forked from ianharrier/synology-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
reconnect-vpn.sh
134 lines (115 loc) · 4.78 KB
/
reconnect-vpn.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
#!/usr/bin/env bash
#===============================================================================
# FILE: reconnect-vpn.sh
#
# DESCRIPTION: Reconnect a disconnected VPN session on Synology DSM
# SOURCE(S): https://forum.synology.com/enu/viewtopic.php?f=241&t=65444
# README: https://github.com/ianharrier/synology-scripts
#
# AUTHOR: Ian Harrier
# VERSION: 1.2.0
# LICENSE: MIT License
#===============================================================================
#-------------------------------------------------------------------------------
# User-customizable variables
#-------------------------------------------------------------------------------
# VPN_CHECK_METHOD : How to check if the VPN connection is alive. Options:
# - "dsm_status" (default) : assume OK if Synology DSM reports the VPN connection is alive
# - "gateway_ping" : assume OK if the default gateway (i.e. VPN server) responds to ICMP ping
VPN_CHECK_METHOD=dsm_status
#-------------------------------------------------------------------------------
# Process VPN config files
#-------------------------------------------------------------------------------
# Get the VPN config files
CONFIGS_ALL=$(cat /usr/syno/etc/synovpnclient/{l2tp,openvpn,pptp}/*client.conf 2>/dev/null)
# How many VPN profiles are there?
CONFIGS_QTY=$(echo "$CONFIGS_ALL" | grep -e '\[l' -e '\[o' -e '\[p' | wc -l)
# Only proceed if there is 1 VPN profile
if [[ $CONFIGS_QTY -eq 1 ]]; then
echo "[I] There is 1 VPN profile. Continuing..."
elif [[ $CONFIGS_QTY -gt 1 ]]; then
echo "[E] There are $CONFIGS_QTY VPN profiles. This script supports only 1 VPN profile. Exiting..."
exit 3
else
echo "[W] There are 0 VPN profiles. Please create a VPN profile. Exiting..."
exit 3
fi
#-------------------------------------------------------------------------------
# Set variables
#-------------------------------------------------------------------------------
PROFILE_ID=$(echo $CONFIGS_ALL | cut -d "[" -f2 | cut -d "]" -f1)
PROFILE_NAME=$(echo "$CONFIGS_ALL" | grep -oP "conf_name=+\K\w+")
PROFILE_RECONNECT=$(echo "$CONFIGS_ALL" | grep -oP "reconnect=+\K\w+")
if [[ $(echo "$CONFIGS_ALL" | grep '\[l') ]]; then
PROFILE_PROTOCOL="l2tp"
elif [[ $(echo "$CONFIGS_ALL" | grep '\[o') ]]; then
PROFILE_PROTOCOL="openvpn"
elif [[ $(echo "$CONFIGS_ALL" | grep '\[p') ]]; then
PROFILE_PROTOCOL="pptp"
fi
#-------------------------------------------------------------------------------
# Check the VPN connection
#-------------------------------------------------------------------------------
function check_dsm_status() {
if [[ $(/usr/syno/bin/synovpnc get_conn | grep Uptime) ]]; then
echo "[I] Synology DSM reports VPN is connected."
return 0
else
echo "[W] Synology DSM reports VPN is not connected."
return 1
fi
}
function check_gateway_ping() {
local CLIENT_IP=$(/usr/syno/bin/synovpnc get_conn | grep "Client IP" | awk '{ print $4 }')
local TUNNEL_INTERFACE=$(ip addr | grep $CLIENT_IP | awk '{ print $7 }')
local GATEWAY_IP=$(ip route | grep -v "src $CLIENT_IP" | grep $TUNNEL_INTERFACE | awk '{ print $3 }' | head -n 1)
if ping -c 1 -i 1 -w 15 -I $TUNNEL_INTERFACE $GATEWAY_IP > /dev/null 2>&1; then
echo "[I] The gateway IP $GATEWAY_IP responded to ping."
return 0
else
echo "[W] The gateway IP $GATEWAY_IP did not respond to ping."
return 1
fi
}
function check_vpn_connection() {
local CONNECTION_STATUS=disconnected
if [[ $VPN_CHECK_METHOD = "gateway_ping" ]]; then
check_dsm_status && check_gateway_ping && CONNECTION_STATUS=connected
else
check_dsm_status && CONNECTION_STATUS=connected
fi
if [[ $CONNECTION_STATUS = "connected" ]]; then
return 0
else
return 1
fi
}
if check_vpn_connection; then
echo "[I] Reconnect is not needed. Exiting..."
exit 0
fi
#-------------------------------------------------------------------------------
# Reconnect the VPN connection
#-------------------------------------------------------------------------------
if [[ $PROFILE_RECONNECT != "yes" ]]; then
echo "[W] Reconnect is disabled. Please enable reconnect for for the \"$PROFILE_NAME\" VPN profile. Exiting..."
exit 3
fi
echo "[I] Attempting to reconnect..."
/usr/syno/bin/synovpnc kill_client
sleep 20
echo conf_id=$PROFILE_ID > /usr/syno/etc/synovpnclient/vpnc_connecting
echo conf_name=$PROFILE_NAME >> /usr/syno/etc/synovpnclient/vpnc_connecting
echo proto=$PROFILE_PROTOCOL >> /usr/syno/etc/synovpnclient/vpnc_connecting
/usr/syno/bin/synovpnc connect --id=$PROFILE_ID
sleep 20
#-------------------------------------------------------------------------------
# Re-check the VPN connection
#-------------------------------------------------------------------------------
if check_vpn_connection; then
echo "[I] VPN successfully reconnected. Exiting..."
exit 1
else
echo "[E] VPN failed to reconnect. Exiting..."
exit 2
fi