Advice on a better way to monitor VPN connection status & take action accordingly?
by ziphem from LinuxQuestions.org on (#4PX3V)
Hello friends,
Whenever I am on my home network, I do not need VPN. But when I am anywhere else, I would like to connect in order to have that additional layer of security. I have seen Gabriel's following method (https://www.gabsoftware.com/tips/aut...-vpn-on-linux/), which I have slightly modified:
Code:#!/bin/bash
YOUR_VPN_NAME="vpn"
# I added the below:
WIFI_BASE_NAME=blahblahblah
while [ "true" ]
do
VPNCON=$(nmcli con show --active)
# I added the $VPCON check so it would run when the network is not my home's network.
if [[ ($VPNCON != *"vpn"*) && ($VPNCON != *"$YOUR_VPN_NAME"*) && ($VPNCON != "$WIFI_BASE_NAME"*) ]]; then
echo "Disconnected, trying to reconnect..."
(sleep 1s && nmcli con up "$YOUR_VPN_NAME")
else
echo "Already connected !"
fi
sleep 5
doneThis file is to be inserted into .bashrc and I imagine run continuously.
I am wondering if there's any other approach that I could take for this that might be more efficient, something that monitors the connection another way perhaps so it is not continuously checking? For instance, what about executing when there's been a change in the network topology, e.g., adding in as dispatcher scripts? So, under /etc/NetworkManager/dispatcher.d:
" Creating ./up.d and adding a continuous VPN check in there, with script to exit when VPN connection successful
" Creating running the script also in ./vpn-down.d, so if there's a disconnect, the system tries to reconnect the VPN. Of course the script would check if there's an active Wifi connection and exit if there is none. It would execute again when a connection, from the ./up.d script.
Don't get me wrong, Gabriel's script idea works well and I appreciate it. I wanted to put this out there in case anyone has any ideas to improve implementation further.
Thanks!
Whenever I am on my home network, I do not need VPN. But when I am anywhere else, I would like to connect in order to have that additional layer of security. I have seen Gabriel's following method (https://www.gabsoftware.com/tips/aut...-vpn-on-linux/), which I have slightly modified:
Code:#!/bin/bash
YOUR_VPN_NAME="vpn"
# I added the below:
WIFI_BASE_NAME=blahblahblah
while [ "true" ]
do
VPNCON=$(nmcli con show --active)
# I added the $VPCON check so it would run when the network is not my home's network.
if [[ ($VPNCON != *"vpn"*) && ($VPNCON != *"$YOUR_VPN_NAME"*) && ($VPNCON != "$WIFI_BASE_NAME"*) ]]; then
echo "Disconnected, trying to reconnect..."
(sleep 1s && nmcli con up "$YOUR_VPN_NAME")
else
echo "Already connected !"
fi
sleep 5
doneThis file is to be inserted into .bashrc and I imagine run continuously.
I am wondering if there's any other approach that I could take for this that might be more efficient, something that monitors the connection another way perhaps so it is not continuously checking? For instance, what about executing when there's been a change in the network topology, e.g., adding in as dispatcher scripts? So, under /etc/NetworkManager/dispatcher.d:
" Creating ./up.d and adding a continuous VPN check in there, with script to exit when VPN connection successful
" Creating running the script also in ./vpn-down.d, so if there's a disconnect, the system tries to reconnect the VPN. Of course the script would check if there's an active Wifi connection and exit if there is none. It would execute again when a connection, from the ./up.d script.
Don't get me wrong, Gabriel's script idea works well and I appreciate it. I wanted to put this out there in case anyone has any ideas to improve implementation further.
Thanks!