| 6 |
6 |
buferr=0
|
| 7 |
7 |
|
| 8 |
8 |
bounceall() {
|
| 9 |
|
/usr/local/etc/rc.d/bgpd.sh stop
|
| 10 |
|
sleep 1
|
| 11 |
|
$ipsecpath stop
|
| 12 |
|
sleep 1
|
| 13 |
|
$ipsecpath start
|
| 14 |
|
sleep 3
|
| 15 |
|
/usr/local/etc/rc.d/bgpd.sh start
|
|
9 |
echo "Restarting"
|
|
10 |
echo "Restarting" | logger
|
|
11 |
/usr/local/etc/rc.d/bgpd.sh stop
|
|
12 |
sleep 1
|
|
13 |
$ipsecpath stop
|
|
14 |
sleep 1
|
|
15 |
$ipsecpath start
|
|
16 |
sleep 3
|
|
17 |
/usr/local/etc/rc.d/bgpd.sh start
|
| 16 |
18 |
}
|
| 17 |
19 |
|
| 18 |
20 |
ipsecpath=/usr/local/sbin/ipsec
|
| 19 |
21 |
|
| 20 |
|
echo "=== started at `date` ==="
|
|
22 |
echo "=== ipsecmon started at `date` ==="
|
|
23 |
echo "=== ipsecmon started at `date` ===" | logger
|
| 21 |
24 |
|
| 22 |
|
for con in `$ipsecpath status | grep "\[" | sed 's/\[.*//g' | sort | uniq` ; do
|
| 23 |
|
echo $con
|
| 24 |
|
estab=0
|
| 25 |
|
p2=0
|
| 26 |
|
|
| 27 |
|
$ipsecpath status $con | grep ESTAB >/dev/null 2>&1 && estab=1
|
| 28 |
|
$ipsecpath status $con | grep INSTALLED >/dev/null 2>&1 && p2=1
|
| 29 |
|
|
| 30 |
|
[ $estab -eq 1 ] && {
|
| 31 |
|
echo $con p1 up
|
| 32 |
|
estabcount=$(( $estabcount + 1 ))
|
| 33 |
|
[ $p2 -eq 0 ] && {
|
| 34 |
|
echo $con p2 down, restarting
|
| 35 |
|
echo stopping $con...
|
| 36 |
|
$ipsecpath down $con >/dev/null 2>&1
|
| 37 |
|
sleep 1
|
| 38 |
|
echo starting $con...
|
| 39 |
|
$ipsecpath up $con | grep error | grep "buffer space" >/dev/null 2>&1 && { echo "PF_KEY buffer error while starting $con"; buferr=$(( $buferr + 1 )); }
|
| 40 |
|
}
|
| 41 |
|
|
| 42 |
|
}
|
| 43 |
|
[ $estab -eq 0 ] && { echo $con p1 down; }
|
| 44 |
|
[ $p2 -eq 1 ] && { echo $con p2 up; p2count=$(( $p2count + 1 )); }
|
| 45 |
|
totalcount=$(( $totalcount + 1 ))
|
|
25 |
for con in `$ipsecpath status | grep "\[" | sed 's/\[.*//g' | sort | uniq` ;
|
|
26 |
do
|
|
27 |
echo $con
|
|
28 |
estab=0
|
|
29 |
p2=0
|
|
30 |
|
|
31 |
$ipsecpath status $con | grep ESTAB >/dev/null 2>&1 && estab=1
|
|
32 |
$ipsecpath status $con | grep INSTALLED >/dev/null 2>&1 && p2=1
|
|
33 |
|
|
34 |
[ $estab -eq 1 ] && {
|
|
35 |
echo $con p1 up
|
|
36 |
# echo $con p1 up | logger ## This is too chatty
|
|
37 |
estabcount=$(( $estabcount + 1 ))
|
|
38 |
|
|
39 |
[ $p2 -eq 0 ] && {
|
|
40 |
echo $con p2 down, restarting
|
|
41 |
echo $con p2 down, restarting | logger
|
|
42 |
echo stopping $con...
|
|
43 |
echo stopping $con... | logger
|
|
44 |
$ipsecpath down $con >/dev/null 2>&1
|
|
45 |
sleep 1
|
|
46 |
echo starting $con...
|
|
47 |
echo starting $con... | logger
|
|
48 |
$ipsecpath up $con | grep error | grep "buffer space" >/dev/null 2>&1 && { echo "PF_KEY buffer error while starting $con"; buferr=$(( $buferr + 1 )); }
|
|
49 |
}
|
|
50 |
|
|
51 |
}
|
|
52 |
|
|
53 |
[ $estab -eq 0 ] && {
|
|
54 |
echo $con p1 down
|
|
55 |
echo $con p1 down | logger
|
|
56 |
}
|
|
57 |
[ $p2 -eq 1 ] && {
|
|
58 |
echo $con p2 up
|
|
59 |
# echo $con p2 up | logger ## This is too chatty
|
|
60 |
p2count=$(( $p2count + 1 ));
|
|
61 |
}
|
|
62 |
totalcount=$(( $totalcount + 1 ))
|
| 46 |
63 |
done
|
| 47 |
64 |
|
| 48 |
65 |
echo
|
| 49 |
66 |
echo ===
|
| 50 |
67 |
echo estab $estabcount / $totalcount
|
|
68 |
echo estab $estabcount / $totalcount | logger
|
| 51 |
69 |
echo p2 $p2count / $totalcount
|
|
70 |
echo p2 $p2count / $totalcount | logger
|
| 52 |
71 |
echo buf_err $buferr / $totalcount
|
| 53 |
|
echo ===
|
|
72 |
echo buf_err $buferr / $totalcount | logger
|
|
73 |
echo === ipsecmon ended ===
|
|
74 |
echo === ipsecmon ended === | logger
|
| 54 |
75 |
echo
|
| 55 |
76 |
|
| 56 |
77 |
[ $totalcount -gt 0 ] && [ $buferr -gt 0 ] && {
|
| 57 |
|
echo $buferr connections show buffer space errors - bouncing openbgpd and ipsec
|
| 58 |
|
bounceall
|
| 59 |
|
exit
|
|
78 |
echo $buferr connections show buffer space errors - bouncing openbgpd and ipsec
|
|
79 |
echo $buferr connections show buffer space errors - bouncing openbgpd and ipsec | logger
|
|
80 |
bounceall
|
|
81 |
exit
|
| 60 |
82 |
}
|
| 61 |
83 |
|
| 62 |
84 |
[ $totalcount -gt 0 ] && [ $estabcount -eq 0 ] && {
|
| 63 |
|
echo no connections have p1 up - bouncing openbgpd and ipsec
|
| 64 |
|
bounceall
|
| 65 |
|
exit
|
|
85 |
echo no connections have p1 up - bouncing openbgpd and ipsec
|
|
86 |
echo no connections have p1 up - bouncing openbgpd and ipsec | logger
|
|
87 |
bounceall
|
|
88 |
exit
|
| 66 |
89 |
}
|
| 67 |
90 |
|
| 68 |
91 |
[ $totalcount -gt 0 ] && [ $estabcount -eq $totalcount ] && [ $p2count -eq 0 ] && {
|
| 69 |
|
echo all connections have p1 up but no connections have p2 up - bouncing openbgpd and ipsec
|
| 70 |
|
bounceall
|
| 71 |
|
exit
|
|
92 |
echo all connections have p1 up but no connections have p2 up - bouncing openbgpd and ipsec
|
|
93 |
echo all connections have p1 up but no connections have p2 up - bouncing openbgpd and ipsec | logger
|
|
94 |
bounceall
|
|
95 |
exit
|
| 72 |
96 |
}
|
| 73 |
|
|