What's new

VPNMON VPNMON-R2 v2.0 -Jul 10, 2022- Monitor your VPN connection's Health (Thread locked/closed)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I got this

Code:
admin@RT-AC86U-DBA8:/tmp/home/root# ip r | grep -oE "\b($(nvram get wan0_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u
ppp0
vlan500
admin@RT-AC86U-DBA8:/tmp/home/root#
now try

Code:
ip r | grep default | grep -oE "\b($(nvram get wan_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u

I added default
 
now try

Code:
ip r | grep default | grep -oE "\b($(nvram get wan_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u

I added default
Wow, getting longer…

Code:
admin@RT-AC86U-DBA8:/tmp/home/root# 
admin@RT-AC86U-DBA8:/tmp/home/root# ip r | grep default | grep -oE "\b($(nvram get wan_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u
ppp0
admin@RT-AC86U-DBA8:/tmp/home/root#
 
Wow, getting longer…

Code:
admin@RT-AC86U-DBA8:/tmp/home/root#
admin@RT-AC86U-DBA8:/tmp/home/root# ip r | grep default | grep -oE "\b($(nvram get wan_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u
ppp0
admin@RT-AC86U-DBA8:/tmp/home/root#
notice we have narrowed down, that you have two routes within the nvram variable range, and only one of them is default... ppp0
 
What does this give you, @chongnt?

Code:
#!/bin/sh

get_wan_setting() {
    local varname varval
    varname="${1}"
    prefixes="wan0_ wan1_"

    if [ "$(nvram get wans_mode)" = "lb" ] ; then
        for prefix in $prefixes; do
            state="$(nvram get "${prefix}"state_t)"
            sbstate="$(nvram get "${prefix}"sbstate_t)"
            auxstate="$(nvram get "${prefix}"auxstate_t)"

            # is_wan_connect()
            [ "${state}" = "2" ] || continue
            [ "${sbstate}" = "0" ] || continue
            [ "${auxstate}" = "0" ] || [ "${auxstate}" = "2" ] || continue

            # get_wan_ifname()
            proto="$(nvram get "${prefix}"proto)"
            if [ "${proto}" = "pppoe" ] || [ "${proto}" = "pptp" ] || [ "${proto}" = "l2tp" ] ; then
                varval="$(nvram get "${prefix}"pppoe_"${varname}")"
            else
                varval="$(nvram get "${prefix}""${varname}")"
            fi
        done
    else
        for prefix in $prefixes; do
            primary="$(nvram get "${prefix}"primary)"
            [ "${primary}" = "1" ] && break
        done

        proto="$(nvram get "${prefix}"proto)"
        if [ "${proto}" = "pppoe" ] || [ "${proto}" = "pptp" ] || [ "${proto}" = "l2tp" ] ; then
            varval="$(nvram get "${prefix}"pppoe_"${varname}")"
        else
            varval="$(nvram get "${prefix}""${varname}")"
        fi
    fi
    printf "%s" "${varval}"
} # get_wan_setting

get_wan_setting ifname
echo ""
 
What does this give you, @chongnt?

Code:
#!/bin/sh

get_wan_setting() {
    local varname varval
    varname="${1}"
    prefixes="wan0_ wan1_"

    if [ "$(nvram get wans_mode)" = "lb" ] ; then
        for prefix in $prefixes; do
            state="$(nvram get "${prefix}"state_t)"
            sbstate="$(nvram get "${prefix}"sbstate_t)"
            auxstate="$(nvram get "${prefix}"auxstate_t)"

            # is_wan_connect()
            [ "${state}" = "2" ] || continue
            [ "${sbstate}" = "0" ] || continue
            [ "${auxstate}" = "0" ] || [ "${auxstate}" = "2" ] || continue

            # get_wan_ifname()
            proto="$(nvram get "${prefix}"proto)"
            if [ "${proto}" = "pppoe" ] || [ "${proto}" = "pptp" ] || [ "${proto}" = "l2tp" ] ; then
                varval="$(nvram get "${prefix}"pppoe_"${varname}")"
            else
                varval="$(nvram get "${prefix}""${varname}")"
            fi
        done
    else
        for prefix in $prefixes; do
            primary="$(nvram get "${prefix}"primary)"
            [ "${primary}" = "1" ] && break
        done

        proto="$(nvram get "${prefix}"proto)"
        if [ "${proto}" = "pppoe" ] || [ "${proto}" = "pptp" ] || [ "${proto}" = "l2tp" ] ; then
            varval="$(nvram get "${prefix}"pppoe_"${varname}")"
        else
            varval="$(nvram get "${prefix}""${varname}")"
        fi
    fi
    printf "%s" "${varval}"
} # get_wan_setting

get_wan_setting ifname
echo ""
Sorry for late reply. I got ppp0
 
Sorry for late reply. I got ppp0

Thanks for the info, @chongnt ... so which one of your two interfaces carries your public facing IP? the vlan500 or the ppp0? I'm guessing the ppp0?
 
Thanks for the info, @chongnt ... so which one of your two interfaces carries your public facing IP? the vlan500 or the ppp0? I'm guessing the ppp0?
ironically the one that has the public facing ip is this one

Code:
ip a | grep inet | grep -vwE '\b(((10|127)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3})|(((172\.(1[6-9]|2[0-9]|3[0-1]))|(192\.168))(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}))\b' | grep global | awk '{ print $7 }' | head -n 1

the vlan one, this grep will only show public ip address because it voids out all non public addresses

or

Code:
ip r | grep -vwE '\b(((10|127)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3})|(((172\.(1[6-9]|2[0-9]|3[0-1]))|(192\.168))(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){2}))\b' | grep -oE "\b($(nvram get wan_ifname)|$(nvram get wan0_ifname)|$(nvram get wan1_ifname)|$(nvram get wan_pppoe_ifname)|$(nvram get wan0_pppoe_ifname)|$(nvram get wan1_pppoe_ifname))\b" | sort -u
 
Last edited:
You are right, public ip is under ppp0. Vlan500 has 169.254.236.60
Thanks guys... @chongnt, @SomeWhereOverTheRainBow and @dave14305 ... you've given me a LOT to think about on how to tackle this problem. I want to make sure it handles all situations... I'll play around with this some more tomorrow after I review these threads a few more times! Lol.
 
Vicktor, I'm testing a few last things on my wan-failover script and then I can share with you, on there for my wan failure detections I ping a target IP Address over a specific interface (WAN) and have a specific ping count and look for 100% packet loss, so for example if my ping misses 3 pings it will continue to the failover function.
I posted the script here.

 
How about this:
Code:
nvram get wan0_gw_ifname
nvram get wan0_ifname
nvram get wan0_ipaddr
nvram get wan1_gw_ifname
nvram get wan1_ifname
nvram get wan1_ipaddr

Here is my output:
Code:
admin@RT-AC86U-DBA8:/tmp/home/root# nvram get wan0_gw_ifname
ppp0
admin@RT-AC86U-DBA8:/tmp/home/root# nvram get wan0_ifname
vlan500
 
T
How about this:
Code:
nvram get wan0_gw_ifname
nvram get wan0_ifname
nvram get wan0_ipaddr
nvram get wan1_gw_ifname
nvram get wan1_ifname
nvram get wan1_ipaddr

Here is my output:
Code:
admin@RT-AC86U-DBA8:/tmp/home/root# nvram get wan0_gw_ifname
ppp0
admin@RT-AC86U-DBA8:/tmp/home/root# nvram get wan0_ifname
vlan500
The default route is your actual ifname though which is indicated by both @dave14305 script function and my ip -r default grep 1 liner.
 
Celebrating a big release today, with much thanks to this community! This truly was a community release -- without your valuable input and suggestions, and without your testing and guidance around best practices or code, this wouldn't have been possible. Huge shout-outs to @SomeWhereOverTheRainBow, @Stephen Harrington, @dave14305, @iTyPsIDg, @chongnt, @Kal1975, and @andywee... and for everyone else participating in the large number of beta's to get this right! :)

v1.5 - (May 20, 2022)
* SIGNIFICANT community testing and development has been done on the WAN up/down functionality... VPNMON-R2 is now checking for 2 distinct events -- (1) where the modem is physically off/disconnected, and (2) where the modem is on, but the ISP is down/disconnected. I never knew that the router/NVRAM couldn't tell the difference until @Stephen Harrington and @iTyPsIDg made this observation. But the end results after testing this is that it seems to be able to get past both hurdles now, and successfully re-establish a VPN connection after a major event. Sidenote: I don't think I've brought my internet down this much in the last 10 years total. My family thanks you and is praying this is the gold version! LOL. Sincere thanks to everyone involved on helping troubleshoot this and jumping in to pull apart this code! You all absolutely rock -- @Stephen Harrington, @SomeWhereOverTheRainBow, @dave14305, @iTyPsIDg, @chongnt ... thank you so much!
* NEW STATS: Added some extra bonus features and expanded the number of stats to include the WAN state, public-facing VPN IP address, as well as ping stats across the WAN interface(s). Should be dual-WAN capable, and indicate which WAN interface is active.
* Crunched the code through shellcheck.net... lots of small changes to formatting of calculations and logic based on its suggestions -- thanks @SomeWhereOverTheRainBow
* Added a new parameter called "-uninstall" to the list in order to completely uninstall the script (not that I'm encouraging you to do so, but at least you can now!) Usage: "vpnmon-r2 -uninstall" -- thanks @andywee
* Added a new parameter called "-screen", which will kick off VPNMON-R2 using the screen utility so we don't have to type this huge commandline each time. Please note -- requires the "screen" utility to be installed. Usage: "vpnmon-r2.sh -screen" -- thanks @Kal1975
* Added the ability to hit enter on items during the config that were asking for values, and adds default values for fill-in-the-blank and yes/no items -- thanks @chongnt
* Added live feedback during the config process to indicate what you just entered, to hopefully catch any typos before getting saved into the config. I thought this would be less messy than showing a huge summary of what all entries would be added to the config at the end of the setup process -- thanks @Kal1975
* Added a WAN connectivity check to the top of the VPN reset function. It will start off by first validating whether or not there's a functional WAN connection before attempting to initiate a VPN connection.
* Added a WAN connectivity check during the regular loop to see if the WAN is up or down based on an SSL handshake + verification to 8.8.8.8 (over the WAN connection). If this fails, VPNMON-R2 will fall back to a loop, and keep rechecking until the WAN is re-established, then will re-establish the VPN -- thanks @Kal1975
* Changed the exit VPN city lookup to use the icanhazip.com external/public ip service to help with location accuracy -- thanks @Kal1975
* Some excellent coding suggestions allowed me to eliminate my last [[ ]] wild card match and replace it with a fancy grep statement to attempt to catch an error condition when calling the API to check the city name based on the IP address -- thanks so much @SomeWhereOverTheRainBow / @iTyPsIDg
* Added another item to the config menu -- a delayed start-up option -- allowing you to specify how many seconds you would like to delay VPNMON-R2 from running after it starts up. This was added to allow for more compatibility with other potential scripts that are starting up after a router reboot. Please go through the "vpnmon-r2.sh -config" to add this setting -- thanks @Stephen Harrington
* Fixed: If the avgping value = null, then display 0 until it fixes itself the next time around
* Fixed: Added some modification to the timing involved in calculating the TX/RX values over the VPN tunnel. Due to the time it takes for the WAN to determine connectivity + the NordVPN Load lookup, I'm timing these functions to add their results to the entire calculation, hopefully to display slightly more accurate stats.

Enjoy!!

PS. Don't forget to hit "sh vpnmon-r2.sh -config" after updating!

vpnmon-r2-15-main.jpg
 
Last edited:
Similar threads
Thread starter Title Forum Replies Date
Ripshod (Not specifically) VPNMON-R3 1.11 failure domino effect Asuswrt-Merlin AddOns 20

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top