Ubuntu 22.04LTS Script and Service Failure

Shell Scripting & Linux Command Line
1

Hello,

I have tested this on several ubuntu 22.04LTS servers (CLI only) and so far proving unstable. I created a new service which runs a shell script to start up Palo Alto Networks globalprotect VPN client and auto-connect back to our data center. The script loops every minute to ping an IP address inside the data center and in the event of failure, reconnect VPN client. I’ve had several approaches with the code and so far it is unstable. Sometimes it can be stable until I reboot and then it doesn’t work. The service or script is spooling up multiple instances of globalprotect client which makes it fail to connect to VPN anymore. Here is the service file:

cat /etc/systemd/system/myVpn.service[Unit]Description=My Vpn ConnectionWants=network.targetAfter=syslog.target network-online.target

[Service]Type=simpleExecStart=/usr/local/bin/myvpn.shExecStop=/bin/sh -c 'globalprotect disconnect'Restart=on-failureRestartSec=10KillMode=process

[Install]WantedBy=multi-user.target

The script is:

cat /usr/local/bin/myvpn.sh#!/bin/bash

#Variablesping_targets="x.x.x.x"failed_hosts=""

#Start gp client vpn and log the eventglobalprotect connect -p x.x.x.x -u xxxx

echo "myVpn.service: ## Starting globalprotect ##" | systemd-cat -p info

#Check connectivity every minutewhile :

do

TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')

echo "myVpn.service: ${TIMESTAMP} checking opmgr central reachable over vpn" | systemd-cat -p info

   ping -c 1 x.x.x.x > /dev/null   if [ $? -ne 0 ]; thenif [ "$failed_hosts" == "" ]; thenfailed_hosts="x.x.x.x"elsefailed_hosts="$failed_hosts, 'x.x.x.x'"fi   fi

if [ "$failed_hosts" != "" ]; then   globalprotect connect -p x.x.x.x -u xxxx   echo "myVpn.service: ## Reconnecting due to packet loss ##" | systemd-cat -p infofi

sleep 60

done

I removed usernames and IP addresses and replaced them with x for security reasons. I appreciate any feedback or advise with this. It’s frustrating when I had the first test server stable all weekend long and yesterday it also lost vpn connection. Is this better accomplished as a crontab job instead of a service?

Thanks!

2

hi @olivebranch2006 ,
I am worried about the lack of spaces in that line
keywords normally need to be spaced
and
your script would be more readable if you avoided long multi-statement lines

I think I would prefer a cron job
Regards
Neville

3 Likes