IF you disable your vpn, make sure and stop the cron job under ADMINISTRATION...MANAGEMENT .... CRON... Otherwise the.script will keep trying to restart thr OpenVPN Daemon every time the cron runs!
My VPN was up now a couple of days so I was quite comfortable with everything. But today I added those firewall stop start lines at the end of the script and did some testing.
The quoted note tells me that if I disable my vpn client and wait for the minute (cron line is there) it should restart. But on my router it doesn't.
Also, if I stop vpn client and run the check:
Code:
/bin/sh /jffs/sw_watchdog/sw_watchdog
My router needs to be unplugged becase the "doing something" animation never stops. As soon as VPN is working the check is fine.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sat Apr 27, 2019 17:00 Post subject:
@Sploit thanks for your work.
I propose a slight modification which only kills the OpenVPN client.
At this moment the script also kills my OpenVPN server.
I propose to replace the command:
Code:
killall openvpn
by:
Code:
kill $(cat /tmp/var/run/openvpncl.pid)
Alternatively you can use:
Code:
for pid in $(ps | grep openvpncl | head -n-1 | awk '{print $1}'); do kill -9 $pid; done
Joined: 16 Apr 2016 Posts: 307 Location: California
Posted: Sun Apr 28, 2019 0:54 Post subject: I will add it to the new beta
I will add it to the new beta as a option flag turned on by default. The New Beta is awesome. _________________ My Karma ran over your Dogma
SploitWorks Custom Flashed Routers
Getting the address from what's set in the normal WDS setting in nvram
Getting the tunnel interface from the config file
Trimmed the ping size
Removed the temp ping file and just using the ping exit code
Removed most of the echo's
Added a syslog message when it restarts to make it easier to see that it restarted
And building the script in the startup section to eliminate the need for JFFS
Code:
mkdir -p /tmp/vpnwatchdog/
echo '
#!/bin/sh
script_loc="/tmp/vpnwatchdog/"
test_add=$(nvram get wds_watchdog_ips)
tun_inf=$(cat /tmp/openvpncl/openvpn.conf | grep "dev " | cut -d " " -f 2)
redundancy_check="on"
wd_script=$script_loc"vpnwatchdog"
pings=1
while [[ $pings -lt 5 ]]
do
if ping -c 1 -n -W 1 -q -s 8 $test_add -I $tun_inf > /dev/null
then
exit 0
fi
pings=$((pings+1))
done
logger -p cron.err VPNWatchdog: Unable to ping [$test_add] via [$tun_inf]. OpenVPN Client restarting.
echo "VPNWatchdog: Unable to ping "[$test_add]" via "[$tun_inf]". OpenVPN Client restarting."
sh /tmp/openvpncl/route-down.sh
sleep 2
kill $(cat /var/run/openvpncl.pid)
sleep 5
openvpn --config /tmp/openvpncl/openvpn.conf --daemon
sleep 20
sh /tmp/openvpncl/route-up.sh
sleep 10
if [ "$redundancy_check" = "on" ]; then
sh $wd_script
fi
if [ "$redundancy_check" = "off" ]; then
echo "."
fi' > /tmp/vpnwatchdog/vpnwatchdog
chmod 755 /tmp/vpnwatchdog/vpnwatchdog
I could not get the jffs to work. How can I use your script? Can I put all the script in command and run command? Thanks.
plawer wrote:
I have modified the script a bit for my use.
Getting the address from what's set in the normal WDS setting in nvram
Getting the tunnel interface from the config file
Trimmed the ping size
Removed the temp ping file and just using the ping exit code
Removed most of the echo's
Added a syslog message when it restarts to make it easier to see that it restarted
And building the script in the startup section to eliminate the need for JFFS
Code:
mkdir -p /tmp/vpnwatchdog/
echo '
#!/bin/sh
script_loc="/tmp/vpnwatchdog/"
test_add=$(nvram get wds_watchdog_ips)
tun_inf=$(cat /tmp/openvpncl/openvpn.conf | grep "dev " | cut -d " " -f 2)
redundancy_check="on"
wd_script=$script_loc"vpnwatchdog"
pings=1
while [[ $pings -lt 5 ]]
do
if ping -c 1 -n -W 1 -q -s 8 $test_add -I $tun_inf > /dev/null
then
exit 0
fi
pings=$((pings+1))
done
logger -p cron.err VPNWatchdog: Unable to ping [$test_add] via [$tun_inf]. OpenVPN Client restarting.
echo "VPNWatchdog: Unable to ping "[$test_add]" via "[$tun_inf]". OpenVPN Client restarting."
sh /tmp/openvpncl/route-down.sh
sleep 2
kill $(cat /var/run/openvpncl.pid)
sleep 5
openvpn --config /tmp/openvpncl/openvpn.conf --daemon
sleep 20
sh /tmp/openvpncl/route-up.sh
sleep 10
if [ "$redundancy_check" = "on" ]; then
sh $wd_script
fi
if [ "$redundancy_check" = "off" ]; then
echo "."
fi' > /tmp/vpnwatchdog/vpnwatchdog
chmod 755 /tmp/vpnwatchdog/vpnwatchdog
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Fri Sep 20, 2019 8:14 Post subject:
In case the original author does not answer, just my idea:
Copy and paste the whole script in Administration/Commands and save as Startup, it is possible to make a standalone script from this, which you can put on permanent storage and execute from there, I can do that if you want but first wait for the original author.
As egc suggests just put it in the startup. Then it builds and writes the file to the /tmp/vpnwatchdog folder when the router boots.
And yes, it requires an active WDS/Connection Watchdog configuration under Administration - Keep Alive to work.
egc wrote:
In case the original author does not answer, just my idea:
Copy and paste the whole script in Administration/Commands and save as Startup, it is possible to make a standalone script from this, which you can put on permanent storage and execute from there, I can do that if you want but first wait for the original author.
Note this works only if you are using WDS if I read the script correctly
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Tue Nov 05, 2019 10:32 Post subject:
I have also made a simple solution to restart the OpenVPN client (or reboot the router)
See attached script, only visible when you are logged in!
name: ddwrt-vpn-pbr-watchdog-05.sh
version: 0.5, 08-11-2019 by egc
purpose: restarts OVPN Client or reboots router when VPN goes down
script type: jffs script called from startup script
instructions:
1. unzip and modify parameters in script if necessary, make sure not to
include Windows style line endings <CR>
2. copy modified script to /jffs (or external storage, e.g., usb)
3. make script executable:
Code:
chmod +x /jffs/ddwrt-vpn-pbr-watchdog-05.sh
4. call this script from the startup: Administration/Commands Save as
Startup after making sure it works:
Code:
sh /jffs/ddwrt-vpn-pbr-watchdog-05.sh &
Warning use at your own risk, this is a beta version