Posted: Fri Apr 23, 2010 15:21 Post subject: [solved] default/my.wanup is running like 20 times
Hello,
I am running dd-wrt v24 SP1 revision 10020 stable.
I modified the firmware and added a few scripts in /etc/config/
I have a script called "mycoolscript.wanup". When the router starts, it often runs the script multiple times. This morning it ran it about 20 times at once.
I added a locking code into it, but I think that there must be something wrong here.
Is there a status code I am supposed to return at the end of the script execution? What am I doing wrong?
Thanks,
David
Last edited by dlublink on Fri Apr 23, 2010 18:41; edited 1 time in total
As explained there, .wanup scripts execute every time the WAN interface comes up. When the router boots it usually has the WAN toggle up 3 times. It's just like as if you had saved your commands to the firewall script in the GUI.
You need to write your script to account for the fact that it will run every time the WAN comes up. Avoid running anything as background processes and if you're doing anything besides iptables (which the firmware flushes and rebuilds) then you need to clean up any mess you create. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Depending on what you're doing locking could be bad. I'm not sure if there's any threading that's making you need it or whether you're running background processes yourself that are to blame, but you should make sure that pulling the WAN cable and plugging it back in doesn't break things for you. _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Posted: Thu Jul 29, 2010 6:54 Post subject: WanUp, and up and up up up....
I also seem to be experiencing some condition which causes my WanUp script to execute often. Is there a more elegant way to make my command not run if the VPN is already up and running?
Situation:
Netgear WNDR3700 running BS build 14815. I'm using the OpenVPN client to keep an established connection with remote network (which has the OpenVPN server.)
Sometimes it seems like it's doing a WanUp every 10 minutes. It only disrupts the VPN for ~2 seconds, but I'm worried that will affect some applications, (SIP, active file transfer, etc.)
Ideal test would be to ping the remote firewall's internal IP, 192.168.0.101 as this would always be available if the VPN is active. If ping fails, kill OpenVPN and then issue startup command again.
I'm VERY new to linux/DD-WRT, is there a command/script action to do this? If not, what are the less robust options I could settle for?
For openvpn you should just use the GUI to configure it and let the firmware handle reconnecting on its own. If you're running openvpn 'manually' because you want to store your files somewhere other than nvram then just continue to store most of them where you want and just set your config file in the GUI with paths to your cert/key/etc.
Also, if it seem that you're having a disconnect every 10 mins, you probably are. Check your WAN status page to see the connection uptime. If your WAN is using DHCP then you might have this problem:
http://svn.dd-wrt.com:8000/dd-wrt/ticket/973 _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
That was definitely the original plan, but the rabbit hole went deeper... The server is a Watchguard firewall. It runs it's own flavor of OpenVPN and I'm limited in my configurability.
Their custom client solution is a standard Windows OpenVPN with a simple frontend they've written which makes everything simple and GUI. I got that working so I could then port all the cert's & setup from that to my router.
The client config from their custom OVPN uses 3 features that the DD-WRT GUI doesn't seem to offer;
tls-remote "/O=WatchGuard_Technologies/OU=Fireware/CN=.."
remote-cert-eku "TLS Web Server Authentication"
and auth-user-pass are entered into the frontend as well.
I've learned a bit in the process and since the first two both seem to be optional security for the client and I'm fairly confident I can turn off the auth-user-pass requirement on the server, then I think I could probably use the GUI as is. But I'm accessing a work network that may not be very well-protected, especially once someone is in, which makes me tepid about loosening VPN security settings...
Is there a way to add these custom settings, while still using the GUI, but not have them lost on reboot or overwritten by the GUI?
BTW, I will see if that thread helps me address frequent disconnects.