%H%M%S
"Ping $DEST OK." >> $LOGFILE
exit 0
fi
doneif [ $COUNT -le 1 ]
then
echodate +%Y%m%d.%H%M%S
"All pings failed. Resetting interface $BOUNCE." >> $LOGFILE
/sbin/ifconfig $BOUNCE downGive interface time to reset before bringing back up
sleep 10
/sbin/ifconfig $BOUNCE upGive WAN time to establish connection
sleep 20
dhclient $BOUNCE
sleep 20
else
echodate +%Y%m%d.%H%M%S
"All pings failed twice. Rebooting…" >> $LOGFILE
/sbin/shutdown -r now >> $LOGFILE
exit 1
fiCOUNT=
expr $COUNT + 1
done_ -
The real issue I am trying to fix is that when my ISP renews the DHCP address on the WAN the Pfsense WAN DHCP client does not automatically renew and stays "stuck" causing connectivity to drop. I have tried cycling the WAN interface and this does not fix the problem, only a reboot seems to correct the problem. From the research I have done this seems to be a bug in PFsense 2.1., there for I am looking to use that script as a workaround. My setup is PFsense 2.1 running in an ESXi appliance with two virtual interfaces (one for WAN and one for LAN) the WAN goes to an ISP cable modem, and the LAN goes to a wireless router. Hope this helps clarify. Thanks
-
This is the full script I am trying to run through CRON, it is the one the link went to, but here is it posted in its entirety. Thanks
_#!/bin/sh
#=====================================================================
pingtest.sh, v1.0.2
Created 2009 by Bennett Lee
Released to public domain
(1) Attempts to ping several hosts to test connectivity. After
# first successful ping, script exits.
(2) If all pings fail, resets interface and retries all pings.
(3) If all pings fail again after reset, then reboots pfSense.
History
1.0.2 Added turn dhclient on for the interface. (Dice81)
1.0.1 Added delay to ensure interface resets (thx ktims).
1.0.0 Initial release.
#=====================================================================_
The script is working but If it runs from pfsense Cron package, it needs the full path of the /sbin/ping executables as well, otherwise it reboots the pfsense every time.