LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (http://www.linuxquestions.org/questions/programming-9/)
-   -   vpn connect/disconnect shell script (http://www.linuxquestions.org/questions/programming-9/vpn-connect-disconnect-shell-script-757146/)

rashmeepawar 09-22-2009 11:58 PM

vpn connect/disconnect shell script
 
Hi

I am not so good in scripting..trying ot learn it...need guidance of the experts in shell scripting..
Let me explain the scenario first..
a server MX1 is connected to another server MX2[199.8.7.29] through vpn..every 5 minute a script runs to test vpn connectivity between the 2 servers.when the vpn goes down a mail is sent as notification from MX..here is the shell script i have written on MX1..

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
fi

the scipt only sends an email when the vpn goes down..
my next task is when the vpn comes up i need to send a mail form this script hat the vpn is up now..
please suggest.
Thanks in advance..

slakmagik 09-23-2009 01:26 AM

I don't know anything about VPN but I'd imagine you'd just test if the connection was open as you do, and then send the mail the way you do. I'm not an expert in shell scripting, either, but just to mention a couple of things about what you've got - when you post code on LQ, please wrap it in [ code ] tags. The sleep isn't doing anything but delaying your script. If you mean to be delaying it, you would ordinarily have the sleep inside a loop to regulate how fast the loop happens. Avoid backticks in scripts (the assignment to 'l'). Also, 'if' can test the return of a command directly. Variable-ize files whose locations might be changed and/or repetitive stuff. And I wrap lines before 80 columns so they're still easy to read on a VGA display.

Code:

log=/var/log/monscrpt.log
l=$(nmap -P0 -p25 199.8.7.29)

echo $l > /var/log/vpncon.log && echo $l >> $log

if ! grep -qi "open" /var/log/vpncon.log; then
    echo Partner VPN Failed >> $log &&
        echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
fi

Also, unless you really want the mail to not be sent if the appending to $log fails, I would just write them as two commands and not && them. Ditto with the other &&.

That said, there may be some special purpose tool or something for this. If not, like I say, just reverse the logic, I guess.

Code:

l=`nmap -P0 -p25 199.8.7.29`

echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log

if grep -qi "open" /var/log/vpncon.log; then
    echo Partner VPN Failed >> /var/log/monscrpt.log
        && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
fi

Unless the IP changes between time - I dunno there. Or write it as part of the conditional logic of the first - maybe have it touch an 'error' file and start performing the check for it coming back up - when it does come back up, have it remove the 'error' file.

avalonit 09-23-2009 01:49 AM

Besides yous script can be written in one line you can make your script like this:

Code:

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo -n > /tmp/vpn_failed
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
fi
rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'aarti_sankhe@cactus.com'

I'm not going to tell you how to optimize your script, because it works and good sysadmin never fixes a working thing ;)

rashmeepawar 09-23-2009 03:54 AM

Quote:

Originally Posted by avalonit (Post 3693751)
Besides yous script can be written in one line you can make your script like this:

Code:

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo -n > /tmp/vpn_failed
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
fi
rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'aarti_sankhe@cactus.com'

I'm not going to tell you how to optimize your script, because it works and good sysadmin never fixes a working thing ;)



Hi Avalonit,

thanks a lot for the solution but would you do me favor to explain the two lines you added in the script,i did not understand the logic behind it..

slakmagik 09-23-2009 04:01 AM

Quote:

Originally Posted by rashmeepawar (Post 3693852)
Hi Avalonit,

thanks a lot for the solution but would you do me favor to explain the two lines you added in the script,i did not understand the logic behind it..

...

Quote:

Originally Posted by slakmagik (Post 3693734)
Or write it as part of the conditional logic of the first - maybe have it touch an 'error' file and start performing the check for it coming back up - when it does come back up, have it remove the 'error' file.


avalonit 09-24-2009 12:50 AM

Quote:

Originally Posted by rashmeepawar (Post 3693852)
Hi Avalonit,

thanks a lot for the solution but would you do me favor to explain the two lines you added in the script,i did not understand the logic behind it..

I have the error in the code though :)

here is a fixed solution. I noticed the issue soon after my first post but forgot to correct myself:
Code:

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo -n > /tmp/vpn_failed
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
else
rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'aarti_sankhe@cactus.com'

fi

Check syntax and test logic before you trust me. Mornings I'm not smart but better than evenings anyways :)

rashmeepawar 09-24-2009 04:02 AM

Quote:

Originally Posted by avalonit (Post 3695080)
I have the error in the code though :)

here is a fixed solution. I noticed the issue soon after my first post but forgot to correct myself:
Code:

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo -n > /tmp/vpn_failed
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
else
rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'aarti_sankhe@cactus.com'

fi

Check syntax and test logic before you trust me. Mornings I'm not smart but better than evenings anyways :)

Hi
this script will be running every 5 minutes as it is defined in cron..I have not clearly understood this line..[ rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner UP" 'aarti_sankhe@cactus.com']

would you please explain me how this line is going to work..

avalonit 09-25-2009 01:02 AM

Quote:

Originally Posted by rashmeepawar (Post 3695208)
Hi
this script will be running every 5 minutes as it is defined in cron..I have not clearly understood this line..[ rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner UP" 'aarti_sankhe@cactus.com']

would you please explain me how this line is going to work..

Code:

rm /tmp/vpn_failed
this tries to delete /tmp/vpn_failed file. This file will only exist if vpn has already failed and it was created by the "echo -n > /tmp/vpn_failed" line.

Code:

&> /dev/null
We don't care for the output of the rm command (at least when we are not debugging a problem with it) so this tells the shell to throw every output of the rm command to /dev/null where it will not be seen. In fact if we don't do this, cron will send emails with the output which is undesirable.

Now if the file exists, we know that:
  1. VPN was down on the previous check
  2. vpn is now up, because we are in the part of the if construct where we have the link up
So rm will exit with a status of "0" and the command after "&&" will be executed. Currently the command after "&&" should send you a mail that VPN is now up. In addition the /tmp/vpn_failed file will be gone so next time you wont receive any mail.

On the other hand, if /tmp/vpn_failed does *not* exist, then we know last check was ok, this check is ok. rm will exit with a non-zero status so command after "&&" will not be executed hence mail not sent, which is what we want.

Now I wonder how would cron like the whole stuff because in the normal case, last command will return non-zero so cron may think it finished unsuccessfully and send you a mail. So probably you also would need to add exit 0 or some always successful command like "echo -n" to the end of your script.

Hope that works for you.

rashmeepawar 09-28-2009 10:43 PM

Quote:

Originally Posted by avalonit (Post 3696381)
Code:

rm /tmp/vpn_failed
this tries to delete /tmp/vpn_failed file. This file will only exist if vpn has already failed and it was created by the "echo -n > /tmp/vpn_failed" line.

Code:

&> /dev/null
We don't care for the output of the rm command (at least when we are not debugging a problem with it) so this tells the shell to throw every output of the rm command to /dev/null where it will not be seen. In fact if we don't do this, cron will send emails with the output which is undesirable.


Now if the file exists, we know that:
  1. VPN was down on the previous check
  2. vpn is now up, because we are in the part of the if construct where we have the link up
So rm will exit with a status of "0" and the command after "&&" will be executed. Currently the command after "&&" should send you a mail that VPN is now up. In addition the /tmp/vpn_failed file will be gone so next time you wont receive any mail.

On the other hand, if /tmp/vpn_failed does *not* exist, then we know last check was ok, this check is ok. rm will exit with a non-zero status so command after "&&" will not be executed hence mail not sent, which is what we want.

Now I wonder how would cron like the whole stuff because in the normal case, last command will return non-zero so cron may think it finished unsuccessfully and send you a mail. So probably you also would need to add exit 0 or some always successful command like "echo -n" to the end of your script.

Hope that works for you.



Hi Avalonit,

Understood...Thanks for the explanation and the script..I have added and "exit 0" at the end of the script as you mentioned. here is the modified script..please have a look and let me know if anything is wrong..

l=`nmap -P0 -p25 197.7.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
echo -n > /tmp/vpn_failed
echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'rashmi_pawar@monitor.com'
rm /tmp/vpn_failed &> /dev/null && echo "Partner VPN UP" >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'rashmi_pawar@monitor.com'
exit 0
fi

Is the "exit 0" placed right or should it come after the line "fi"?

avalonit 09-29-2009 12:15 AM

Quote:

Originally Posted by rashmeepawar (Post 3700073)
Hi Avalonit,
Is the "exit 0" placed right or should it come after the line "fi"?

After the "fi". We want to have cron see job successful no matter if VPN is up or down.

rashmeepawar 10-04-2009 10:51 PM

vpn connect/disconnect
 
Quote:

Originally Posted by avalonit (Post 3700119)
After the "fi". We want to have cron see job successful no matter if VPN is up or down.

hi Avalonit,

I tested the script yesterday with the changes you specified..When the vpn was taken down i got a mail that the vpn is down say at time 1:55pm, at very next second i got another mail that the vpn is up and the time was same 1:55pm,the vpn was down though.

the vpn was down for 20 minutes,when i brought the vpn back up i didnt get any "vpn up" email.every 5 minutes i got "vpn failed" and "vpn up" email.

As i have specified in cron that i should get an email every 5 minutes, whenever the vpn is down and once it is back up i should get email only once that the vpn is back up.for example: if the vpn is down for 25 mintes i should get 5 mails every after every 5 mintes that VPN is down, after 25 minutes VPN goes up, i should get an email notification that VPN is back up, this mail should be received only once.
-thanks.

avalonit 10-05-2009 09:15 AM

Hmm, now I see you have skipped at least the "else" in comment #9.

Here is what I suggested for you to use (comment #6 + "exit 0"):
Code:

sleep 1
l=`nmap -P0 -p25 199.8.7.29`
echo $l > /var/log/vpncon.log && echo $l >> /var/log/monscrpt.log
grep -qi "open" /var/log/vpncon.log
j=`echo $?`
if [ $j -ne 0 ]; then
  echo -n > /tmp/vpn_failed
  echo Partner VPN Failed >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN Failed" 'aarti_sankhe@cactus.com'
else
  rm /tmp/vpn_failed &> /dev/null && echo Partner VPN Up >> /var/log/monscrpt.log && echo $l | mailx -s "Partner VPN UP" 'aarti_sankhe@cactus.com'
fi
exit 0

This is in case that's the whole script. If there is anything around this code, that may need corrections.


All times are GMT -5. The time now is 09:55 PM.