merlin-ovpn-client-watchdog.sh

1. #!/bin/sh
2. #DEBUG= # uncomment/comment to enable/disable debug mode
3.  
4. #          name: merlin-ovpn-client-watchdog.sh
5. #       version: 3.0.1, 05-aug-2022, by eibgrad
6. #       purpose: restart failed/stopped/unresponsive openvpn clients
7. #       type(s): services-start
8. #          href: https://tinyurl.com/2p9a68ne
9. #  installation:
10. #    1. enable jffs custom scripts and configs (administration->system)
11. #    2. ssh to router and copy/paste the following command:
12. #         curl -kLs bit.ly/merlin-installer|tr -d '\r'|sh -s wyKu0pww
13. #    3. modify script w/ your preferred options using nano editor:
14. #         nano /jffs/scripts/merlin-ovpn-client-watchdog.sh
15. #    4. reboot
16.  
17. SCRIPTS_DIR='/jffs/scripts'
18. SCRIPT1="$SCRIPTS_DIR/merlin-ovpn-client-watchdog.sh"
19. SCRIPT2="$SCRIPTS_DIR/services-start"
20.  
21. mkdir -p $SCRIPTS_DIR
22.  
23. # -------------------- begin merlin-ovpn-client-watchdog --------------------- #
24. cat << 'EOF' > $SCRIPT1
25. #!/bin/sh
26. #set -x # comment/uncomment to disable/enable debug mode
27. {
28. # ------------------------------ BEGIN OPTIONS ------------------------------- #
29.  
30. # time (in secs) between checks for failed/stopped/unresponsive openvpn clients
31. INTERVAL=60
32.  
33. # internet host used for ping checks
34. PING_HOST='8.8.8.8'
35.  
36. # time (in secs) between ping checks
37. PING_INTERVAL=10
38.  
39. # maxmium number of ping checks before being considered a failure
40. PING_MAXTRY=3 # (3 recommended, 0 disables ping checks)
41.  
42. # ------------------------------- END OPTIONS -------------------------------- #
43.  
44. # ---------------------- DO NOT CHANGE BELOW THIS LINE ----------------------- #
45.  
46. # function _ping( vpn-network-interface )
47. _ping() {
48.     [ $PING_MAXTRY -gt 0 ] || return 0
49.  
50.     local i=1
51.  
52.     # it's best to check multiple times to prevent false negatives
53.     while :; do
54.         ping -qc1 -W3 -I $1 $PING_HOST &>/dev/null && return 0
55.         [ $(( i++ )) -ge $PING_MAXTRY ] && break || sleep $PING_INTERVAL
56.     done
57.  
58.     return 1
59. }
60.  
61. # wait for *reliable* internet connection
62. until ping -qc1 -W3 $PING_HOST &>/dev/null; do sleep 10; done
63.  
64. while sleep $INTERVAL; do
65.     for i in 1 2 3 4 5; do
66.         # only enabled openvpn clients need to be considered
67.         [ "$(nvram get vpn_client${i}_state)" != '0' ] || continue
68.  
69.         # check for failed connection or unresponsive tunnel
70.         pidof vpnclient${i} &>/dev/null && _ping tun1${i} && continue
71.  
72.         # fall-through means failure; restart the openvpn client
73.         service restart_vpnclient${i} >/dev/null
74.         echo "openvpn client #$i (re)started @ $(date)"
75.     done
76. done
77.  
78. } 2>&1 | logger -t $(basename $0 .sh)[$$]
79. EOF
80. [ ${DEBUG+x} ] && sed -ri '2 s/^#(set -x)/\1/' $SCRIPT1
81. chmod +x $SCRIPT1
82. echo "installed: $SCRIPT1"
83. # --------------------- end merlin-ovpn-client-watchdog ---------------------- #
84.  
85. # --------------------------- begin services-start --------------------------- #
86. create_script() {
87. cat << 'EOF' > $SCRIPT2
88. #!/bin/sh
89. #set -x # comment/uncomment to disable/enable debug mode
90. {
91. nohup $SCRIPT1 &>/dev/null &
92. } 2>&1 | logger -t $(basename $0)[$$]
93. EOF
94. [ ${DEBUG+x} ] && sed -ri '2 s/^#(set -x)/\1/' $SCRIPT2
95. sed "s:\$SCRIPT1:$SCRIPT1:g" -i $SCRIPT2
96. chmod +x $SCRIPT2
97. }
98.  
99. if [ -f $SCRIPT2 ]; then
100.     echo "error: $SCRIPT2 already exists; requires manual installation"
101. else
102.     create_script
103.     echo "installed: $SCRIPT2"
104. fi
105. # ---------------------------- end services-start ---------------------------- #