gateway-check for OPNsense, fixes opnsense/core#8417

nbari · nbari · commit 3919adc4eeac · 2025-03-09T12:22:42.000+01:00
diff --git a/opnsense/README.md b/opnsense/README.md
@@ -0,0 +1,39 @@
+# Update Gateway
+
+This script is used in OPNsense to update the WAN gateway if the current
+gateway is not reachable.
+
+Copy the script for example to `/root/gateway-check.php` and create `/root/gateway-check.ini` with:
+
+```
+; Gateway Check Configuration
+[general]
+; UUID for gateway configuration
+uuid = 00000000-0000-0000-0000-000000000000
+; Interface name
+interface = wan
+; Gateway IPs to check (in order of priority)
+gateway_ips = X.X.X.X, Y.Y.Y.Y, Z.Z.Z.Z
+; Ping timeout in seconds
+ping_timeout = 1
+; Number of ping attempts
+ping_count = 3
+
+[logging]
+; Enable detailed logging
+debug = false
+; Log file location
+log_file = /var/log/gateway-check.log
+; Rotate logs after they reach this size (in bytes), 0 to disable
+log_rotate_size = 1048576
+; Number of rotated log files to keep
+log_rotate_count = 5
+```
+
+To get the UUID for the gateway configuration, you can use the API:
+
+```
+curl -u "user":"pass" -k -s https://<opnsense/api/routing/settings/get | jq
+```
+
+> jq is only needed if you want to pretty print the JSON output.
diff --git a/opnsense/actions.d/README.md b/opnsense/actions.d/README.md
@@ -0,0 +1,17 @@
+## Check https://docs.opnsense.org/development/backend/configd.html
+
+Copy the files:
+- actions_gateway-check.conf
+- actions_gateway-check-sleep.conf
+
+Into `/usr/local/opnsense/service/conf/actions.d/`
+
+Then restart configd with:
+
+```
+service configd restart
+```
+
+Create 2 entries in the cron via OPNsense UI: (settings -> cron):
+
+![cron](cron.png)
diff --git a/opnsense/actions.d/actions_gateway-check-sleep.conf b/opnsense/actions.d/actions_gateway-check-sleep.conf
@@ -0,0 +1,6 @@
+[reload]
+command:/usr/local/bin/flock -n -E 0 -o /tmp/gateway_check.lock sleep 30; /usr/local/bin/php /root/gateway-check.php
+parameter:
+type:script
+Message:Check WAN gateway and update if required
+description:Check WAN gateway (sleep 30)
diff --git a/opnsense/actions.d/actions_gateway-check.conf b/opnsense/actions.d/actions_gateway-check.conf
@@ -0,0 +1,6 @@
+[reload]
+command:/usr/local/bin/flock -n -E 0 -o /tmp/gateway_check.lock /usr/local/bin/php /root/gateway-check.php
+parameter:
+type:script
+Message:Check WAN gateway and update if required
+description:Check WAN gateway
diff --git a/opnsense/actions.d/cron.png b/opnsense/actions.d/cron.png
diff --git a/opnsense/gateway-check.php b/opnsense/gateway-check.php
