Ticket #31625: watcher

File watcher, 6.9 KB (added by mmpestorich (Mike M Pestorich), 13 years ago)
Line 
1#!/bin/bash -e
2
3# Quick check - is the configuration there?
4if ! scutil -w State:/Network/OpenVPN &>/dev/null -t 1 ; then
5        # Configuration isn't there, so we forget it
6        exit 0
7fi
8
9OPENVPN_CONFIG="$(/usr/sbin/scutil <<-EOF
10        open
11        show State:/Network/OpenVPN
12        quit
13EOF)"
14
15RESTORE_ON_RESET="$(echo "${OPENVPN_CONFIG}" | grep -i '^[[:space:]]*RestoreOnReset :' | sed -e 's/^.*: //g')"
16SCRIPT_LOG_FILE="$(echo "${OPENVPN_CONFIG}" | grep -i '^[[:space:]]*ScriptLogFile :' | sed -e 's/^.*: //g')"
17PROCESS="$(echo "${OPENVPN_CONFIG}" | grep -i '^[[:space:]]*PID :' | sed -e 's/^.*: //g')"
18PRIMARY_SERVICE_ID="$(echo "${OPENVPN_CONFIG}" | grep -i '^[[:space:]]*Service :' | sed -e 's/^.*: //g')"
19
20# If we have a process, then we check the DNS and WINS status...
21# ..._OLD is the pre-VPN value
22# ..._NOW is the current value
23# ..._GOOD is the expected (computed) post-VPN value
24
25if (( M=${PROCESS:-0} )) ; then
26    # This is what scutil returns for a non-existant key
27    SCUTIL_NO_SUCH_KEY="  No such key"
28    # This is what up.sh stores into State:/Network/OpenVPN/OldDNS and State:/Network/OpenVPN/OldSMB for a non-existant key
29    # DON'T CHANGE the indenting of the 2nd and 3rd lines; they are part of the string:
30    NO_SUCH_KEY="<dictionary> {
31  NoSuchKey : true
32}"
33
34    # What's the correct DNS info?
35    DNS_GOOD="$(/usr/sbin/scutil <<-EOF
36        open
37        show State:/Network/OpenVPN/DNS
38        quit
39    EOF)"
40
41    # What's the old DNS info?
42    DNS_OLD="$(/usr/sbin/scutil <<-EOF
43        open
44        show State:/Network/OpenVPN/OldDNS
45        quit
46    EOF)"
47
48    # What's the current DNS info?
49    DNS_NOW="$(/usr/sbin/scutil <<-EOF
50        open
51        show State:/Network/Global/DNS
52        quit
53    EOF)"
54
55    # Make it match NO_SUCH_KEY if there is no such key
56    if [ "${DNS_NOW}" = "${SCUTIL_NO_SUCH_KEY}" ] ; then
57        DNS_NOW="${NO_SUCH_KEY}"
58    fi
59
60    # What's the correct WINS info?
61    WINS_GOOD="$(/usr/sbin/scutil <<-EOF
62        open
63        show State:/Network/OpenVPN/SMB
64        quit
65    EOF)"
66
67    # What's the old WINS info?
68    WINS_OLD="$(/usr/sbin/scutil <<-EOF
69        open
70        show State:/Network/OpenVPN/OldSMB
71        quit
72    EOF)"
73
74    # What's the current WINS info?
75    WINS_NOW="$(/usr/sbin/scutil <<-EOF
76        open
77        show State:/Network/Global/SMB
78        quit
79    EOF)"
80
81    # Make it match NO_SUCH_KEY if there is no such key
82    if [ "${WINS_NOW}" = "${SCUTIL_NO_SUCH_KEY}" ] ; then
83        WINS_NOW="${NO_SUCH_KEY}"
84    fi
85
86    # If the DNS configuration has changed
87    # Then if it is the way it was pre-VPN
88    #      Then if OK to do so, restore to the post-VPN configuration
89    #      Otherwise restart the connection
90    # If the WINS configuration has changed
91    # Then if it is the way it was pre-VPN
92    #      Then if OK to do so, restore to the post-VPN configuration
93    #      Otherwise restart the connection
94    NOTHING_DISPLAYED="true"
95    if [ "${DNS_GOOD}" != "${DNS_NOW}" ] ; then
96        NOTHING_DISPLAYED="false"
97        echo "$(date '+%a %b %e %T %Y') *Tunnelblick leasewatch: A network configuration change was detected" >> "${SCRIPT_LOG_FILE}"
98
99        DNS_CHANGES_MSG="                       DNS configuration has changed:
100                        --- BEGIN EXPECTED DNS CFG ---
101                        ${DNS_GOOD}
102                        ---- END EXPECTED DNS CFG ----
103           
104                        --- BEGIN CURRENT DNS CFG ---
105                        ${DNS_NOW}
106                        ---- END CURRENT DNS CFG ----
107           
108                        --- BEGIN PRE-VPN DNS CFG ---
109                        ${DNS_OLD}
110                        ---- END PRE-VPN DNS CFG ----"
111        echo "${DNS_CHANGES_MSG}" >> "${SCRIPT_LOG_FILE}"
112        if [ "${DNS_NOW}" = "${DNS_OLD}" ] ; then
113            # DNS changed, but to the pre-VPN settings
114            if ${RESTORE_ON_RESET} ; then
115                echo "Restoring the expected DNS settings." >> "${SCRIPT_LOG_FILE}"
116                scutil <<-EOF
117                    open
118                    get State:/Network/OpenVPN/DNS
119                    set State:/Network/Service/${PRIMARY_SERVICE_ID}/DNS
120                    quit
121EOF
122            else
123                echo "Sending USR1 to OpenVPN (process ID ${PROCESS}) to restart the connection." >> "${SCRIPT_LOG_FILE}"
124                # sleep 1 so log message is displayed before we start getting log messages from OpenVPN about the restart
125                sleep 1
126                kill -USR1 ${PROCESS}
127                # We're done here, so no need to wait around.
128                exit 0
129            fi
130        else
131            # DNS changed, but not to the pre-VPN settings
132            echo "Sending USR1 to OpenVPN (process ID ${PROCESS}) to restart the connection." >> "${SCRIPT_LOG_FILE}"
133            # sleep 1 so log message is displayed before we start getting log messages from OpenVPN about the restart
134            sleep 1
135            kill -USR1 ${PROCESS}
136            # We're done here, so no need to wait around.
137            exit 0
138        fi
139    fi
140
141    if [ "${WINS_GOOD}" != "${WINS_NOW}" ] ; then
142        if ${NOTHING_DISPLAYED} ; then
143            NOTHING_DISPLAYED="false"
144            echo "$(date '+%a %b %e %T %Y') *Tunnelblick leasewatch: A network configuration change was detected" >> "${SCRIPT_LOG_FILE}"
145        fi
146        WINS_CHANGES_MSG="                      WINS configuration has changed:
147                        --- BEGIN EXPECTED WINS CFG ---
148                        ${WINS_GOOD}
149                        ---- END EXPECTED WINS CFG ----
150           
151                        --- BEGIN CURRENT WINS CFG ---
152                        ${WINS_NOW}
153                        ---- END CURRENT WINS CFG ----
154           
155                        --- BEGIN PRE-VPN WINS CFG ---
156                        ${WINS_OLD}
157                        ---- END PRE-VPN WINS CFG ----"
158        echo "${WINS_CHANGES_MSG}" >> "${SCRIPT_LOG_FILE}"
159
160        if [ "${WINS_NOW}" = "${WINS_OLD}" ] ; then
161            # WINS changed, but to the pre-VPN settings
162            if ${RESTORE_ON_RESET} ; then
163                echo "Restoring the expected WINS settings." >> "${SCRIPT_LOG_FILE}"
164                scutil <<-EOF
165                    open
166                    get State:/Network/OpenVPN/SMB
167                    set State:/Network/Service/${PRIMARY_SERVICE_ID}/SMB
168                    quit
169EOF
170            else
171                echo "Sending USR1 to OpenVPN (process ID ${PROCESS}) to restart the connection." >> "${SCRIPT_LOG_FILE}"
172                # sleep 1 so log message is displayed before we start getting log messages from OpenVPN about the restart
173                sleep 1
174                kill -USR1 ${PROCESS}
175                # We're done here, so no need to wait around.
176                exit 0
177            fi
178        else
179            # WINS changed, but not to the pre-VPN settings
180            echo "Sending USR1 to OpenVPN (process ID ${PROCESS}) to restart the connection." >> "${SCRIPT_LOG_FILE}"
181            # sleep 1 so log message is displayed before we start getting log messages from OpenVPN about the restart
182            sleep 1
183            kill -USR1 ${PROCESS}
184            # We're done here, so no need to wait around.
185            exit 0
186        fi
187    fi
188    if ${NOTHING_DISPLAYED} ; then
189        echo "$(date '+%a %b %e %T %Y') *Watcher: A system configuration change was ignored because it was not relevant" >> "${SCRIPT_LOG_FILE}"
190    fi
191fi
192
193exit 0