#!/bin/bash
#DatuX vpn monitoring script (C)2007 DatuX/Syn-3


if [ "$1" ]; then
	MONS="/etc/ipsec.d/tunnels/$1.mon"
else
	MONS="/etc/ipsec.d/tunnels/*.mon"
fi

for MON in $MONS; do
	IP=
	SRC=
	DISABLED=1
	source "$MON" 2>/dev/null
	TUN=`basename "$MON"|sed 's/.mon$//'`
	FACILITY="ipsec_$TUN"

	if grep "auto=ignore" "/etc/ipsec.d/tunnels/$TUN.conf" &>/dev/null || 
	    [ "$DISABLED" = "1" ] ||
	    [ ! $IP ] 
	then
	    syn3-state "$FACILITY" DELETE  
	    continue;
	fi

	echo "$TUN: Checking tunnel $IP..."
	#sleep 1 second, otherwise ping and fping hang 30 seconds for some reason?
	sleep 1

	if [ "$SRC" != "" ]; then
		PING_CMD="fping -S $SRC -r 20 -B 1 $IP";
	else
		PING_CMD="fping -r 20 -B 1 $IP";
	fi
	

	(sleep 10;killall -9 fping )&  #route mode is ehold, causing fping to hang
	KILLER_PID=$!
	if ! $PING_CMD ; then
		echo "$TUN: Down! Restarting tunnel!"
		ipsec auto --delete $TUN
		ipsec auto --add $TUN
		ipsec auto --asynchronous --up $TUN 
		syn3-state "$FACILITY" CAUTION "No ping reply to $IP@$TUN (from $SRC) Reconnecting..."
	else
		echo "$TUN: OK"
		syn3-state "$FACILITY" OK  "Ping to $IP@$TUN (from $SRC) is ok."
	fi
	kill -9 $KILLER_PID &>/dev/null #kill the killer
	
done 

exit 0