Run script when ping to certain host is successful and failed

terrytw · June 19, 2024, 9:25pm

I have got a x64 openwrt VM in PVE, VM has public IPv4 address, lan subnet 192.168.17.0/24 has IPv6 delegated to it as well, I have got a guest subnet 192.168.18.0/24, I have got a wireguard interface with the subnet 192.168.13.0/24. My x64 openwrt VM in the wireguard interface is at 192.168.13.6, I have got some other peers, one of them is sometimes not working because of network issues over there.

Sorry I don't know how to draw topology. It is a pretty straight forward setup, I also put all the config in the previous post.

ZOzo · June 19, 2024, 9:27pm

the reason you know

what is it?

terrytw · June 19, 2024, 9:28pm

Because it is on a different continent, in a country with internet censorship.

ZOzo · June 19, 2024, 9:30pm

reloading the connection there and acquiring new IP does work again for some time?

ZOzo · June 19, 2024, 9:32pm

do you know how is the censorship being monitored? imei? mac address?

terrytw · June 19, 2024, 9:35pm

Dude, it is a powerful state machine, why would I know how it works? I don't need to circumvent it, I just need to run my little script when that peer is not working.....Also run another little script when it is back for some reason. It is not completely blocked per se, and I am not trying to mitigate the block, I am trying to inform myself when that happens.

The reason why it doesnt work is honestly irrelevant....

anomeome · June 19, 2024, 9:38pm

me thinks either of the two examples in the above link might get the job done, back to a cron job, but, oh well.

ZOzo · June 19, 2024, 9:39pm

hence the first answer from chat gpt

just replace "echo "Ping to $target succeeded.""

and "echo "Ping to $target failed.""

to the action you want to acheive

terrytw · June 19, 2024, 9:40pm

Yeah I am doing it now. Doesn't feel right, but it works.

I will come back tomorrow see if anyone else has a better idea.

egc · June 20, 2024, 7:27am

terrytw:

config wireguard_wireguard
        option description 'Kaide' (This one is sometimes not working for a reason I know)
        option public_key '****'
        list allowed_ips '0.0.0.0/0'

This is an unreliable setup as you have overlapping peers not saying it is the main problem but it needs attention.
This is a typical WireGuard server setup, why do you have allowed-ips set to 0.0.0.0/0?

What is it exactly you want to accomplish?

egc · June 20, 2024, 7:53am

As you do not have an endpoint better not use it

terrytw · June 20, 2024, 3:19pm

I need to route the traffic to a certain country through that peer, it is thousands of lines of IPv4 CIDR that are constantly changing. I need to use 0.0.0.0/0 as allowed IP without routing to it, then I use luci-app-pbr to do the actual routing using custom user file.

This is not a pure "server" so to speak. It might look confusing because if it is connecting to other peer, why isn't there an endpoint? Because internet censorship could work differently in different direction, so I don't want to connect to the peer proactively through wireguard, I want to be connected by the other peer and then route traffic through the peer, and it works.

egc · June 20, 2024, 3:27pm

OK but then you should use a second tunnel for that peer alone as you now have overlapping peers.

The second tunnel is setup the same but has only one peer which you can set to 0.0.0.0/0 do not enable Route Allowed IPs and you should be fine

Having a separate tunnel makes it easier to track the traffic on just that one tunnel e.g. with a wireguard watchdog script:

But having this separate tunnel with non overlapping peers might make it more stable and maybe mitigates your problem

terrytw · June 20, 2024, 3:56pm

Thanks for the advice, I will try it out!

account4538 · June 20, 2024, 11:12pm

This is what I use in rc.local

until ping -4 -c 1 -w 1 -W 1 dns.opendns.com > /dev/null 2>&1
  do
    sleep 1
  done

Simple and working for years in multiple devices. OpenDNS has a history of 100% uptime so that's why I ping that.

NM64 · August 16, 2024, 7:09am

Forgive me for jumping in here as a total software n00b (hardware is my specialty), but I have absolutely no idea what I'm doing with how to properly set up the desired script as well as making it run on a regular interval (i.e. every 30 seconds? every minute? I'm unsure).

Thing is, while I know how to make a bash script (or, supposedly in the case of OpenWrt, an ash script?) and I know how to use a Linux terminal and subsequently how to SSH into an OpenWrt router, I just don't know and have extreme trouble remembering and just even mentally parsing terminal commands (which is also why I heavily rely on scripts for any terminal-related stuff on my PCs). So while I've read the entire thread, I'm kind of lost as to what to do with the actual scripts that have been offered.

—————————————————

All I want to do is, on a regular interval, to ping for a local address on my network, e.g. 192.168.254.123 and, if it's present, to turn on the wifi. If pinging times out due to being unable to find the address, then turn off wifi.

Currently the only thing I really know how to do is manually turning on or off wifi by manually running the following command, whether in an SSH session or as a scheduled task in LuCI:

wifi off:

uci set wireless.radio0.disabled='1'; uci set wireless.radio1.disabled='1'; uci commit; wifi

wifi on:

uci set wireless.radio0.disabled='0'; uci set wireless.radio1.disabled='0'; uci commit; wifi

If desired, I can provide the world's lengthiest rambles on exactly how, what, and why with regards to what I'm trying to achieve, but I think everything I've stated above is enough to explain my goal without going on lengthy tangents and such?

EDIT: I just realized that my hypothetical idea for such a script would conflict with manually turning on the wifi, i.e. if 192.168.254.123 isn't present but I manually turn on the wifi, the automated script would just turn the wifi right back off in 30 seconds to a minute.

So I guess the proper solution would be something like, 30 seconds or one minute after 192.168.254.123 is no longer present, it'll run the "turn off wifi" command only once and do nothing more until 192.168.254.123 reconnects before resuming the script? And maybe, for consistency sake, it could make sense to also run the "turn on wifi" command only once whenever 192.168.254.123 connects, but I have no idea if this would simplify the script or not.

EDIT 2: So to summarize:

if 192.168.254.123 is ping-able then, after 30 seconds, turn on the wifi once
30 seconds after 192.168.254.123 is no longer ping-able, turn off the wifi once
rinse & repeat

And an alternative, possibly better variation of this idea would actually be the following, but I'd really like to see what a script would look like for both the above and below so that I may have better understanding on how to do this on my own:

if 192.168.254.123 is ping-able then, after 30 seconds, turn on the wifi once
15 minutes after 192.168.1.210 (note the different IP address) is no longer ping-able, turn off the wifi once
wait until 192.168.254.123 (the first IP address) is no longer ping-able before continuing the script
rinse & repeat

Also there may be situations where I'm dealing with devices that don't have a static IP address, so I'm wondering if it's alternatively possible to use a MAC address or the device's hostname?