Amanda wrote:
Have a pptp connection from SME server to windows 2000 vpn server. I'm looking for a bash script which will periodically (launched from cron) ping a machine on the remote network and restart pptp if it doesn't respond.
I wrote a similar thing for dos years ago which captured the output of ping into a text file, then looked for the string "reply from".
I've been googling for ages but haven't found anything.
thanks.
Amanda
Hi Amanda,
I had a similar problem but pinging wasn't going to work - we use use BGP and sometimes the routing table would get screwed up so ping would fail even though the tunnel was still up.
This would result in ppp1, ppp2, etc being started and wasn't what we wanted. So we decided to use the status of the pppd processes (via it's PID file) to determine if the tunnel was active. Maybe you could use James Greg's and John Clarke's solutions and build some of the logic from my script into a home-spun thing for yourself.
Some notes about my script:
1. It runs every minute so make sure $TRY*$WAIT < 60. That way your script wont still be running when cron kicks it off again. I probably should implement a lock file or some such..... If you run the script at a longer interval, then you can increase the $TRY*$WAIT but make sure it's always < CRON-INTERVAL sec. Make sense?
2. You need to have "pon [tunnel_name]" working or replace that line with whatever command line starts your PPTP tunnel.
3. "logger" is a handy utility that allows you to write stuff to syslog from inside scripts. In my script it goes into /var/log/messages and will produce stuff like this:
Mar 6 17:29:01 [host] VPN: Tunnel is down: shell var RUNNING=NO
Mar 6 17:29:01 [host] VPN: Restart attempt: 1 of 2
Mar 6 17:29:21 [host] VPN: Tunnel is running again
Mar 6 17:29:21 [host] VPN: Successfully restarted VPN after 1 attempt(s)
Anyway here's our cron job: * * * * * /root/adminscripts/vpn_check.sh
...and here's the script:
#!/bin/bash
# Filename: vpn_check.sh # Synopsis: vpn_check.sh # Overview: This script checks to see if the VPN tunnel is active. # If VPN tunnel is NOT active an attempt is made to restart it. # Author: James Gray # Genesis: 28-July-2003
# Define some variables
VPN=ppp0 # PPP interface corresponding to the VPN tunnel
TUNNEL=tunnel # Name of VPN config ie, /etc/ppp/peers/$TUNNEL
PID=/var/run/${VPN}.pid # PID of the VPN/PPTP process
RUNNING=NO # Flag: NO=VPN down, YES=VPN up.
TRY=2 # Number of tries to attempt VPN start.
WAIT=20 # Time in seconds to wait between retries for
# link to become active
LOGTAG=VPN # Tag line for SYSLOG
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:~/admscripts# Test if interface is UP
if [ -e $PID ];
then
RUNNING=YES
# Uncomment the following 2 lines to produce debugging output
# in syslog.
# echo "Tunnel is running: ${RUNNING}"
# /sbin/ifconfig $VPN
exit 0;
else
logger -t $LOGTAG "Tunnel is down: shell var \
RUNNING=${RUNNING}"
RUNNING=NO; # This is redundant but left in for clarity
fi# If we get here, the tunnel is DOWN! Try to bring it up.
COUNT=1
while [ $COUNT -le $TRY ]
do
logger -t $LOGTAG "Restart attempt: ${COUNT} of ${TRY}"
pon $TUNNEL
sleep $WAIT
if [ -e $PID ];
then
logger -t $LOGTAG "Tunnel is running again"
RUNNING=YES
break; # Tunnel is up again - bail out of loop
else
logger -t $LOGTAG "Tunnel still down - retrying..."
COUNT=$(($COUNT+1))
RUNNING=NO; # Redundant - for clarity.
fi # end of "if -e $PID" loop.
done # end of while loopif [ $RUNNING == "YES" ];
then
logger -t $LOGTAG "Successfully restarted VPN after ${COUNT} \
attempt(s)"
# Uncomment the following 2 lines to produce debugging output
# in syslog.
# echo "Tunnel status:"
# /sbin/ifconfig $VPN;
else
# Restarting didn't work - don't panic! Cron will try again
# in about 20 seconds :)
logger -t $LOGTAG "FAILED to restart VPN after ${COUNT} \
attempts";
fiCheers,
James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
