Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Auto DHCP on WAN not working when ISP WAN DCHP renews on PFsense 2.1

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 3.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      twp01
      last edited by

      All,
        I kept having issues with PFsense 2.1 when my ISP would renew the DHCP WAN IP of the my cable modem. The only way I was finding to correct this was rebooting the Pfsense machine when this would happen weekly. I was exploring other options and came across the shell script in the following link (https://forum.pfsense.org/index.php?topic=51786.0). I implemented the script as described and uncommented the ping lines to see if the log file would generate when the crontabs packaged had it scheduled, but it seemed to not be running. Then I tried to trigger it from the command line and got the following error output.

      _sh -n -v /usr/local/bin/pingtest.sh
      #!/bin/sh

      #=====================================================================

      pingtest.sh, v1.0.1

      Created 2009 by Bennett Lee

      Released to public domain

      (1) Attempts to ping several hosts to test connectivity.  After

      #    first successful ping, script exits.

      (2) If all pings fail, resets interface and retries all pings.

      (3) If all pings fail again after reset, then reboots pfSense.

      History

      1.0.1  Added delay to ensure interface resets (thx ktims).

      1.0.0  Initial release.

      #=====================================================================

      #=====================================================================

      USER SETTINGS

      Set multiple ping targets separated by space.  Include numeric IPs

      (e.g., remote office, ISP gateway, etc.) for DNS issues which

      reboot will not correct.

      ALLDEST="google.com yahoo.com 24.93.40.36 24.93.40.37"

      Interface to reset, usually your WAN

      BOUNCE=em0

      Log file

      LOGFILE=/root/pingtest.log
      #=====================================================================

      COUNT=1
      while [ $COUNT -le 2 ]
      do

      for DEST in $ALLDEST
              do
      /usr/local/bin/pingtest.sh: 36: Syntax error: word unexpected_

      I do not understand why it is throwing this error based on the research I have done.

      When I run the same test with the OOB ping_host.sh shell script it executes fine as far as syntax with an exit code of 0. See below.  Any help or suggestion on how to fix this or what I may be doing wrong would be greatly appreciated.

      _sh -n -v /usr/local/bin/ping_hosts.sh
      #!/bin/sh

      pfSense ping helper

      written by Scott Ullrich

      (C)2006 Scott Ullrich

      All rights reserved.

      Format of file should be deliminted by |

      #  Field 1:  Source ip
      #  Field 2:  Destination ip
      #  Field 3:  Ping count
      #  Field 4:  Script to run when service is down
      #  Field 5:  Script to run once service is restored
      #  Field 6:  Ping time threshold
      #  Field 7:  Wan ping time threshold
      #  Field 8:  Address family

      Read in ipsec ping hosts and check the CARP status

      if [ -f /var/db/ipsecpinghosts ]; then
              IPSECHOSTS="/var/db/ipsecpinghosts"
              CURRENTIPSECHOSTS="/var/db/currentipsecpinghosts"
              IFVPNSTATE=ifconfig $IFVPN | grep "carp: BACKUP vhid" | wc -l
              if [ $IFVPNSTATE -gt 1 ]; then
                      echo -e "CARP interface in BACKUP (not pinging ipsec hosts)"
                      rm -f $CURRENTIPSECHOSTS
                      touch $CURRENTIPSECHOSTS
              else
                      echo -e "CARP interface is MASTER or non CARP (pinging ipsec hosts)"
                      cat < $IPSECHOSTS > $CURRENTIPSECHOSTS
              fi
      fi

      General file meant for user consumption

      if [ -f /var/db/hosts ]; then
              HOSTS="/var/db/hosts"
      fi

      Package specific ping requests

      if [ -f /var/db/pkgpinghosts ]; then
              PKGHOSTS="/var/db/pkgpinghosts"
      fi

      cat $PKGHOSTS $HOSTS $IPSECHOSTS >/tmp/tmpHOSTS

      if [ ! -d /var/db/pingstatus ]; then
              /bin/mkdir -p /var/db/pingstatus
      fi

      if [ ! -d /var/db/pingmsstatus ]; then
              /bin/mkdir -p /var/db/pingmsstatus
      fi

      PINGHOSTS=cat /tmp/tmpHOSTS

      PINGHOSTCOUNT=cat /tmp/tmpHOSTS | wc -l

      if [ "$PINGHOSTCOUNT" -lt "1" ]; then
              exit
      fi

      for TOPING in $PINGHOSTS ; do
              echo "PROCESSING $TOPING"
              SRCIP=echo $TOPING | cut -d"|" -f1
              DSTIP=echo $TOPING | cut -d"|" -f2
              COUNT=echo $TOPING | cut -d"|" -f3
              FAILURESCRIPT=echo $TOPING | cut -d"|" -f4
              SERVICERESTOREDSCRIPT=echo $TOPING | cut -d"|" -f5
              THRESHOLD=echo $TOPING | cut -d"|" -f6
              WANTHRESHOLD=echo $TOPING | cut -d"|" -f7
              AF=echo $TOPING | cut -d"|" -f8
              if [ "$AF" == "inet6" ]; then
                      PINGCMD=ping6
              else
                      PINGCMD=ping
              fi
              echo Processing $DSTIP
              # Look for a service being down
              $PINGCMD -c $COUNT -S $SRCIP $DSTIP
              if [ $? -eq 0 ]; then
                      # Host is up
                      # Read in previous status
                      PREVIOUSSTATUS=cat /var/db/pingstatus/$DSTIP
                      if [ "$PREVIOUSSTATUS" = "DOWN" ]; then
                              # Service restored
                              if [ "$SERVICERESTOREDSCRIPT" != "" ]; then
                                      echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT"
                                      echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT" | logger -p daemon.info -i -t PingMonitor
                                      echo "UP" > /var/db/pingstatus/$DSTIP
                                      sh -c $SERVICERESTOREDSCRIPT
                              fi
                      fi
              else
                      # Host is down
                      PREVIOUSSTATUS=cat /var/db/pingstatus/$DSTIP
                      if [ "$PREVIOUSSTATUS" = "UP" ]; then
                              # Service is down
                              if [ "$FAILURESCRIPT" != "" ]; then
                                      echo "$DSTIP is DOWN, previous state was UP ..  Running $FAILURESCRIPT"
                                      echo "$DSTIP is DOWN, previous state was UP ..  Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
                                      echo "DOWN" > /var/db/pingstatus/$DSTIP
                                      sh -c $FAILURESCRIPT
                              fi
                      fi
              fi
              echo "Checking ping time $DSTIP"
              # Look at ping values themselves
              PINGTIME=$PINGCMD -c 1 -S $SRCIP $DSTIP | awk '{ print $7 }' | grep time | cut -d "=" -f2
              echo "Ping returned $?"
              echo $PINGTIME > /var/db/pingmsstatus/$DSTIP
              if [ "$THRESHOLD" != "" ]; then
                      if [ "$PINGTIME" -gt "$THRESHOLD" ]; then
                              echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT"
                              echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
                              sh -c $FAILURESCRIPT
                      fi
              fi
              # Wan ping time threshold
              #WANTIME=rrdtool fetch /var/db/rrd/wan-quality.rrd AVERAGE -r 120 -s -1min -e -1min | grep ":" | cut -f3 -d" " | cut -d"e" -f1
              echo "Checking wan ping time $WANTIME"
              echo $WANTIME > /var/db/wanaverage
              if [ "$WANTHRESHOLD" != "" ]; then
                      if [ "$WANTIME" -gt "$WANTHRESHOLD" ]; then
                              echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT"
                              echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
                              sh -c $FAILURESCRIPT
                      fi
              fi
              sleep 1
      done

      exit 0_

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        What issues? What are we supposed to do with the obviously incomplete script you created?

        1 Reply Last reply Reply Quote 0
        • T
          twp01
          last edited by

          The issue the script does not run when it is in a cron job, and when executing the shell script from the commnd line it fails with a "syntax error line 36" unexpected word. I did not develop the script I pulled it from another message thread where users were having the same issues, it seems they have been able to get it to work, but for some reason the same exact script  in a copy and paste fails to execute by cron or command line on my machine. The full script can be found at https://forum.pfsense.org/index.php/topic,51786.0.html . Thanks

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Let me state this again - the script snippet you posted is incomplete, broken and useless. If that's what you are trying to run via cron, so no, that will not ever work. Plus, the real question here was what issues are you having with DHCP WAN IP renewal.

            1 Reply Last reply Reply Quote 0
            • T
              twp01
              last edited by

              This is the full script I am trying to run through CRON, it is the one the link went to, but here is it posted in its entirety. Thanks

              _#!/bin/sh

              #=====================================================================

              pingtest.sh, v1.0.2

              Created 2009 by Bennett Lee

              Released to public domain

              (1) Attempts to ping several hosts to test connectivity.  After

              #    first successful ping, script exits.

              (2) If all pings fail, resets interface and retries all pings.

              (3) If all pings fail again after reset, then reboots pfSense.

              History

              1.0.2  Added turn dhclient on for the interface. (Dice81)

              1.0.1  Added delay to ensure interface resets (thx ktims).

              1.0.0  Initial release.

              #=====================================================================

              #=====================================================================

              USER SETTINGS

              Set multiple ping targets separated by space.  Include numeric IPs

              (e.g., remote office, ISP gateway, etc.) for DNS issues which

              reboot will not correct.

              ALLDEST="google.com yahoo.com 24.93.40.36 24.93.40.37"

              Interface to reset, usually your WAN

              BOUNCE=rl0

              Log file

              LOGFILE=/root/pingtest.log
              #=====================================================================

              COUNT=1
              while [ $COUNT -le 2 ]
              do

              for DEST in $ALLDEST
              do
              #echo date +%Y%m%d.%H%M%S "Pinging $DEST" >> $LOGFILE
              ping -c1 $DEST >/dev/null 2>/dev/null
              if [ $? -eq 0 ]
              then
              #echo date +%Y%m%d.%H%M%S "Ping $DEST OK." >> $LOGFILE
              exit 0
              fi
              done

              if [ $COUNT -le 1 ]
              then
              echo date +%Y%m%d.%H%M%S "All pings failed. Resetting interface $BOUNCE." >> $LOGFILE
              /sbin/ifconfig $BOUNCE down

              Give interface time to reset before bringing back up

              sleep 10
              /sbin/ifconfig $BOUNCE up

              Give WAN time to establish connection

              sleep 20
              dhclient $BOUNCE
              sleep 20
              else
              echo date +%Y%m%d.%H%M%S "All pings failed twice. Rebooting…" >> $LOGFILE
              /sbin/shutdown -r now >> $LOGFILE
              exit 1
              fi

              COUNT=expr $COUNT + 1
              done_

              1 Reply Last reply Reply Quote 0
              • T
                twp01
                last edited by

                The real issue I am trying to fix is that when my ISP renews the DHCP address on the WAN the Pfsense WAN DHCP client does not automatically renew and stays "stuck" causing connectivity to drop. I have tried cycling the WAN interface and this does not fix the problem, only a reboot seems to correct the problem. From the research I have done this seems to be a bug in PFsense 2.1., there for I am looking to use that script as a workaround. My setup is PFsense 2.1 running in an ESXi appliance  with two virtual interfaces (one for WAN and one for LAN) the WAN goes to an ISP cable modem, and the LAN goes to a wireless router. Hope this helps clarify. Thanks

                1 Reply Last reply Reply Quote 0
                • A
                  aventrax
                  last edited by

                  @twp01:

                  This is the full script I am trying to run through CRON, it is the one the link went to, but here is it posted in its entirety. Thanks

                  _#!/bin/sh

                  #=====================================================================

                  pingtest.sh, v1.0.2

                  Created 2009 by Bennett Lee

                  Released to public domain

                  (1) Attempts to ping several hosts to test connectivity.  After

                  #    first successful ping, script exits.

                  (2) If all pings fail, resets interface and retries all pings.

                  (3) If all pings fail again after reset, then reboots pfSense.

                  History

                  1.0.2  Added turn dhclient on for the interface. (Dice81)

                  1.0.1  Added delay to ensure interface resets (thx ktims).

                  1.0.0  Initial release.

                  #=====================================================================_

                  The script is working but If it runs from pfsense Cron package, it needs the full path of the /sbin/ping executables as well, otherwise it reboots the pfsense every time.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.