Test results:
ISP disconnection log
> Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: link aba21 down event Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: name = aba21, replied = 84, waiting = 16, timeout = 15, timeout max = 15, late reply = 0, cons rcvd = 0, cons wait = 2, cons miss = 2, cons miss max = 5, avg_rtt = 217.044, seq = 918, status = down Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: seq * Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: used 1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: wait 1000110011100001110000000000000000000000000000000000000000000100000000000000001000000001000000001111 Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: replied 0111001100011110001111111111111111111111111111111111111111111011111111111111110111111110111111110000 Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: timeout 1000110011100001100000000000000000000000000000000000000000000100000000000000001000000001000000001111 Jun 28 12:36:30 GOAFE-FIREWALL lsm[1417]: error 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Jun 28 12:36:30 GOAFE-FIREWALL esmith::event[11992]: Event: wan-uplink-update down aba21 8.8.4.4 eth2 root 84 16 15 0 0 2 2 217044 192.168.1.60 up 1435511190 Jun 28 12:36:30 GOAFE-FIREWALL esmith::event[11992]: Action: /etc/e-smith/events/wan-uplink-update/S50nethserver-shorewall-wan-update SUCCESS [0.335153] Jun 28 12:36:30 GOAFE-FIREWALL esmith::event[11992]: Event: wan-uplink-update SUCCESS
> Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: link aba31 down event Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: name = aba31, replied = 92, waiting = 8, timeout = 7, timeout max = 7, late reply = 0, cons rcvd = 0, cons wait = 7, cons miss = 7, cons miss max = 7, avg_rtt = 66.039, seq = 219, status = down Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: seq * Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: used 1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111 Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: wait 0000000000011111111000000000000000000000000000000000000000000000000000000000000000000000000000000000 Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: replied 1111111111100000000111111111111111111111111111111111111111111111111111111111111111111111111111111111 Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: timeout 0000000000011111110000000000000000000000000000000000000000000000000000000000000000000000000000000000 Jun 28 12:24:40 GOAFE-FIREWALL lsm[1417]: error 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Jun 28 12:24:40 GOAFE-FIREWALL esmith::event[3237]: Event: wan-uplink-update down aba31 8.8.8.8 eth3 root 92 8 7 0 0 7 7 66039 192.168.2.60 up 1435510480 Jun 28 12:24:41 GOAFE-FIREWALL esmith::event[3237]: Action: /etc/e-smith/events/wan-uplink-update/S50nethserver-shorewall-wan-update SUCCESS [0.260251] Jun 28 12:24:41 GOAFE-FIREWALL esmith::event[3237]: Event: wan-uplink-update SUCCESS Jun 28 12:24:43 GOAFE-FIREWALL kernel: eth2: link down Jun 28 12:24:45 GOAFE-FIREWALL kernel: eth3: link down Jun 28 12:24:46 GOAFE-FIREWALL kernel: eth2: link up, 100Mbps, full-duplex, lpa 0xC5E1 Jun 28 12:24:49 GOAFE-FIREWALL kernel: eth3: link up, 100Mbps, full-duplex, lpa 0xC5E1
Make your changes to LSM and S50nethserver-shorewall-wan-update
================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l.
# http://www.nethesis.it - support@nethesis.it
#
#
# Debug level: 0 .. 8 are normal, 9 gives lots of stuff and 100 doesn't
# bother to detach
#
#debug=10
#debug=9
debug=8
#
# Defaults for the connection entries
#
defaults {
name=defaults
checkip=127.0.0.1
eventscript=/usr/libexec/nethserver/lsm-wan-link-update
notifyscript=
max_packet_loss=15
max_successive_pkts_lost=7
min_packet_loss=5
min_successive_pkts_rcvd=10
interval_ms=1000
timeout_ms=1000
warn_email=root
check_arp=0
sourceip=
# if using ping probes for monitoring only then defaults should
# not define a default device for packets to autodiscover their path
# to destination
device=eth0
# use system default ttl
# ttl=0
# assume initial up state at lsm startup (1 = up, 0 = down, 2 = unknown (default))
status=1
}
- S50nethserver-shorewall-wan-update File
#!/bin/bash
#
# (C) 2009,2013 Mika Ilmaranta <ilmis@nullnet.fi>
# Copyright © 2009-2010 Tuomo Soini <tis@foobar.fi>
#
# License: GPLv2
#
#
# event handling script for use with shorewall multi-isp setup
# To be able to utilize this script you must have shorewall >= 4.4.23.3
#
shift;
STATE=${1}
NAME=${2}
CHECKIP=${3}
DEVICE=${4}
WARN_EMAIL=${5}
REPLIED=${6}
WAITING=${7}
TIMEOUT=${8}
REPLY_LATE=${9}
CONS_RCVD=${10}
CONS_WAIT=${11}
CONS_MISS=${12}
AVG_RTT=${13}
SRCIP=${14}
PREVSTATE=${15}
TIMESTAMP=${16}
DATE=$(/bin/date --date=@${TIMESTAMP})
if [ ${STATE} = up ]; then
state=0
action=enable
else
state=1
action=disable
fi
VARDIR=$(/usr/sbin/shorewall show vardir)
echo $state > ${VARDIR:-/var/lib/shorewall}/${DEVICE}.status
bash ${VARDIR:-/var/lib/shorewall}/firewall ${action} ${DEVICE} \
>> /var/log/lsm 2>&1 \
|| bash ${VARDIR:-/var/lib/shorewall}/firewall restart >> /var/log/lsm 2>&1
/usr/sbin/shorewall show routing >> /var/log/lsm
exit 0;
#EOF
I’m using the original and adapted to NethServer paths.
Try if you have more than one ISP
Regards