|
1
|
#!/bin/sh
|
|
2
|
#
|
|
3
|
# ping_hosts.sh
|
|
4
|
#
|
|
5
|
# part of pfSense (https://www.pfsense.org)
|
|
6
|
# Copyright (c) 2006-2016 Rubicon Communications, LLC (Netgate)
|
|
7
|
# All rights reserved.
|
|
8
|
#
|
|
9
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
10
|
# you may not use this file except in compliance with the License.
|
|
11
|
# You may obtain a copy of the License at
|
|
12
|
#
|
|
13
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
14
|
#
|
|
15
|
# Unless required by applicable law or agreed to in writing, software
|
|
16
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
17
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
18
|
# See the License for the specific language governing permissions and
|
|
19
|
# limitations under the License.
|
|
20
|
|
|
21
|
# Format of file should be delimited by |
|
|
22
|
# Field 1: Source IP
|
|
23
|
# Field 2: Destination IP
|
|
24
|
# Field 3: Ping count
|
|
25
|
# Field 4: Script to run when service is down
|
|
26
|
# Field 5: Script to run once service is restored
|
|
27
|
# Field 6: Ping time threshold
|
|
28
|
# Field 7: Wan ping time threshold
|
|
29
|
# Field 8: Address family
|
|
30
|
|
|
31
|
# Read in ipsec ping hosts and check the CARP status
|
|
32
|
if [ -f /var/db/ipsecpinghosts ]; then
|
|
33
|
IPSECHOSTS="/var/db/ipsecpinghosts"
|
|
34
|
CURRENTIPSECHOSTS="/var/db/currentipsecpinghosts"
|
|
35
|
IFVPNSTATE=`ifconfig $IFVPN | grep "carp: BACKUP vhid" | wc -l`
|
|
36
|
if [ $IFVPNSTATE -gt 1 ]; then
|
|
37
|
echo -e "CARP interface in BACKUP (not pinging ipsec hosts)"
|
|
38
|
rm -f $CURRENTIPSECHOSTS
|
|
39
|
touch $CURRENTIPSECHOSTS
|
|
40
|
else
|
|
41
|
echo -e "CARP interface is MASTER or non CARP (pinging ipsec hosts)"
|
|
42
|
cat < $IPSECHOSTS > $CURRENTIPSECHOSTS
|
|
43
|
fi
|
|
44
|
fi
|
|
45
|
|
|
46
|
# General file meant for user consumption
|
|
47
|
if [ -f /var/db/hosts ]; then
|
|
48
|
HOSTS="/var/db/hosts"
|
|
49
|
fi
|
|
50
|
|
|
51
|
# Package specific ping requests
|
|
52
|
if [ -f /var/db/pkgpinghosts ]; then
|
|
53
|
PKGHOSTS="/var/db/pkgpinghosts"
|
|
54
|
fi
|
|
55
|
|
|
56
|
cat $PKGHOSTS $HOSTS $CURRENTIPSECHOSTS >/tmp/tmpHOSTS
|
|
57
|
|
|
58
|
if [ ! -d /var/db/pingstatus ]; then
|
|
59
|
/bin/mkdir -p /var/db/pingstatus
|
|
60
|
fi
|
|
61
|
|
|
62
|
if [ ! -d /var/db/pingmsstatus ]; then
|
|
63
|
/bin/mkdir -p /var/db/pingmsstatus
|
|
64
|
fi
|
|
65
|
|
|
66
|
PINGHOSTS=`cat /tmp/tmpHOSTS`
|
|
67
|
|
|
68
|
PINGHOSTCOUNT=`cat /tmp/tmpHOSTS | wc -l`
|
|
69
|
|
|
70
|
if [ "$PINGHOSTCOUNT" -lt "1" ]; then
|
|
71
|
exit
|
|
72
|
fi
|
|
73
|
|
|
74
|
for TOPING in $PINGHOSTS ; do
|
|
75
|
echo "PROCESSING $TOPING"
|
|
76
|
SRCIP=`echo $TOPING | cut -d"|" -f1`
|
|
77
|
DSTIP=`echo $TOPING | cut -d"|" -f2`
|
|
78
|
COUNT=`echo $TOPING | cut -d"|" -f3`
|
|
79
|
FAILURESCRIPT=`echo $TOPING | cut -d"|" -f4`
|
|
80
|
SERVICERESTOREDSCRIPT=`echo $TOPING | cut -d"|" -f5`
|
|
81
|
THRESHOLD=`echo $TOPING | cut -d"|" -f6`
|
|
82
|
WANTHRESHOLD=`echo $TOPING | cut -d"|" -f7`
|
|
83
|
AF=`echo $TOPING | cut -d"|" -f8`
|
|
84
|
if [ "$AF" == "inet6" ]; then
|
|
85
|
PINGCMD=ping6
|
|
86
|
else
|
|
87
|
PINGCMD=ping
|
|
88
|
fi
|
|
89
|
echo Processing $DSTIP
|
|
90
|
# Look for a service being down
|
|
91
|
# Read in previous status
|
|
92
|
PREVIOUSSTATUS=""
|
|
93
|
if [ -f "/var/db/pingstatus/${DSTIP}" ]; then
|
|
94
|
PREVIOUSSTATUS=`cat /var/db/pingstatus/$DSTIP`
|
|
95
|
fi
|
|
96
|
$PINGCMD -c $COUNT -S $SRCIP $DSTIP
|
|
97
|
if [ $? -eq 0 ]; then
|
|
98
|
# Host is up
|
|
99
|
if [ "$PREVIOUSSTATUS" != "UP" ]; then
|
|
100
|
# Service restored
|
|
101
|
echo "UP" > /var/db/pingstatus/$DSTIP
|
|
102
|
if [ "$SERVICERESTOREDSCRIPT" != "" ]; then
|
|
103
|
echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT"
|
|
104
|
echo "$DSTIP is UP, previous state was DOWN .. Running $SERVICERESTOREDSCRIPT" | logger -p daemon.info -i -t PingMonitor
|
|
105
|
sh -c $SERVICERESTOREDSCRIPT
|
|
106
|
fi
|
|
107
|
fi
|
|
108
|
else
|
|
109
|
# Host is down
|
|
110
|
if [ "$PREVIOUSSTATUS" != "DOWN" ]; then
|
|
111
|
# Service is down
|
|
112
|
echo "DOWN" > /var/db/pingstatus/$DSTIP
|
|
113
|
if [ "$FAILURESCRIPT" != "" ]; then
|
|
114
|
echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT"
|
|
115
|
echo "$DSTIP is DOWN, previous state was UP .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
|
|
116
|
sh -c $FAILURESCRIPT
|
|
117
|
fi
|
|
118
|
fi
|
|
119
|
fi
|
|
120
|
echo "Checking ping time $DSTIP"
|
|
121
|
# Look at ping values themselves
|
|
122
|
PINGTIME=`$PINGCMD -c 1 -S $SRCIP $DSTIP | awk '{ print $7 }' | grep time | cut -d "=" -f2`
|
|
123
|
echo "Ping returned $?"
|
|
124
|
echo $PINGTIME > /var/db/pingmsstatus/$DSTIP
|
|
125
|
if [ "$THRESHOLD" != "" ]; then
|
|
126
|
if [ $(echo "${PINGTIME} > ${THRESHOLD}" | /usr/bin/bc) -eq 1 ]; then
|
|
127
|
echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT"
|
|
128
|
echo "$DSTIP has exceeded ping threshold $PINGTIME / $THRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
|
|
129
|
sh -c $FAILURESCRIPT
|
|
130
|
fi
|
|
131
|
fi
|
|
132
|
# Wan ping time threshold
|
|
133
|
#WANTIME=`rrdtool fetch /var/db/rrd/wan-quality.rrd AVERAGE -r 120 -s -1min -e -1min | grep ":" | cut -f3 -d" " | cut -d"e" -f1`
|
|
134
|
echo "Checking wan ping time $WANTIME"
|
|
135
|
echo $WANTIME > /var/db/wanaverage
|
|
136
|
if [ "$WANTHRESHOLD" != "" -a "$WANTIME" != "" ]; then
|
|
137
|
if [ $(echo "${WANTIME} > ${WANTHRESHOLD}" | /usr/bin/bc) -eq 1 ]; then
|
|
138
|
echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT"
|
|
139
|
echo "$DSTIP has exceeded wan ping threshold $WANTIME / $WANTHRESHOLD .. Running $FAILURESCRIPT" | logger -p daemon.info -i -t PingMonitor
|
|
140
|
sh -c $FAILURESCRIPT
|
|
141
|
fi
|
|
142
|
fi
|
|
143
|
sleep 1
|
|
144
|
done
|
|
145
|
|
|
146
|
exit 0
|
|
147
|
|