VPN Client down and SmartTV is now a StupidTV

jorgsmash

Regular Contributor
Hey guys. This is not the first time this has happened. I turn my TV on and it can't do anything. All the apps say I'm not connected to the Internet. This is so frustrating as I have to fix a problem on my network what seems like every other day. Especially this TV. I want to throw the controller through the damn thing.

I go into my VPN settings. What do ya know, the VPN tunnel is down for who knows why. I have the setting enabled to where it's not supposed to block clients if the tunnel is down. That setting doesn't seem to be working.

This is the problem:
No public IP for whatever reason. I wish the router would just retry the connection.

1601570905880.png


I would hope this setting would allow Internet access in a situation like this but it doesn't seem to:

1601570951440.png


I want to run my TV through a VPN for various reasons but this is just becoming annoying to have to constantly log into the router before I can watch YouTube.

Thanks for listening to me rant guys! ;)
 

eibgrad

Senior Member
You should be specifying *multiple* remote directives (servers) in your Custom Configuration field! Don't depend on just one server. Depending on the reliability of your VPN provider, it's not unusual to have any given server go down, if only for maintenance purposes.
 

eibgrad

Senior Member
P.S. Here's my own ExpressVPN configuration.

Code:
server-poll-timeout 10
remote-random
remote us-new-york-2-ca-version-2.expressnetw.com 1195
remote usa-atlanta-ca-version-2.expressnetw.com 1195
remote usa-chicago-ca-version-2.expressnetw.com 1195
remote usa-dallas-2-ca-version-2.expressnetw.com 1195
remote usa-dallas-ca-version-2.expressnetw.com 1195
remote usa-denver-ca-version-2.expressnetw.com 1195
remote usa-losangeles-1-ca-version-2.expressnetw.com 1195
remote usa-losangeles-3-ca-version-2.expressnetw.com 1195
#remote usa-losangeles-ca-version-2.expressnetw.com 1195
remote usa-losangeles5-ca-version-2.expressnetw.com 1195
remote usa-miami-2-ca-version-2.expressnetw.com 1195
remote usa-miami-ca-version-2.expressnetw.com 1195
remote usa-newjersey-1-ca-version-2.expressnetw.com 1195
remote usa-newjersey-3-ca-version-2.expressnetw.com 1195
remote usa-newyork-ca-version-2.expressnetw.com 1195
remote usa-saltlakecity-ca-version-2.expressnetw.com 1195
remote usa-sanfrancisco-ca-version-2.expressnetw.com 1195
remote usa-seattle-ca-version-2.expressnetw.com 1195
remote usa-tampa-1-ca-version-2.expressnetw.com 1195
remote usa-washingtondc-ca-version-2.expressnetw.com 1195
The "server-poll-timeout" directive limits how long the OpenVPN client will wait for a successful connection to any given server before moving on to the next one. The remote directive commented out is the one I have specified in the Server Address field of the GUI (think of it as the default).
 

CaptainSTX

Part of the Furniture
Your settings match mine so I don't see anything which would prevent the fall over to WAN and and cause your connection to drop when the VPN tunnel goes down.

You could try specifically putting a rule in that your router that its LAN IP is WAN connected. While it shouldn't make any difference who knows.

I have very few failures with PIA so my configuration doesn't get tested. While the custom settings look interesting if the router doesn't see the tunnel is down a switch to another tunnel may never happen.
 

RMerlin

Asuswrt-Merlin dev
Check your System Log, it will tell you what's wrong. Most of the time it's failure occurring during the key re-negotiation when it expires.
 

jorgsmash

Regular Contributor
P.S. Here's my own ExpressVPN configuration.

Code:
server-poll-timeout 10
remote-random
remote us-new-york-2-ca-version-2.expressnetw.com 1195
remote usa-atlanta-ca-version-2.expressnetw.com 1195
remote usa-chicago-ca-version-2.expressnetw.com 1195
remote usa-dallas-2-ca-version-2.expressnetw.com 1195
remote usa-dallas-ca-version-2.expressnetw.com 1195
remote usa-denver-ca-version-2.expressnetw.com 1195
remote usa-losangeles-1-ca-version-2.expressnetw.com 1195
remote usa-losangeles-3-ca-version-2.expressnetw.com 1195
#remote usa-losangeles-ca-version-2.expressnetw.com 1195
remote usa-losangeles5-ca-version-2.expressnetw.com 1195
remote usa-miami-2-ca-version-2.expressnetw.com 1195
remote usa-miami-ca-version-2.expressnetw.com 1195
remote usa-newjersey-1-ca-version-2.expressnetw.com 1195
remote usa-newjersey-3-ca-version-2.expressnetw.com 1195
remote usa-newyork-ca-version-2.expressnetw.com 1195
remote usa-saltlakecity-ca-version-2.expressnetw.com 1195
remote usa-sanfrancisco-ca-version-2.expressnetw.com 1195
remote usa-seattle-ca-version-2.expressnetw.com 1195
remote usa-tampa-1-ca-version-2.expressnetw.com 1195
remote usa-washingtondc-ca-version-2.expressnetw.com 1195
The "server-poll-timeout" directive limits how long the OpenVPN client will wait for a successful connection to any given server before moving on to the next one. The remote directive commented out is the one I have specified in the Server Address field of the GUI (think of it as the default).
Interesting! However, my VPN provider (not a great one or very well known) has certain VPN servers for streaming services. They only have one dedicated server for each server, at least that's how it appears. I know certain streaming services don't work with certain VPN servers so if I connect to a non-streaming server then Netflix won't work to my knowledge. I also don't know if Netflix will work on any of the other streaming dedicated servers. Where did you get the port number to use?

1601589007666.png
 

jorgsmash

Regular Contributor
Check your System Log, it will tell you what's wrong. Most of the time it's failure occurring during the key re-negotiation when it expires.
Hello Wise One! I have my router set to reboot every day at 5 am. It looks like the VPN tunnel had some errors around that time, but was able to work through them and finally started successfully around 5:01. Then it looks like around 12:56 is where the tunnel broke and never recovered:

Code:
 OctLine 2827: Oct  1 05:01:11 ovpn-client3[3488]: event_wait : Interrupted system call (code=4)
    Line 2828: Oct  1 05:01:11 ovpn-client3[3488]: vpnrouting.sh tun13 1500 1553 10.200.0.78 10.200.0.77 init
    Line 2830: Oct  1 05:01:11 ovpn-client3[3488]: /sbin/route del -net 10.200.0.1 netmask 255.255.255.255 metric 1
    Line 2831: Oct  1 05:01:11 ovpn-client3[3488]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 2832: Oct  1 05:01:11 ovpn-client3[3488]: /sbin/route del -net 107.170.208.31 netmask 255.255.255.255
    Line 2833: Oct  1 05:01:11 ovpn-client3[3488]: /sbin/route del -net 0.0.0.0 netmask 128.0.0.0
    Line 2834: Oct  1 05:01:11 ovpn-client3[3488]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 2835: Oct  1 05:01:11 ovpn-client3[3488]: /sbin/route del -net 128.0.0.0 netmask 128.0.0.0
    Line 2836: Oct  1 05:01:11 ovpn-client3[3488]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 2837: Oct  1 05:01:11 ovpn-client3[3488]: Closing TUN/TAP interface
    Line 2838: Oct  1 05:01:11 ovpn-client3[3488]: /sbin/ifconfig tun13 0.0.0.0
    Line 2840: Oct  1 05:01:11 ovpn-client3[3488]: updown.sh tun13 1500 1553 10.200.0.78 10.200.0.77 init
    Line 2841: Oct  1 05:01:11 ovpn-client3[3488]: SIGTERM[hard,] received, process exiting
    Line 2851: Oct  1 05:01:12 ovpn-client3[7712]: OpenVPN 2.4.9 arm-buildroot-linux-gnueabi [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jun 28 2020
    Line 2852: Oct  1 05:01:12 ovpn-client3[7712]: library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.08
    Line 2854: Oct  1 05:01:12 ovpn-client3[7713]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Line 2855: Oct  1 05:01:12 ovpn-client3[7713]: TCP/UDP: Preserving recently used remote address: [AF_INET]107.170.208.31:1194
    Line 2856: Oct  1 05:01:12 ovpn-client3[7713]: Socket Buffers: R=[524288->524288] S=[524288->524288]
    Line 2857: Oct  1 05:01:12 ovpn-client3[7713]: UDP link local: (not bound)
    Line 2858: Oct  1 05:01:12 ovpn-client3[7713]: UDP link remote: [AF_INET]107.170.208.31:1194
    Line 2859: Oct  1 05:01:12 ovpn-client3[7713]: TLS: Initial packet from [AF_INET]107.170.208.31:1194, sid=ce8e6865 fcb967a1
    Line 2860: Oct  1 05:01:13 ovpn-client3[7713]: VERIFY OK: depth=1, C=US, ST=NY, L=New York, O=Simplex Solutions Inc., OU=Vpn Unlimited, CN=server.vpnunlimitedapp.com, name=server.vpnunlimitedapp.com, [email protected]
    Line 2861: Oct  1 05:01:13 ovpn-client3[7713]: VERIFY KU OK
    Line 2862: Oct  1 05:01:13 ovpn-client3[7713]: Validating certificate extended key usage
    Line 2863: Oct  1 05:01:13 ovpn-client3[7713]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    Line 2864: Oct  1 05:01:13 ovpn-client3[7713]: VERIFY EKU OK
    Line 2865: Oct  1 05:01:13 ovpn-client3[7713]: VERIFY OK: depth=0, CN=openvpn2.vpnunlimitedapp.com
    Line 2866: Oct  1 05:01:13 ovpn-client3[7713]: Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
    Line 2867: Oct  1 05:01:13 ovpn-client3[7713]: [openvpn2.vpnunlimitedapp.com] Peer Connection Initiated with [AF_INET]107.170.208.31:1194
    Line 2899: Oct  1 05:01:14 ovpn-client3[7713]: SENT CONTROL [openvpn2.vpnunlimitedapp.com]: 'PUSH_REQUEST' (status=1)
    Line 2968: Oct  1 05:01:19 ovpn-client3[7713]: SENT CONTROL [openvpn2.vpnunlimitedapp.com]: 'PUSH_REQUEST' (status=1)
    Line 2969: Oct  1 05:01:20 ovpn-client3[7713]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.200.0.1,rcvbuf 262144,sndbuf 262144,comp-lzo no,ping 5,ping-exit 30,route 10.200.0.1,topology net30,ifconfig 10.200.0.98 10.200.0.97,peer-id 23,cipher AES-256-GCM'
    Line 2970: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: timers and/or timeouts modified
    Line 2971: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: compression parms modified
    Line 2972: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
    Line 2973: Oct  1 05:01:20 ovpn-client3[7713]: Socket Buffers: R=[524288->524288] S=[524288->524288]
    Line 2974: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: --ifconfig/up options modified
    Line 2975: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: route options modified
    Line 2976: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Line 2977: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: peer-id set
    Line 2978: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: adjusting link_mtu to 1625
    Line 2979: Oct  1 05:01:20 ovpn-client3[7713]: OPTIONS IMPORT: data channel crypto options modified
    Line 2980: Oct  1 05:01:20 ovpn-client3[7713]: Data Channel: using negotiated cipher 'AES-256-GCM'
    Line 2981: Oct  1 05:01:20 ovpn-client3[7713]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Line 2982: Oct  1 05:01:20 ovpn-client3[7713]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Line 2983: Oct  1 05:01:20 ovpn-client3[7713]: TUN/TAP device tun13 opened
    Line 2984: Oct  1 05:01:20 ovpn-client3[7713]: TUN/TAP TX queue length set to 1000
    Line 2985: Oct  1 05:01:20 ovpn-client3[7713]: /sbin/ifconfig tun13 10.200.0.98 pointopoint 10.200.0.97 mtu 1500
    Line 2987: Oct  1 05:01:20 ovpn-client3[7713]: updown.sh tun13 1500 1553 10.200.0.98 10.200.0.97 init
    Line 2997: Oct  1 05:01:22 ovpn-client3[7713]: /sbin/route add -net 107.170.208.31 netmask 255.255.255.255 gw [removed public IP]
    Line 2998: Oct  1 05:01:22 ovpn-client3[7713]: ERROR: Linux route add command failed: external program exited with error status: 1
    Line 2999: Oct  1 05:01:22 ovpn-client3[7713]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.200.0.97
    Line 3000: Oct  1 05:01:22 ovpn-client3[7713]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.200.0.97
    Line 3001: Oct  1 05:01:22 ovpn-client3[7713]: /sbin/route add -net 10.200.0.1 netmask 255.255.255.255 metric 1 gw 10.200.0.97
    Line 3003: Oct  1 05:01:22 ovpn-client3[7713]: Initialization Sequence Completed
    Line 3374: Oct  1 12:56:37 ovpn-client3[7713]: event_wait : Interrupted system call (code=4)
    Line 3375: Oct  1 12:56:37 ovpn-client3[7713]: vpnrouting.sh tun13 1500 1553 10.200.0.98 10.200.0.97 init
    Line 3377: Oct  1 12:56:37 ovpn-client3[7713]: /sbin/route del -net 10.200.0.1 netmask 255.255.255.255 metric 1
    Line 3378: Oct  1 12:56:37 ovpn-client3[7713]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 3379: Oct  1 12:56:37 ovpn-client3[7713]: /sbin/route del -net 107.170.208.31 netmask 255.255.255.255
    Line 3380: Oct  1 12:56:37 ovpn-client3[7713]: /sbin/route del -net 0.0.0.0 netmask 128.0.0.0
    Line 3381: Oct  1 12:56:37 ovpn-client3[7713]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 3382: Oct  1 12:56:37 ovpn-client3[7713]: /sbin/route del -net 128.0.0.0 netmask 128.0.0.0
    Line 3383: Oct  1 12:56:37 ovpn-client3[7713]: ERROR: Linux route delete command failed: external program exited with error status: 1
    Line 3384: Oct  1 12:56:37 ovpn-client3[7713]: Closing TUN/TAP interface
    Line 3385: Oct  1 12:56:37 ovpn-client3[7713]: /sbin/ifconfig tun13 0.0.0.0
    Line 3387: Oct  1 12:56:37 ovpn-client3[7713]: updown.sh tun13 1500 1553 10.200.0.98 10.200.0.97 init
    Line 3388: Oct  1 12:56:37 ovpn-client3[7713]: SIGTERM[hard,] received, process exiting
 

RMerlin

Asuswrt-Merlin dev
Line 3374: Oct 1 12:56:37 ovpn-client3[7713]: event_wait : Interrupted system call (code=4)
Something caused the client to exit then, however not sure what that would be.
 

eibgrad

Senior Member
Any way I can diagnose why the TV was unable to access the Internet through the WAN if it disconnected from the VPN?
Seems to me it should work over the WAN if the VPN fails, however, sometimes that's not as easy as it sounds, particularly if the client has established connections over the VPN at the time of the failure. IOW, it doesn't always know there's a problem and attempts to keep using those connections rather than resetting itself.

So rather than attempting to deal w/ how to make the TV return to the WAN, I'd recommend using a script that constantly checks whether the OpenVPN client process is still running, and if NOT, then have the script restart it. That's what I do w/ my dd-wrt OpenVPN client. I constantly monitor the OpenVPN client process to make sure it's still there in the process table and restart it should it disappear for whatever reasons.

Still doesn't explain why the OpenVPN process exited w/o (apparently) attempting to retry the connection, but perhaps it was some sort of issue the OpenVPN client determined was fatal, and to retry the connection would be futile. And for all I know, attempting to restart the OpenVPN client from a script might have the same result. That's why I don't like depending on a *single* server! Everything working as planned is contingent on that one and only option.
 

jorgsmash

Regular Contributor
Seems to me it should work over the WAN if the VPN fails, however, sometimes that's not as easy as it sounds, particularly if the client has established connections over the VPN at the time of the failure. IOW, it doesn't always know there's a problem and attempts to keep using those connections rather than resetting itself.

So rather than attempting to deal w/ how to make the TV return to the WAN, I'd recommend using a script that constantly checks whether the OpenVPN client process is still running, and if NOT, then have the script restart it. That's what I do w/ my dd-wrt OpenVPN client. I constantly monitor the OpenVPN client process to make sure it's still there in the process table and restart it should it disappear for whatever reasons.

Still doesn't explain why the OpenVPN process exited w/o (apparently) attempting to retry the connection, but perhaps it was some sort of issue the OpenVPN client determined was fatal, and to retry the connection would be futile. And for all I know, attempting to restart the OpenVPN client from a script might have the same result. That's why I don't like depending on a *single* server! Everything working as planned is contingent on that one and only option.
Thanks for the detailed response. I'm ok with having just one server because I don't NEED the TV to go through the VPN, it's just a preference. If the tunnel goes down I'm not too concerned that's why I have it set not to block clients if it does. I contacted VPN Unlimited and they only have one US based streaming server. So streaming services won't work through the other servers they offer.

Would you mind providing me with the script you use to constantly check the OpenVPN client status and restart it if it goes down?

Thank you!!
 

eibgrad

Senior Member
Here's a simple init-start script which should do the job. Make sure you have JFFS and JFFS custom scripts enabled under Administration->System. You may also need to change the CLIENT_ID to match the particular OpenVPN client instance to which it should apply.

Code:
#!/bin/sh

SCRIPTS_DIR='/jffs/scripts'
SCRIPT="$SCRIPTS_DIR/init-start"

mkdir -p $SCRIPTS_DIR

if [ -f $SCRIPT ]; then
    echo "error: $SCRIPT already exists; requires manual installation"
    exit 1
fi

cat << "EOF" > $SCRIPT
#!/bin/sh
set -x # uncomment/comment to enable/disable debug mode
(
CLIENT_ID='1'

while sleep 60; do
    if [ "$(nvram get vpn_client${CLIENT_ID}_state)" != "0" ]; then
        if ! ps | grep -q [v]pnclient${CLIENT_ID}; then
            service restart_vpnclient${CLIENT_ID}
            echo "vpnclient${CLIENT_ID} restarted"
        fi
    fi
done

) 2>&1 | logger -t $(basename $0)[$$] &
EOF
chmod +x $SCRIPT
It works by first checking if the OpenVPN client is ON, then checking if the OpenVPN client's process (vpnclient#) is in the process table. If not, it restarts it. It does this continually every 60 seconds. Of course, you can change this if you like.

Note, I wasn't sure when your OpenVPN client stops, if the state of the OpenVPN is still ON, or whether it gets turned OFF. I check for the ON state to avoid starting the script should YOU decide to disable it. But if it turns out that when it stops of its own volition, it also turns the state from ON to OFF, then you'll probably have to remove that check in the script.

By default, it writes to the syslog. Once you feel confident it's working as expected, you can disable debugging and not have it clog up your syslog. At that point, the only message you'll receive in the syslog is if and when it decides the need to restart the OpenVPN client. But for initial testing, keep debugging enabled.

To install, you can open an ssh session on the router and copy/paste the entire script into the window. It's actually two scripts, an inner and outer, w/ the outer script creating the inner "init-start" script. If you have an existing init-start script, then you'll have to instead manually integrate my inner script into the existing init-start script.
 
Last edited:

jorgsmash

Regular Contributor
Here's a simple init-start script which should do the job. Make sure you have JFFS and JFFS custom scripts enabled under Administration->System. You may also need to change the CLIENT_ID to match the particular OpenVPN client instance to which it should apply.

Code:
#!/bin/sh

SCRIPTS_DIR='/jffs/scripts'
SCRIPT="$SCRIPTS_DIR/init-start"

mkdir -p $SCRIPTS_DIR

cat << "EOF" > $SCRIPT
#!/bin/sh
set -x # uncomment/comment to enable/disable debug mode
{
CLIENT_ID='1'

while sleep 60; do
    if [ "$(nvram get vpn_client${CLIENT_ID}_state)" != "0" ]; then
        if ! ps | grep -q [v]pnclient${CLIENT_ID}; then
            service restart_vpnclient${CLIENT_ID}
            echo "vpnclient${CLIENT_ID} restarted"
        fi
    fi
done

} 2>&1 | logger -t $(basename $0)[$$]
EOF
chmod +x $SCRIPT
It works by first checking if the OpenVPN client is ON, then checking if the OpenVPN client's process (vpnclient#) is in the process table. If not, it restarts it. It does this continually every 60 seconds. Of course, you can change this if you like.

Note, I wasn't sure when your OpenVPN client stops, if the state of the OpenVPN is still ON, or whether it gets turned OFF. I check for the ON state to avoid starting the script should YOU decide to disable it. But if it turns out that when it stops of its own volition, it also turns the state from ON to OFF, then you'll probably have to remove that check in the script.

By default, it writes to the syslog. Once you feel confident it's working as expected, you can disable debugging and not have it clog up your syslog. At that point, the only message you'll receive in the syslog is if and when it decides the need to restart the OpenVPN client. But for initial testing, keep debugging enabled.

To install, you can open an ssh session on the router and copy/paste the entire script into the window. It's actually two scripts, an inner and outer, w/ the outer script creating the inner "init-start" script. If you have an existing init-start script, then you'll have to instead manually integrate my inner script into the existing init-start script.
How can I check if I have an existing init-start script? Since it's being run as root, I assume it will overwrite any existing script without warning, correct?
 

eibgrad

Senior Member
How can I check if I have an existing init-start script? Since it's being run as root, I assume it will overwrite any existing script without warning, correct?
If there was already a file called /jffs/scripts/init-start (which you can check from an ssh session using the ls command; type "ls /jffs/scripts" (no quotes)), it would have been placed there by YOU to solve some other problem.

Merlin uses an event driven model to allow the user to inject their own code in response to certain system events. In this case, initialization just after bootup, where the router looks for a file by the name init-start in /jffs/scripts, and if it finds it, executes it. But there can only be *one* such file. So I'm warning that if you had used this event and file previously to solve some other problem, you'd have to *merge* my script w/ that existing script (or else use init-start to call multiple scripts), because YES, the outer script which creates the inner "init-start" script will overwrite an existing init-start script.
 

eibgrad

Senior Member
P.S. I updated the script to check for an existing init-start file, and if found, returns an error that tells you to install manually. So now it will NOT overwrite any existing init-start file.
 

jorgsmash

Regular Contributor
P.S. I updated the script to check for an existing init-start file, and if found, returns an error that tells you to install manually. So now it will NOT overwrite any existing init-start file.
Hey again. Sorry I have been away for a while. I really do appreciate your help on this and all the time you've put into helping me. I do indeed already have an init-start script. Looks like dnscrypt-installer and rebootscheduler both added entries to that file:

Code:
# cat /jffs/scripts/init-start
#!/bin/sh
[ -x /jffs/dnscrypt/manager ] && /jffs/dnscrypt/manager init-start
cru a amtm_RebootScheduler "0 5 * * * service reboot" # Added by amtm
So then, I would add your code to the end of the file (in nano) like this?

Code:
set -x # uncomment/comment to enable/disable debug mode
(
CLIENT_ID='1'

while sleep 60; do
    if [ "$(nvram get vpn_client${CLIENT_ID}_state)" != "0" ]; then
        if ! ps | grep -q [v]pnclient${CLIENT_ID}; then
            service restart_vpnclient${CLIENT_ID}
            echo "vpnclient${CLIENT_ID} restarted"
        fi
    fi
done

) 2>&1 | logger -t $(basename $0)[$$] &

And I would leave that trailing & sign included, but not include the "EOF" (no quotes) at the end of the init-start script? I was under the assumption that the EOF at the end tells your cat portion that that is the end of the code to cat to the end of the file. Hopefully that's correct.
 

eibgrad

Senior Member
What I suggest is that you change the installer to create the script by another name, say init2-start, then call that script from the existing init-start script (presumably at the very end). Just less chance of messing things up for either script.
 
Last edited:

jorgsmash

Regular Contributor
What I suggest is that you change the installer to create the script by another name, say init2-start, then call that script from the existing init-start script (presumably at the very end). Just less chance of messing things up for either script.
Ok let's see. So I would have:

Code:
#!/bin/sh

SCRIPTS_DIR='/jffs/scripts'
SCRIPT="$SCRIPTS_DIR/init2-start"

mkdir -p $SCRIPTS_DIR

if [ -f $SCRIPT ]; then
    echo "error: $SCRIPT already exists; requires manual installation"
    exit 1
fi

cat << "EOF" > $SCRIPT
#!/bin/sh
set -x # uncomment/comment to enable/disable debug mode
(
CLIENT_ID='1'

while sleep 60; do
    if [ "$(nvram get vpn_client${CLIENT_ID}_state)" != "0" ]; then
        if ! ps | grep -q [v]pnclient${CLIENT_ID}; then
            service restart_vpnclient${CLIENT_ID}
            echo "vpnclient${CLIENT_ID} restarted"
        fi
    fi
done

) 2>&1 | logger -t $(basename $0)[$$] &
EOF
chmod +x $SCRIPT
Then in my init-start script:

Code:
#!/bin/sh
[ -x /jffs/dnscrypt/manager ] && /jffs/dnscrypt/manager init-start
cru a amtm_RebootScheduler "0 5 * * * service reboot" # Added by amtm
/jffs/scripts/init2-start
Does that look right?
 

jorgsmash

Regular Contributor
This is what I have so far. I will uncomment the line in my init-start file once I get confirmation this is correct:


Code:
/jffs/scripts# cat init2-start
#!/bin/sh
set -x # uncomment/comment to enable/disable debug mode
(
CLIENT_ID='1'

while sleep 60; do
    if [ "$(nvram get vpn_client${CLIENT_ID}_state)" != "0" ]; then
        if ! ps | grep -q [v]pnclient${CLIENT_ID}; then
            service restart_vpnclient${CLIENT_ID}
            echo "vpnclient${CLIENT_ID} restarted"
        fi
    fi
done

) 2>&1 | logger -t $(basename $0)[$$] &
[email protected]:/jffs/scripts# cat init-start
#!/bin/sh
[ -x /jffs/dnscrypt/manager ] && /jffs/dnscrypt/manager init-start
cru a amtm_RebootScheduler "0 5 * * * service reboot" # Added by amtm
#/jffs/scripts/init2-start
[email protected]:/jffs/scripts#
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top