My VPN is behaving funny sometimes, and I have to restart it often. I wanted to write a script which does that for me. It doesn't have to be anything fancy, just a shortcut for the commands I have to type into the terminal. More specifically: it will look at the running processes. If it finds a running vpnc process, it will kill it. Then it will start vpnc.
I've written bash scripts of similar complexity, but now I don't have a bash, only an ash. Until now, the only difference I noticed is that there are much less commands available, but then, I don't use it very often. So I have some questions.
- Is writing ash scripts different than writing bash scripts?
- Is there something specific to consider when doing it?
- When the script is ready, how can I deploy it? For bash, I just put the executable file under /usr/lib and run it by typing the file name into the command line, will this work with ash?
- Are there any special pitfalls to watch out for in the script I want to write? I think that the killing process part may get hairy, if I write something that kills the wrong process, but even then running the script shouldn't break anything permanently, right?
2 Answers
I doubt there's anything bash specific in this, most of the "magic" is in the external commands. So, something like:
#!/bin/ash
pgrep vpnc >/dev/null 2>/dev/null
if [ $? -eq 0 ]; then /etc/init.d/vpnc stop sleep 1 pkill vpnc sleep 1 pkill -9 vpnc sleep 1 /etc/init.d/vpnc start
fiWill work assuming that you have pgrep and pkill installed and that your init script is called vpnc and lives in /etc/init.d (and that ash lives in /bin). Drop it anywhere in $PATH, set the execute bit (chmod +x myscript) and you simply have to call it by the name you saved it as.
Traditionally locally installed binaries (and scripts) would live in /usr/local/bin, not /usr/lib. If that doesn't exist and isn't in your current $PATH just create the directory (mkdir -p /usr/local/bin) and edit the file that sets $PATH (probably something under /etc).
Note that with a little effort you could wrap this in a script that does something like:
#!/bin/ash
pgrep vpnc
if [ $? -eq 0 ]; then ping -n -q -c 4 ip.at.other.side if [ $? -ne 0 ]; then /usr/local/bin/myscript fi
fiCall that from cron every N minutes and, when the VPN is running and the ping to the IP at the other side fails, it'll restart the VPN.
Caution - I've simply thrown these together from experience, no testing has been done and I've never used ash. Some tweaking or rework may be required.
Ok, if you don't have cron you could wrap the second script like:
#!/bin/ash
while [ true ]; do pgrep vpnc if [ $? -eq 0 ]; then ping -n -q -c 4 ip.at.other.side if [ $? -ne 0 ]; then /usr/local/bin/myscript fi fi
sleep 60
doneTo have it run in the background use nohup:
nohup /usr/local/bin/mywrapper &You should find that there's at least one server that responds to ping, possibly even the VPN endpoint. If that doesn't work try the DNS servers or routers (people particularly rarely lock down routers).
2For completeness, the actual script I used:
#! /bin/ash
pgrep vpnc >/dev/null 2>/dev/null
if [ $? -eq 0 ]; then pkill vpnc sleep 1
fi
vpnc /etc/vpnc/hybrid.confwhere hybrid.conf is the configuration file for the vpnc client. I'd like to learn more about scripting, so if somebody notices an example of bad practice here, please tell me about it.
1