Wireguard (entware) "watchdog"?

Hello:

I wanted a “watchdog” for Wireguard (entware) withCoreELEC, to:
a) Ping the server from the CoreELEC client (example of server: 10.1.1.1)
b) In the case that the ping does NOT work (probably for the dynamic public IP of the server), restart wg0

Something like this:

Entware WG has a file:
wireguard_watchdog
in:
/storage/.opt/bin

That should work in this way.

But, when I execute the file:

sh wireguard_watchdog

wireguard_watchdog: line 15: /lib/functions.sh: No such file or directory

I tried these script options too:

#!/bin/bash
while true
do
    sleep 15
    ping -c 1 10.1.1.1
    if [ $? != 0 ]
    then
        wg-quick down wg0
        sleep 4
        wg-quick up wg0
    fi
done

#!/bin/bash
tries=0
while [[ $tries -lt 3 ]]
do
        if /bin/ping -c 1 10.1.1.1
        then
#               echo "wg working"
                logger -n winterfell -i -t "wg-watchdog" -p user.notice "wireguard working"
                exit 0
        fi
##      echo "wg fail"
        tries=$((tries+1))
done
#echo "restarting wg"
wg-quick down wg0
sleep 4
wg-quick up wg0
logger -n winterfell -i -t "wg-watchdog" -p user.notice "wireguard restarted"

I tried to “simulate” scripts found with google for this purpose, but in these options there are script errors and scripts don’t work for me.
That’s my problem: I know what I want to do, but I don’t know enough about scripts to obtain a good result.

Anybody figures out how to to that (ping WG server from client and, if server does NOT “respond”, wg-quick down wg0 / wg-quick up wg0 to restart the connection from a new public IP of the server)?

Entware WG is great, because it solves DDNS names like “myhost.ddns.com”, but it has a problem: once that it solves (at start) a DDNS name, it does NOT solve it again, even if WG connection with server is lost.
I wanted a script to make it “automatic” and make a crontab task.

Thanks in advance and kind regards.

If you run script #1 above from ssh console what does it say? Because it looks fine to me. But of course only if command wg-quick is actually available.

It seemed a problem with the “format” of the script file. I had to correct it using “dos2unix” command.

  1. Finallk, I created:
    wireguard_watchdog.sh
    script file in /storage/downloads of a CoreELEC Wireguard (Entware) client

with this content:

#!/bin/sh
while [[ $tries -lt 2 ]]
do
    if /bin/ping -c 1 10.1.1.1
    then
date > /storage/downloads/wireguard_watchdog.log
echo WG wg0 working OK >> /storage/downloads/wireguard_watchdog.log
        exit 0
    fi
    tries=$((tries+1))
done
wg-quick down wg0
sleep 4
wg-quick up wg0
date > /storage/downloads/wireguard_watchdog.log
echo WG wg0 restarted >> /storage/downloads/wireguard_watchdog.log

where:
10.1.1.1 is the WG server IP
/storage/downloads/wireguard_watchdog.log is a log file generated with the result of the process

  1. I have moved the script to /storage/scripts, make it executable, AND CHANGE FORMAT (important, without this, the script does NOT work):
    cp /storage/downloads/wireguard_watchdog.sh /storage/scripts
    chmod +x /storage/scripts/wireguard_watchdog.sh
    dos2unix /storage/scripts/wireguard_watchdog.sh

  2. After that, the script is fully functional, and you can execute it:
    sh /storage/scripts/wireguard_watchdog.sh

and add it to crontab (every 2 minutes, for example):
crontab -e
add a line:
*/2 * * * * sh /storage/scripts/wireguard_watchdog.sh

I think this “closes” the circle for WG (Entware). It solves the DDNS of the server at init, and, when ping to the server fails, the script restart the WG connection.

There may be some more “elegant” solution, but I have very little scripting knowledge.

Kind regards

1 Like