-
Notifications
You must be signed in to change notification settings - Fork 0
/
pfsense-iface-reset.sh
executable file
·67 lines (55 loc) · 2 KB
/
pfsense-iface-reset.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/bin/bash
# Function to convert IP addresses to numerical representations for comparison
ip2num() {
local a b c d
IFS=. read -r a b c d <<< "$1"
echo "$((a * 256 ** 3 + b * 256 ** 2 + c * 256 + d))"
}
# Function to check if an IP falls within a subnet range
ip_in_subnet() {
local ip=$1
local cidr=$2
local network=$(echo $cidr | cut -d/ -f1)
local mask=$(echo $cidr | cut -d/ -f2)
local network_dec=$(echo $network | awk -F. '{printf("%d\n", ($1 * 256 + $2) * 256 + $3)}')
local ip_dec=$(echo $ip | awk -F. '{printf("%d\n", ($1 * 256 + $2) * 256 + $3)}')
local mask_dec=$((0xffffffff << (32 - $mask)))
[[ $((ip_dec & mask_dec)) -eq $((network_dec & mask_dec)) ]]
}
# Function to check if an IP address is within a specified range and log changes to syslog
check_ip_range_and_log() {
local INTERFACE="$1"
local ACTUAL_IP="$2"
local EXPECTED_IP_RANGE="$3"
echo "$ACTUAL_IP $EXPECTED_IP_RANGE"
if ! ip_in_subnet "$ACTUAL_IP" "$EXPECTED_IP_RANGE"; then
log_and_reboot "$INTERFACE" "WAN IP address is within the expected subnet range ($EXPECTED_IP_RANGE)."
else
log_no_action_taken "$INTERFACE" "WAN IP address is not within the expected subnet range ($EXPECTED_IP_RANGE). Skipping."
fi
}
# Function to log and reboot
log_and_reboot() {
local INTERFACE="$1"
local MESSAGE="$2"
logger -t "WAN-IP-Checker" "$MESSAGE"
echo "$MESSAGE"
#ifconfig "$INTERFACE" down
#sleep 5
#ifconfig "$INTERFACE" up
. /var/etc/pppoe_restart_pppoe0
. /etc/rc.dyndns.update
logger -t "WAN-IP-Checker" "$INTERFACE interface rebooted."
echo "$INTERFACE interface rebooted."
}
# Function to log no action taken
log_no_action_taken() {
local INTERFACE="$1"
local MESSAGE="$2"
logger -t "WAN-IP-Checker" "$MESSAGE"
echo "$MESSAGE"
}
INTERFACE="pppoe0"
ACTUAL_IP=$(ifconfig "$INTERFACE" | grep 'inet ' | awk '{print $2}')
EXPECTED_IP_RANGE="100.64.0.0/10" # CIDR for the range 100.64.0.0 to 100.127.255.255 (CGNAT)
check_ip_range_and_log "$INTERFACE" "$ACTUAL_IP" "$EXPECTED_IP_RANGE"