Last active
February 27, 2020 21:33
-
-
Save victoriastuart/19acf4944c9c95af461d62b27d0c19ec to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
VPN Notes, Scripts | |
Victoria Stuart: Apr 12, 2017 | |
[gmail: Victorias.Linux@ ...] | |
File: /mnt/Vancouver/Reference/VPN/vpn notes, scripts.txt | |
Saved 2017-Apr-12 as public Gist: | |
https://gist.github.com/victoriastuart/19acf4944c9c95af461d62b27d0c19ec | |
VPN: Private Internet Access (PIA) [https://www.privateinternetaccess.com] | |
OS: Arch Linux x86_64 | |
============================================================================== | |
PREAMBLE | |
============================================================================== | |
Setting up the PIA VPN on a non-Ubuntu Linux distro is a nightmare, but worth it once working. | |
A recurring issue is VPN connectivity drops. To address those, I set up scripts that auto run from cron (crontab), and manually (as needed) from aliases ( ~/.bashrc). | |
============================================================================== | |
ARCH LINUX INSTALLS (pacman and/or pacaur) | |
============================================================================== | |
* pia-tools [AUR: https://aur.archlinux.org/packages/pia-tools/] | |
* openvpn [pacman: https://wiki.archlinux.org/index.php/OpenVPN] | |
Using configuration/files in: /etc/openvpn/pia | |
============================================================================== | |
~/.BASHRC ENTRIES [~/.bashrc ] | |
============================================================================== | |
# ---------------------------------------- | |
# VPN / INTERNET CONNECTIVITY CHECKS: | |
# CHECK INTERNET AND VPN CONNECTIONS; RESTART IF NECESSARY: | |
# [bash script 'query_vpn_restart_if_down.sh' runs every minute via cron (sudo gedit /etc/crontab)] | |
alias vpn='echo " [Checking internet and VPN connectivity (will restart if/as needed)]" && sudo /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh' | |
alias int='echo " [Checking internet and VPN connectivity (will restart if/as needed)]" && sudo /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh' | |
# Temporarily stop/restart VPN (e.g., to log onto BCLotto website from within B.C.: B.C. IP address required): | |
alias vpnstop='sudo systemctl stop pia@CA_Toronto' | |
alias vpnstart='sudo systemctl start pia@CA_Toronto' | |
alias vpnrs='sudo systemctl restart pia@CA_Toronto' | |
alias vpn_stat_min='/mnt/Vancouver/Programming/scripts/vpn_stat_min.sh | |
============================================================================== | |
CRONTAB [/etc/crontab] ENTRIES: | |
============================================================================== | |
# ------------------------------------------------------------------------------ | |
# VPN-RELATED | |
# ------------------------------------------------------------------------------ | |
# m h dom mon dow user nice command | |
# Query for and restart dropped Private Internet Access (PIA) OpenVPN connection, via script: | |
# "At every minute" [http://crontab.guru/]: | |
* * * * * root nice -n 19 sudo bash /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh | |
## crontab runs as root, so don't need "sudo bash ...", above | |
## ["query_vpn_restart_if_down.sh" contains the statement "sudo systemctl restart openvpn@CA_Toronto.service"] | |
============================================================================== | |
SCRIPT - query_vpn_restart_if_down.sh | |
============================================================================== | |
#!/bin/bash | |
# /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh | |
# CHECK PRIVATE INTERNET ACCESS (PIA) OpenVPN CONNECTIVITY | |
# Added to crontab (sudo gedit /etc/crontab): runs every minute | |
# =============================================== | |
# 1. CHECK INTERNET CONNECTION (RESTART IF DOWN): | |
# =============================================== | |
# http://stackoverflow.com/questions/929368/how-to-test-a-internet-connection-in-bash | |
# Alternative check: | |
# ping -q -w 1 -c 1 `ip r | grep default | cut -d ' ' -f 3` > /dev/null && echo ok || echo error | |
# check internet connectivity; if out, would hang, so added OR statement: | |
wget -q --spider http://google.com || sudo systemctl restart pia@CA_Toronto | |
# wget -q --spider http://google.com || echo '********' | |
# echo $? | |
# 0 | |
# ---------------------------------------------------------------------------- | |
if [ $? -eq 0 ]; then | |
printf "\n\tInternet connection: online\n\t IP address: " | |
#wget -qO- http://ipecho.net/plain; printf " [172.98.67.xxx : PIA Toronto server]\n" | |
#wget -qO- http://ipecho.net/plain; printf "\n" | |
#wget -qO- http://ipecho.net/plain; echo '' ## not working: 2017-Feb-15 | |
wget -qO- https://api.ipify.org | |
printf "\n" | |
#ip_out=$(curl -s ipinfo.io/172.98.67.107) | |
# ---------------------------------------- | |
#IP_NUM=$(wget -qO- http://ipecho.net/plain) | |
# https://www.ipify.org/ | |
IP_NUM=$(wget -qO- https://api.ipify.org) | |
# ---------------------------------------- | |
IP_DATA=$(wget -qO- ipinfo.io/$IP_NUM) | |
printf " " | |
echo $IP_DATA | cut -d ',' -f3 | tr -d '"' | |
printf " " | |
echo $IP_DATA | cut -d ',' -f4 | tr -d '"' | |
printf " " | |
echo $IP_DATA | cut -d ',' -f5 | tr -d '"' | |
else | |
# can't have two !! in printf: | |
#printf "\t***** Internet connection: offline!! *****\n" | |
printf "\t***** Internet connection: offline! *****\n" | |
printf "\tRestarting network (internet) connection now; please wait 5 seconds\n" | |
sudo systemctl restart NetworkManager.service | |
sleep 5 | |
#sudo systemctl restart openvpn@CA_Toronto.service ## << OLD! | |
sudo systemctl stop pia@CA_Toronto | |
sudo systemctl start pia@CA_Toronto | |
sudo systemctl restart NetworkManager.service | |
fi | |
# ~/.bashrc aliases (this script): { int | vpn } | |
# ========================================== | |
# 2. CHECK VPN CONNECTION (RESTART IF DOWN): | |
# ========================================== | |
# https://wiki.archlinux.org/index.php/OpenVPN#Testing_the_OpenVPN_configuration | |
# http://stackoverflow.com/questions/30052129/linux-unix-check-if-vpn-connection-is-active-up | |
# [ see also: https://nuxview.blogspot.ca/2016/09/i3blocks-vpn-status-notifier.html ] | |
#if [[ $GET_VPN == *"tun0"* ]];then | |
if ! /sbin/ifconfig tun0 | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"; then | |
# can't have two !! in printf: | |
#printf "\t***** VPN [tun0] is down!! *****\n\t... restarting networking (sleep 5), then VPN ...\n" | |
# use this: | |
printf "\t***** VPN [tun0] is down! *****\n\t... restarting networking (sleep 5), then VPN ...\n" | |
# restart network connection: | |
sudo systemctl restart NetworkManager.service | |
sleep 5 | |
# restart VPN: | |
#sudo systemctl restart openvpn@CA_Toronto.service ## << OLD! | |
sudo systemctl stop pia@CA_Toronto | |
sudo systemctl start pia@CA_Toronto | |
sudo systemctl restart NetworkManager.service | |
else | |
printf "\t VPN connection: online!\n" | |
# http://stackoverflow.com/questions/2421586/what-is-the-bash-equivalent-of-pythons-pass-statement | |
# bash "pass" statement: could just delete the "else" statement, but retained for testing and illustration: | |
: | |
fi | |
# ================================= | |
# 3. INTERNET CONNECTION SPEED TEST | |
# ================================= | |
printf '\n\tInternet speed test (will take ~25+ sec ...): ' | |
# ---------------------------------------- | |
# http://stackoverflow.com/questions/12498304/using-bash-to-display-a-progress-working-indicator | |
spin[0]="-" | |
spin[1]="\\" | |
spin[2]="|" | |
spin[3]="/" | |
# http://stackoverflow.com/questions/20165057/executing-bash-loop-while-command-is-running | |
#pid=$(pgrep speedtest) | |
#echo $pid | |
speedtest > .st.txt & ## & : continue running script | |
pid=$! ## PID of last command | |
# If this script is killed, kill 'speedtest': | |
trap "kill $pid 2> /dev/null" EXIT | |
# While 'speedtest' is running: | |
while kill -0 $pid 2> /dev/null; do | |
for i in "${spin[@]}" | |
do | |
echo -ne "\b$i" | |
sleep 0.1 | |
done | |
done | |
# Disable the trap on a normal exit: | |
trap - EXIT | |
# ---------------------------------------- | |
printf "\n\t " | |
grep Download: .st.txt | |
printf "\t " | |
grep Upload: .st.txt | |
echo '' | |
rm -f st.txt | |
# ---------------------------------------- | |
# Sound notification: speedtest complete | |
beep() { | |
#for i in 1 2 3 | |
for i in 1 | |
do | |
{ | |
#aplay alarm-frenzy.mp3 ## << aplay cannot play MP3 files; use WAV | |
#aplay beep.wav | |
#aplay ding.wav | |
aplay /mnt/Vancouver/Programming/scripts/PHASER.WAV | |
#aplay /mnt/Vancouver/Programming/scripts/KenbeepLoud.wav | |
sleep 1 | |
} &> /dev/null | |
## re: above - suppresses aplay echo in terminal, per: | |
## http://stackoverflow.com/questions/18062778/how-to-hide-command-output-in-bash | |
done | |
} | |
# call the (above) function: | |
beep | |
<< COMMENT | |
GET_VPN=$(nmcli con show | grep tun0 | cut -d ' ' -f1) | |
if [[ $GET_VPN == *"tun0"* ]] | |
then | |
printf "\t VPN connection: online\n\t IP address: " | |
wget -qO- http://ipecho.net/plain; echo | |
printf "\t (172.98.67.xxx : PIA - Toronto server)\n" | |
else | |
printf "\t***** VPN down :-( *****\n\tIP address: " | |
wget -qO- http://ipecho.net/plain; echo | |
echo | |
fi | |
COMMENT | |
============================================================================== | |
SCRIPT - vpn_stat.sh | |
============================================================================== | |
#!/bin/bash | |
# /mnt/Vancouver/Programming/scripts/vpn_stat.sh | |
# ---------------------------------------- | |
# CHECK VPN STATUS: | |
# ----------------- | |
#echo '' | |
# https://nuxview.blogspot.ca/2016/09/i3blocks-vpn-status-notifier.html | |
vpn_status() { | |
GET_VPN=$(nmcli con show | grep tun0 | cut -d ' ' -f1) | |
if [[ $GET_VPN == *"tun0"* ]] | |
then | |
echo -ne " VPN up \r" | |
else | |
# http://misc.flogisoft.com/bash/tip_colors_and_formatting | |
# echo -e "\e[35m\e[1m **VPN DOWN**\e[0m" | |
# | |
#echo -ne " VPN down \r" | |
echo -e "\e[35m\e[1m **VPN DOWN**\e[0m \r" | |
fi | |
} | |
while true; do clear; vpn_status; sleep 10; done | |
# TEST: | |
# sudo systemctl stop pia@CA_Toronto | |
============================================================================== | |
EXAMPLES | |
============================================================================== | |
Restart VPN: | |
------------ | |
sudo systemctl restart NetworkManager.service | |
sudo systemctl stop pia@CA_Toronto | |
sudo systemctl start pia@CA_Toronto | |
[If needed:] Restart networking: | |
-------------------------------- | |
[sudo systemctl enable NetworkManager.service] ## you only need to do this once (ever), when installing the service | |
sudo systemctl restart NetworkManager.service | |
Check VPN: | |
---------- | |
[victoria@victoria ~]$ date | |
Wed Apr 12 10:57:41 PDT 2017 | |
[victoria@victoria ~]$ vpn ## << can also use alias: int ['internet check'] | |
[Checking internet and VPN connectivity (will restart if/as needed)] | |
[sudo] password for victoria: | |
Internet connection: online | |
IP address: 172.98.67.8 | |
city: Toronto | |
region: British Columbia | |
country: CA | |
VPN connection: online! | |
Internet speed test (will take ~25+ sec ...): / | |
Download: 21.75 Mbit/s | |
Upload: 5.72 Mbit/s | |
If that command fails, restart the VPN: | |
sudo systemctl restart pia@CA_Toronto | |
============================================================================== | |
Q.E.D.! :-D | |
============================================================================== | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment