Peut être une inspiration
Voila ce que je fait tourner sur Cyber-wrt en cron minute
c'est sur un routeur, j'a appelé ma deuxième interface wan br1
J'ai une interface web pour peupler le fichier var.
fichier var.php
Code:
<?
// FIRST GATEWAY AND DNS
$gw1="192.168.20.1";
$dnsa1="192.168.20.1";
$dnsa2="212.27.40.240";
$dnsa3="212.27.40.241";
// SECOND GATEWAY AND DNS
$gw2="192.168.100.1";
$dnsb1="192.168.100.1";
$dnsb2="";
$dnsb3="";
// DEFINE HERE IP FOR EXEMPLE VOIP PROVIDER TO ALWAYS USE GW2 WHEN AVAILABLE
$spr1="";
$spr2="";
$spr3="";
$spr4="";
// DEFINE SUBNET FOR GW2
$br1net="192.168.100.0";
// DEFINE TWO REF IP TO PING WITH GW1 and GW2
$refpingregular="208.67.222.222";
$refpingextra="208.67.220.220";
$debug="yes";
$active="yes";
?>
Code:
#!/opt/bin/php -q
<?php
###############################
####### COMDIF TELECOM ########
######Biwan Failover Cron######
###############################
require ("/opt/var/var.php");
// uncomment to test if cron is working
// $now = date("h:i:s"); shell_exec(" echo '".$now."' >> /opt/cron.txt");
// if $active is empty this cron do nothing
if(empty($active) || empty($br1net) || empty($gw2) || empty($dnsb1)){ exit(); }
// check if br1 exist
$isup = shell_exec("ifconfig br1"); if(empty($isup)) { exit();}
// check if masquerade is set for br1
$chipta= shell_exec("iptables -t nat -L POSTROUTING | grep 'MASQUERADE' | grep 'anywhere'");
if(empty($chipta))
{
shell_exec("iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE");
}
//test if gw2 route rule exist to give a sens to this script
$gw2test = shell_exec("route -n | awk /".$br1net."/");
if(empty($gw2test))
{
if(!empty($debug)) echo'Gateway2 route creation: '.$gw2.' seting to use: br1 interface</br>';
shell_exec("route add ".$br1net." gw 0.0.0.0");
}
// test if route rule $refpingregular for test ping on $gw1 is set on linux routes rules
$test1 = shell_exec("route -n | awk '/".$refpingregular."/ {print $1}'");
if(empty($test1))
{
if(!empty($debug)) echo"oups you don't previously create this rule, ".$refpingregular." ping by ".$gw1." so I create it for you";
if(!empty($debug)) echo'Test ping route creation: '.$refpingregular.' seting to use: '.$gw1.' GW</br>';
shell_exec("route add ".$refpingregular." gw ".$gw1."");
}
// test if route rule $refpingextra for test ping on $gw2 is set on linux routes rules
$test2 = shell_exec("route -n | awk '/".$refpingextra."/ {print $1}'");
if(empty($test2))
{
if(!empty($debug)) echo"oups you don't previously create this rule, ".$refpingextra." ping by ".$gw2." so I create it for you";
if(!empty($debug)) echo'Test ping route creation: '.$refpingextra.' seting to use: '.$gw2.' GW</br>';
shell_exec("route add ".$refpingextra." gw ".$gw2."");
}
//////////////////////////////// MODULE TO CHECK ORPHEAN SPECIAL RULES ///////////////////////////
if (!empty($spr1)) $spr1v= explode('.',$spr1); $spr1v= $spr1v[0] + $spr1v[1] + $spr1v[2] + $spr1v[3];
if (!empty($spr2)) $spr2v= explode('.',$spr2); $spr2v= $spr2v[0] + $spr2v[1] + $spr2v[2] + $spr2v[3];
if (!empty($spr3)) $spr3v= explode('.',$spr3); $spr3v= $spr3v[0] + $spr3v[1] + $spr3v[2] + $spr3v[3];
if (!empty($spr4)) $spr4v= explode('.',$spr4); $spr4v= $spr4v[0] + $spr4v[1] + $spr4v[2] + $spr4v[3];
$valip2= explode('.',$refpingextra); $valip2= $valip2[0] + $valip2[1] + $valip2[2] + $valip2[3];
$srouting = shell_exec("route -n | awk '/".$gw2."/{print \":\" $1}'");
$difs = explode(':', $srouting);
$tail = sizeof($difs);
for($i=1; $i<$tail; $i++)
{
$valip1= explode('.',$difs[$i]); $valip1= $valip1[0] + $valip1[1] + $valip1[2] + $valip1[3];
if($valip1 != $valip2)
{
if ( $valip1 != $spr1v || $valip1 != $spr2v || $valip1 != $spr3v || $valip1 != $spr4v)
{
shell_exec("route del ".$difs[$i]." gw ".$gw2."");
}
}
}
////////////////////////////// MODULE TO CHECK ORPHEAN SPECIAL RULES END //////////////////////////
//////////////////////////////////// commands ////////////////
$regularping="/opt/tmp/ping -c 1 -W 1 ".$refpingregular." | grep '1 received'";
$extrawanping= "/opt/tmp/ping -c 1 -W 1 ".$refpingextra." | grep '1 received'";
$getdefault="ip route | awk '/default via/ {print $3}'";
$adoriroute="route add default gw ".$gw1."";
$deloriroute="route del default gw ".$gw1."";
$adextraroute="route add default gw ".$gw2."";
$delextraroute="route del default gw ".$gw2."";
// find the actual defaullt gateway //
$state= shell_exec($getdefault);
$state =explode('.',$state); $state = $state[0] + $state[1] + $state[2] + $state[3];
$st1 =explode('.',$gw1); $st1 = $st1[0] + $st1[1] + $st1[2] + $st1[3];
$st2 =explode('.',$gw2); $st2 = $st2[0] + $st2[1] + $st2[2] + $st2[3];
// Run ping accross all gateways
$w1state = shell_exec($regularping);
$w2state = shell_exec($extrawanping);
###################### RESULT AND ACTION AFTER TESTING MAIN GW ################
if(!empty($w1state))
{
if(!empty($debug)) echo $w1state.' OK - '.$test1.' IS RESPONDING ON MAIN GATEWAY<br>';
// check if conf is regular conf
if($state != $st1)
{
// test show using altrenative gateway so make all changes
if(!empty($debug)) echo 'MAIN ROUTE IS RESPONDING RESTORING NORMAL CONFIGURATION</br>';
// restore original default route //
shell_exec($delextraroute); shell_exec($adoriroute);
shell_exec("echo \"nameserver ".$dnsa1."\" > /tmp/resolv.dnsmasq");
shell_exec("echo \"nameserver ".$dnsa2."\" >> /tmp/resolv.dnsmasq");
shell_exec("echo \"nameserver ".$dnsa3."\" >> /tmp/resolv.dnsmasq");
}
}
elseif(empty($w1state))
{
if($state != $st2)
{
if(!empty($debug)) echo 'MAIN ROUTE IS DOWN MAKING ALTERNATIVE CONFIGURATION</br>';
shell_exec($deloriroute); shell_exec($adextraroute);
shell_exec("echo \"nameserver ".$dnsb1."\" > /tmp/resolv.dnsmasq");
shell_exec("echo \"nameserver ".$dnsb2."\" >> /tmp/resolv.dnsmasq");
shell_exec("echo \"nameserver ".$dnsb3."\" >> /tmp/resolv.dnsmasq");
}
}
###################### RESULT AND ACTION AFTER TESTING SECONDARY GW ################
if(!empty($w2state))
{
if(!empty($debug)) echo $w2state.' OK - '.$test2.' IS RESPONDING ON ALTERNATIVE GATEWAY<br>';
// check if special voip routing rule 1 is ok
if(!empty($spr1))
{
$on=shell_exec("route -n | awk '/".$spr1."/ {print $1}'");
if(empty($on))
{
if(!empty($debug)) echo 'SECONDARY GW IS NOW RESPONDING RESTORING SPECIAL RULES CONFIGURATION</br>';
shell_exec("route add ".$spr1." gw ".$gw2."");
}
}
// check if special voip routing rule 2 is ok
if(!empty($spr2))
{
$on=shell_exec("route -n | awk '/".$spr2."/ {print $1}'");
if(empty($on))
{
shell_exec("route add ".$spr2." gw ".$gw2."");
}
}
// check if special voip routing rule 3 is ok
if(!empty($spr3))
{
$on=shell_exec("route -n | awk '/".$spr3."/ {print $1}'");
if(empty($on))
{
shell_exec("route add ".$spr3." gw ".$gw2."");
}
}
// check if special voip routing rule 4 is ok
if(!empty($spr4))
{
$on=shell_exec("route -n | awk '/".$spr4."/ {print $1}'");
if(empty($on))
{
shell_exec("route add ".$spr4." gw ".$gw2."");
}
}
}
// Backup wan is not responding, remove special routing rules
else
{
if(!empty($debug)) echo 'SECONDARY GW DOWN CHANGE SPECIAL ROUTING IF NEEDED !</br>';
if(!empty($spr1))
{
$already=shell_exec("route -n | awk '/".$spr1."/ {print $1}'");
if(!empty($already))
{
if(!empty($debug)) echo 'SECONDARY GW DOWN CHANGE SPECIAL ROUTING CONFIGURATION for '.$spr1.' AND OTHER</br>';
shell_exec("route del ".$spr1."");
if(!empty($spr2)){ shell_exec("route del ".$spr2.""); }
if(!empty($spr3)){ shell_exec("route del ".$spr3.""); }
if(!empty($spr4)){ shell_exec("route del ".$spr4.""); }
}
}
}
?>