What's new

VPNMON VPNMON-R2 v2.52 -Mar 27, 2023- Monitor your VPN connection's Health (Thread locked/closed)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

@Viktor Jaep, just testing the manual use of the "-stop / -resume" combo, it would appear (maybe?) that "-resume" always eventually does effectively a "-reset" as a way of getting the VPN running again. Or maybe that's not right and I've just been unlucky? Would a possible improvement be that a "-resume", in the first instance, just re-starts the last VPN client slot that was in use with last used config and endpoint, and then if that doesn't work, goes on to do a "-reset" at the next attempt perhaps?
I can take a further look into this. Thanks for your suggestions. ;)
 
Hi Is there a way to configure this with the lowest ping but not touch/randomise the cities?
like say I set the following via vpnmgr:
Code:
Slot 1: NordVPN - Chicago
Slot 2: NordVPN - Los Angeles
Slot 3: NordVPN - San Francisco
Slot 4: NordVPN - Dallas

all I want for vpnmon to do is keep skynet updated & select the lowest ping out of those set cities & not change the cities.
as I mainly use nord for gaming to find lobbies in the US..
 
Hi Is there a way to configure this with the lowest ping but not touch/randomise the cities?
like say I set the following via vpnmgr:
Code:
Slot 1: NordVPN - Chicago
Slot 2: NordVPN - Los Angeles
Slot 3: NordVPN - San Francisco
Slot 4: NordVPN - Dallas

all I want for vpnmon to do is keep skynet updated & select the lowest ping out of those set cities & not change the cities.
as I mainly use nord for gaming to find lobbies in the US..
Yep! As long as you choose the "lowest ping" option, it will just keep the same slots you have even through a normal VPN reset. And just make sure you leave "superrandom" off. ;)
 
Last edited:
Minor update today to v2.36 -- building in some more optimizations to the -stop/-resume commands to help with some possible integration options with the WAN_Failover script. Enjoy!

What's new?
v2.36 - (October 29, 2022)
- CHANGED:
Added some functionality to the -stop command, that when it is resumed, it will attempt to connect to the last known good VPN slot.
- FIXED: Omitted to include an event when VPNMON-R2 goes into a loop during the WAN1 VPN exception, and will now write that VPNMON-R2 is in a "STOPPED" state. Thanks for the report, @Stephen Harrington

Download link (or update directly from within AMTM)
Code:
curl --retry 3 "https://raw.githubusercontent.com/ViktorJp/VPNMON-R2/master/vpnmon-r2-2.36.sh" -o "/jffs/scripts/vpnmon-r2.sh" && chmod a+rx "/jffs/scripts/vpnmon-r2.sh"
 
I little bit change my network segmentation and getting an error while trying to run.

Can you suggest where is the issue ?

Code:
Executing VPNMON-R2 v2.35 using the SCREEN utility...


IMPORTANT:
In order to keep VPNMON-R2 running in the background,
properly exit the SCREEN session by using: CTRL-A + D


Segmentation fault
Switching to the SCREEN session in T-5 sec...


Segmentation fault
pristup@RT-AX86U-3E18:/tmp/home/root#

My router IP/network is 192.168.1.59 with subnet 255.255.248.0 (/21). Segmentation in VPN director is following (192.168.5.0/24 is network where I keep VPN clients).

When I manually run any of the 5 tunnel, it just works.

1667593786382.png


EDIT: I had to format flash, reinstall the Entware and all the scripts, then it started to work. It was not related to network segmentation in any way.
 
Last edited:
I little bit change my network segmentation and getting an error while trying to run.

Can you suggest where is the issue ?

Code:
Executing VPNMON-R2 v2.35 using the SCREEN utility...


IMPORTANT:
In order to keep VPNMON-R2 running in the background,
properly exit the SCREEN session by using: CTRL-A + D


Segmentation fault
Switching to the SCREEN session in T-5 sec...


Segmentation fault
pristup@RT-AX86U-3E18:/tmp/home/root#

My router IP/network is 192.168.1.59 with subnet 255.255.248.0 (/21). Segmentation in VPN director is following (192.168.5.0/24 is network where I keep VPN clients).

When I manually run any of the 5 tunnel, it just works.

View attachment 45178
For one... I'd make sure your Remote IP's under VPN Director are left blank... don't put 0.0.0.0/0...

If that still doesn't help... try running it just in monitor mode (without screen), to see if you can get any further messages about this error:

Code:
vpnmon-r2 -monitor

Also... based on some cursory searches for "segmentation fault" in these forums, it might be that you're dealing with some kind of corruption issue, and that entware may need to be completely uninstalled and reinstalled? https://www.snbforums.com/threads/v...for-nordvpn-and-pia.64930/page-17#post-711679
 
Last edited:
I'm wondering if you can add an option for your script to just move to the next VPN Client without a full vpn service reset. I notice when a vpn change happens it kills the kill switch, & the devices gain access the internet while it's cycling to the next client.
 
I'm wondering if you can add an option for your script to just move to the next VPN Client without a full vpn service reset. I notice when a vpn change happens it kills the kill switch, & the devices gain access the internet while it's cycling to the next client.
In order to move to the next client, you have to kill the old one... Are you saying, connecting the second vpn before killing the first? Typically the reason for it moving to another VPN slot is because a connection failed, which kinda puts you in the same spot as far as leaks go. I am looking into providing a Killswitch of some sort in VPNMON-R2 to prevent leaks when VPN connections go down.
 
In order to move to the next client, you have to kill the old one... Are you saying, connecting the second vpn before killing the first? Typically the reason for it moving to another VPN slot is because a connection failed, which kinda puts you in the same spot as far as leaks go. I am looking into providing a Killswitch of some sort in VPNMON-R2 to prevent leaks when VPN connections go down.
I mean do you have to kill it ? for instance I am keeping client 5 with invalid info just to use it as a kill switch at reboot of the router and it stays in the state ( Error connecting). However that doesn't kill the ability for your script to connect the additional vpn clients. So what i'm saying instead of you doing a full blown vpn reset when the connection is detected as down. Why can't it just move to the next client. Then if that client goes down it goes to the next in the cycle. If it eventually lands on one that is down again it just re-toggles it or something or just retries to connect instead of doing a full vpn reset which kills all the clients and also kills the kill switch. I'm not sure.. Its just a suggestion. Cause the way its done right now during the VPN reset the kill switch is disabled and my clients that are setup in director become exposed to wan. Meanwhile if I run killall vpnclient(1234) the kill switch remains active and I can just toggle on the next client giving them access to the internet again through vpn.
 
I mean do you have to kill it ? for instance I am keeping client 5 with invalid info just to use it as a kill switch at reboot of the router and it stays in the state ( Error connecting). However that doesn't kill the ability for your script to connect the additional vpn clients. So what i'm saying instead of you doing a full blown vpn reset when the connection is detected as down. Why can't it just move to the next client. Then if that client goes down it goes to the next in the cycle. If it eventually lands on one that is down again it just re-toggles it or something or just retries to connect instead of doing a full vpn reset which kills all the clients and also kills the kill switch. I'm not sure.. Its just a suggestion. Cause the way its done right now during the VPN reset the kill switch is disabled and my clients that are setup in director become exposed to wan. Meanwhile if I run killall vpnclient(1234) the kill switch remains active and I can just toggle on the next client giving them access to the internet again through vpn.
I'm basically executing the same commands that you would normally be executing when using the VPN client UI, and flipping sliders on and off. A "full vpn reset" in its most basic elements simply entails a "service stop" and a "service start" command, just like a slider would accomplish in the UI.

I'm not sure how this could disable the killswitch, since those are iptables-based? I'm not even touching any routing or firewall tables.
 
it seems to be the vpn reset thing --- Like when your script says executing vpn reset ! that kills the kill switch on the client that was down.
No idea how or why... But luckily I should be playing with some Killswitch code here pretty soon so hopefully you won't have to do too many workarounds.
 
@ComputerSteve ... I've had some pretty decent success testing a kill switch last night... However, one thing that really stood out, was that IP6 leaked like crazy. I'm not sure if anyone else has ever encountered this or has seen this with the other kill switch script from @eibgrad, but it seems the only way to prevent this is either to turn off IP6 at the router level or implement additional rules to limit IP6 traffic with iptables.

So with IP4 blocked successfully, I could still browse to these sites (below) very easily. Could you please try this on your end when your kill switch script is enabled to see if this is a common problem?

 
Last edited:
Command is not in path, whats the correct way to set it up?
Once you go through the setup, the script adds itself to the profiles file... Sometimes it takes it a bit, a few minutes, perhaps an exit, or a reboot, but eventually the router will let you use the shortened command.
 
While experimenting with this script i wonder how to stop or skip parts of the VPN reconnect. Don't get me wrong, i love starring at it doing it's thing!

Setting for reboots and/or resets via vpmon script to go straight and connect to last known good VPN directly and bypass wan checks and vpnmgr refreshing and downloading of server lists assuming IP's are still wl in Skynet.
Especially during manual VPN exit location changes in vpnmgr followed by a reset vpnmon-r2 or when i want to make sure the merlinWRT box will keep doing what i want it to do even after a reboot.
Also the 15sec spin and the other 60sec wait seems high for me, probably not for others, might be nice though to allow for lower values.

Think i saw the spin variable and could change it in the script and play with it tomorrow.
 
While experimenting with this script i wonder how to stop or skip parts of the VPN reconnect. Don't get me wrong, i love starring at it doing it's thing!

Setting for reboots and/or resets via vpmon script to go straight and connect to last known good VPN directly and bypass wan checks and vpnmgr refreshing and downloading of server lists assuming IP's are still wl in Skynet.
Especially during manual VPN exit location changes in vpnmgr followed by a reset vpnmon-r2 or when i want to make sure the merlinWRT box will keep doing what i want it to do even after a reboot.
Also the 15sec spin and the other 60sec wait seems high for me, probably not for others, might be nice though to allow for lower values.

Think i saw the spin variable and could change it in the script and play with it tomorrow.
The idea behind VPNMON-R2 is to let it do what it needs to do in order to ensure a continuous connection... Mine has literally been running for months without interruption, and providing 100% VPN uptime. Some of these things you mentioned are by design -- Whether that's spending some time downloading the latest sets of VPN host server IPs, or allowing Skynet to catch up, or waiting for vpnmgr or yazfi services to restart... With the large number of WAN disconnects, its important to determine if WAN is up or down, and make sure that the router recovers gracefully once the WAN comes back up. It has to work in concert, else things bork up, and you can kiss having a stable VPN environment goodbye. Sure you can certainly change the interval timer - it's found under the config, and defaults to 60 seconds. You can certainly change the spinner timers but they vary throughout the code depending on the task at hand... Enjoy!
 
Today mine is caught in a loop. Keeps killing everything then showing my local vpn's but will not turn any of them on in my router Rt-ac68u.:confused:
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top