Skip to content

Instantly share code, notes, and snippets.

@victoriastuart
Last active February 27, 2020 21:33
Show Gist options
  • Save victoriastuart/19acf4944c9c95af461d62b27d0c19ec to your computer and use it in GitHub Desktop.
Save victoriastuart/19acf4944c9c95af461d62b27d0c19ec to your computer and use it in GitHub Desktop.
VPN Notes, Scripts
Victoria Stuart: Apr 12, 2017
[gmail: Victorias.Linux@ ...]
File: /mnt/Vancouver/Reference/VPN/vpn notes, scripts.txt
Saved 2017-Apr-12 as public Gist:
https://gist.github.com/victoriastuart/19acf4944c9c95af461d62b27d0c19ec
VPN: Private Internet Access (PIA) [https://www.privateinternetaccess.com]
OS: Arch Linux x86_64
==============================================================================
PREAMBLE
==============================================================================
Setting up the PIA VPN on a non-Ubuntu Linux distro is a nightmare, but worth it once working.
A recurring issue is VPN connectivity drops. To address those, I set up scripts that auto run from cron (crontab), and manually (as needed) from aliases ( ~/.bashrc).
==============================================================================
ARCH LINUX INSTALLS (pacman and/or pacaur)
==============================================================================
* pia-tools [AUR: https://aur.archlinux.org/packages/pia-tools/]
* openvpn [pacman: https://wiki.archlinux.org/index.php/OpenVPN]
Using configuration/files in: /etc/openvpn/pia
==============================================================================
~/.BASHRC ENTRIES [~/.bashrc ]
==============================================================================
# ----------------------------------------
# VPN / INTERNET CONNECTIVITY CHECKS:
# CHECK INTERNET AND VPN CONNECTIONS; RESTART IF NECESSARY:
# [bash script 'query_vpn_restart_if_down.sh' runs every minute via cron (sudo gedit /etc/crontab)]
alias vpn='echo " [Checking internet and VPN connectivity (will restart if/as needed)]" && sudo /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh'
alias int='echo " [Checking internet and VPN connectivity (will restart if/as needed)]" && sudo /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh'
# Temporarily stop/restart VPN (e.g., to log onto BCLotto website from within B.C.: B.C. IP address required):
alias vpnstop='sudo systemctl stop pia@CA_Toronto'
alias vpnstart='sudo systemctl start pia@CA_Toronto'
alias vpnrs='sudo systemctl restart pia@CA_Toronto'
alias vpn_stat_min='/mnt/Vancouver/Programming/scripts/vpn_stat_min.sh
==============================================================================
CRONTAB [/etc/crontab] ENTRIES:
==============================================================================
# ------------------------------------------------------------------------------
# VPN-RELATED
# ------------------------------------------------------------------------------
# m h dom mon dow user nice command
# Query for and restart dropped Private Internet Access (PIA) OpenVPN connection, via script:
# "At every minute" [http://crontab.guru/]:
* * * * * root nice -n 19 sudo bash /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh
## crontab runs as root, so don't need "sudo bash ...", above
## ["query_vpn_restart_if_down.sh" contains the statement "sudo systemctl restart openvpn@CA_Toronto.service"]
==============================================================================
SCRIPT - query_vpn_restart_if_down.sh
==============================================================================
#!/bin/bash
# /mnt/Vancouver/Programming/scripts/query_vpn_restart_if_down.sh
# CHECK PRIVATE INTERNET ACCESS (PIA) OpenVPN CONNECTIVITY
# Added to crontab (sudo gedit /etc/crontab): runs every minute
# ===============================================
# 1. CHECK INTERNET CONNECTION (RESTART IF DOWN):
# ===============================================
# http://stackoverflow.com/questions/929368/how-to-test-a-internet-connection-in-bash
# Alternative check:
# ping -q -w 1 -c 1 `ip r | grep default | cut -d ' ' -f 3` > /dev/null && echo ok || echo error
# check internet connectivity; if out, would hang, so added OR statement:
wget -q --spider http://google.com || sudo systemctl restart pia@CA_Toronto
# wget -q --spider http://google.com || echo '********'
# echo $?
# 0
# ----------------------------------------------------------------------------
if [ $? -eq 0 ]; then
printf "\n\tInternet connection: online\n\t IP address: "
#wget -qO- http://ipecho.net/plain; printf " [172.98.67.xxx : PIA Toronto server]\n"
#wget -qO- http://ipecho.net/plain; printf "\n"
#wget -qO- http://ipecho.net/plain; echo '' ## not working: 2017-Feb-15
wget -qO- https://api.ipify.org
printf "\n"
#ip_out=$(curl -s ipinfo.io/172.98.67.107)
# ----------------------------------------
#IP_NUM=$(wget -qO- http://ipecho.net/plain)
# https://www.ipify.org/
IP_NUM=$(wget -qO- https://api.ipify.org)
# ----------------------------------------
IP_DATA=$(wget -qO- ipinfo.io/$IP_NUM)
printf " "
echo $IP_DATA | cut -d ',' -f3 | tr -d '"'
printf " "
echo $IP_DATA | cut -d ',' -f4 | tr -d '"'
printf " "
echo $IP_DATA | cut -d ',' -f5 | tr -d '"'
else
# can't have two !! in printf:
#printf "\t***** Internet connection: offline!! *****\n"
printf "\t***** Internet connection: offline! *****\n"
printf "\tRestarting network (internet) connection now; please wait 5 seconds\n"
sudo systemctl restart NetworkManager.service
sleep 5
#sudo systemctl restart openvpn@CA_Toronto.service ## << OLD!
sudo systemctl stop pia@CA_Toronto
sudo systemctl start pia@CA_Toronto
sudo systemctl restart NetworkManager.service
fi
# ~/.bashrc aliases (this script): { int | vpn }
# ==========================================
# 2. CHECK VPN CONNECTION (RESTART IF DOWN):
# ==========================================
# https://wiki.archlinux.org/index.php/OpenVPN#Testing_the_OpenVPN_configuration
# http://stackoverflow.com/questions/30052129/linux-unix-check-if-vpn-connection-is-active-up
# [ see also: https://nuxview.blogspot.ca/2016/09/i3blocks-vpn-status-notifier.html ]
#if [[ $GET_VPN == *"tun0"* ]];then
if ! /sbin/ifconfig tun0 | grep -q "00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00"; then
# can't have two !! in printf:
#printf "\t***** VPN [tun0] is down!! *****\n\t... restarting networking (sleep 5), then VPN ...\n"
# use this:
printf "\t***** VPN [tun0] is down! *****\n\t... restarting networking (sleep 5), then VPN ...\n"
# restart network connection:
sudo systemctl restart NetworkManager.service
sleep 5
# restart VPN:
#sudo systemctl restart openvpn@CA_Toronto.service ## << OLD!
sudo systemctl stop pia@CA_Toronto
sudo systemctl start pia@CA_Toronto
sudo systemctl restart NetworkManager.service
else
printf "\t VPN connection: online!\n"
# http://stackoverflow.com/questions/2421586/what-is-the-bash-equivalent-of-pythons-pass-statement
# bash "pass" statement: could just delete the "else" statement, but retained for testing and illustration:
:
fi
# =================================
# 3. INTERNET CONNECTION SPEED TEST
# =================================
printf '\n\tInternet speed test (will take ~25+ sec ...): '
# ----------------------------------------
# http://stackoverflow.com/questions/12498304/using-bash-to-display-a-progress-working-indicator
spin[0]="-"
spin[1]="\\"
spin[2]="|"
spin[3]="/"
# http://stackoverflow.com/questions/20165057/executing-bash-loop-while-command-is-running
#pid=$(pgrep speedtest)
#echo $pid
speedtest > .st.txt & ## & : continue running script
pid=$! ## PID of last command
# If this script is killed, kill 'speedtest':
trap "kill $pid 2> /dev/null" EXIT
# While 'speedtest' is running:
while kill -0 $pid 2> /dev/null; do
for i in "${spin[@]}"
do
echo -ne "\b$i"
sleep 0.1
done
done
# Disable the trap on a normal exit:
trap - EXIT
# ----------------------------------------
printf "\n\t "
grep Download: .st.txt
printf "\t "
grep Upload: .st.txt
echo ''
rm -f st.txt
# ----------------------------------------
# Sound notification: speedtest complete
beep() {
#for i in 1 2 3
for i in 1
do
{
#aplay alarm-frenzy.mp3 ## << aplay cannot play MP3 files; use WAV
#aplay beep.wav
#aplay ding.wav
aplay /mnt/Vancouver/Programming/scripts/PHASER.WAV
#aplay /mnt/Vancouver/Programming/scripts/KenbeepLoud.wav
sleep 1
} &> /dev/null
## re: above - suppresses aplay echo in terminal, per:
## http://stackoverflow.com/questions/18062778/how-to-hide-command-output-in-bash
done
}
# call the (above) function:
beep
<< COMMENT
GET_VPN=$(nmcli con show | grep tun0 | cut -d ' ' -f1)
if [[ $GET_VPN == *"tun0"* ]]
then
printf "\t VPN connection: online\n\t IP address: "
wget -qO- http://ipecho.net/plain; echo
printf "\t (172.98.67.xxx : PIA - Toronto server)\n"
else
printf "\t***** VPN down :-( *****\n\tIP address: "
wget -qO- http://ipecho.net/plain; echo
echo
fi
COMMENT
==============================================================================
SCRIPT - vpn_stat.sh
==============================================================================
#!/bin/bash
# /mnt/Vancouver/Programming/scripts/vpn_stat.sh
# ----------------------------------------
# CHECK VPN STATUS:
# -----------------
#echo ''
# https://nuxview.blogspot.ca/2016/09/i3blocks-vpn-status-notifier.html
vpn_status() {
GET_VPN=$(nmcli con show | grep tun0 | cut -d ' ' -f1)
if [[ $GET_VPN == *"tun0"* ]]
then
echo -ne " VPN up \r"
else
# http://misc.flogisoft.com/bash/tip_colors_and_formatting
# echo -e "\e[35m\e[1m **VPN DOWN**\e[0m"
#
#echo -ne " VPN down \r"
echo -e "\e[35m\e[1m **VPN DOWN**\e[0m \r"
fi
}
while true; do clear; vpn_status; sleep 10; done
# TEST:
# sudo systemctl stop pia@CA_Toronto
==============================================================================
EXAMPLES
==============================================================================
Restart VPN:
------------
sudo systemctl restart NetworkManager.service
sudo systemctl stop pia@CA_Toronto
sudo systemctl start pia@CA_Toronto
[If needed:] Restart networking:
--------------------------------
[sudo systemctl enable NetworkManager.service] ## you only need to do this once (ever), when installing the service
sudo systemctl restart NetworkManager.service
Check VPN:
----------
[victoria@victoria ~]$ date
Wed Apr 12 10:57:41 PDT 2017
[victoria@victoria ~]$ vpn ## << can also use alias: int ['internet check']
[Checking internet and VPN connectivity (will restart if/as needed)]
[sudo] password for victoria:
Internet connection: online
IP address: 172.98.67.8
city: Toronto
region: British Columbia
country: CA
VPN connection: online!
Internet speed test (will take ~25+ sec ...): /
Download: 21.75 Mbit/s
Upload: 5.72 Mbit/s
If that command fails, restart the VPN:
sudo systemctl restart pia@CA_Toronto
==============================================================================
Q.E.D.! :-D
==============================================================================
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment