118 lines
3.1 KiB
Bash
Executable File
118 lines
3.1 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
source /opt/idssys/defaults/colors.inc
|
|
source /opt/idssys/defaults/default.inc
|
|
source /opt/idssys/vpnmon/system.inc
|
|
|
|
logfile=/opt/idssys/vpnmon/logfile
|
|
touch $logfile
|
|
|
|
START(){
|
|
touch /opt/idssys/vpnmon/vpn.stop
|
|
sudo mkdir -p /var/run/xl2tpd
|
|
sudo touch /var/run/xl2tpd/l2tp-control
|
|
[ "$(systemctl list-units --full -all | grep "strongswan.service")" != "" ] && sudo service strongswan restart
|
|
[ "$(systemctl list-units --full -all | grep "strongswan-starter.service")" != "" ] && sudo service strongswan-starter restart
|
|
sudo systemctl restart xl2tpd ipsec
|
|
sleep 3s
|
|
sudo /usr/sbin/ipsec up ${VPN_CFGNAME}
|
|
sleep 4s
|
|
sudo echo "c ${VPN_CFGNAME}" > /var/run/xl2tpd/l2tp-control
|
|
sleep 5s
|
|
|
|
OUT=$(ip link | grep "${VPN_INTERFACE}")
|
|
if [ ${#OUT} -ne 0 ]; then
|
|
|
|
[ "${ROUTE_SUBNET1}" != "" ] && ip route add ${ROUTE_SUBNET1} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
|
|
[ "${ROUTE_SUBNET2}" != "" ] && ip route add ${ROUTE_SUBNET2} via $(ip address show dev ppp0 | grep -Po '(?<=peer )(\b([0-9]{1,3}\.){3}[0-9]{1,3}\b)') dev ppp0
|
|
|
|
# if [ "${SYSTEM}" = "unifipoller" ]; then
|
|
# /usr/sbin/service unifi-poller start &
|
|
# elif [ "${SYSTEM}" = "rpicam" ]; then
|
|
# /usr/sbin/service rpisurv restart
|
|
# fi
|
|
|
|
rm -f /opt/idssys/vpnmon/vpn.stop
|
|
if [ -f /opt/idssys/vpnmon/vpn.fail* ]; then
|
|
echo "$(date) - VPN Fixed" >> $logfile
|
|
rm -f /opt/idssys/vpnmon/vpn.fail*
|
|
fi
|
|
echo "VPN Started"
|
|
echo "$(date) - VPN started" >> $logfile
|
|
|
|
else
|
|
echo "VPN Not Started, will stop and let system retry in a few minutes"
|
|
echo "$(date) - VPN was not started" >> $logfile
|
|
STOP
|
|
rm -f /opt/idssys/vpnmon/vpn.stop
|
|
fi
|
|
|
|
}
|
|
STOP(){
|
|
|
|
touch /opt/idssys/vpnmon/vpn.stop
|
|
|
|
# if [ "${SYSTEM}" = "unifipoller" ]; then
|
|
# /usr/sbin/service unifi-poller stop
|
|
# fi
|
|
|
|
sudo echo "d ${VPN_CFGNAME}" > /var/run/xl2tpd/l2tp-control
|
|
sleep 4s
|
|
/usr/sbin/ipsec down ${VPN_CFGNAME}
|
|
|
|
echo "$(date) - VPN stopped" >> $logfile
|
|
|
|
}
|
|
CHECK(){
|
|
if [ ! -f /opt/idssys/vpnmon/vpn.stop ]; then
|
|
touch /opt/idssys/vpnmon/vpn.stop
|
|
checked=false
|
|
cc=0
|
|
until [ "${checked}" = "" ]; do
|
|
OUT=$(ip link | grep "${VPN_INTERFACE}")
|
|
if [ ${#OUT} -ne 0 ]; then
|
|
checked=""
|
|
elif [ ${cc} -eq 10 ]; then
|
|
if [ -f /opt/idssys/vpnmon/vpn.fail ]; then
|
|
echo "$(date) - VPN Failure #2 - stopping for 5mins" >> $logfile
|
|
touch /opt/idssys/vpnmon/vpn.fail2
|
|
rm -f /opt/idssys/vpnmon/vpn.fail
|
|
STOP
|
|
sleep 5m
|
|
START
|
|
exit 1
|
|
elif [ -f /opt/idssys/vpnmon/vpn.fail2 ]; then
|
|
echo "$(date) - VPN Failure #3 - Shutting down VPN system until repaired" >> $logfile
|
|
STOP
|
|
exit 1
|
|
else
|
|
echo "$(date) - VPN Failure #1 - stopping for 1min" >> $logfile
|
|
touch /opt/idssys/vpnmon/vpn.fail
|
|
STOP
|
|
sleep 1m
|
|
START
|
|
exit 1
|
|
fi
|
|
fi
|
|
((cc++))
|
|
sleep 1s
|
|
done
|
|
|
|
rm -f /opt/idssys/vpnmon/vpn.stop
|
|
|
|
if [ -f /opt/idssys/vpnmon/vpn.fail* ]; then
|
|
echo "$(date) - VPN Fixed" >> $logfile
|
|
rm -f /opt/idssys/vpnmon/vpn.fail*
|
|
fi
|
|
fi
|
|
|
|
}
|
|
|
|
case ${1} in
|
|
start) START;;
|
|
stop) STOP;;
|
|
check) CHECK;;
|
|
esac
|
|
|
|
exit 0
|