#!/bin/bash # # local-ssh-tunnel - sets up and maintains an SSH port-forwarding tunnel # # FIXME needs more testing # killing remote ssh process does not produce expected results set -e NAME=local-ssh-tunnel DESC="Secure port-forwarding tunnel" LOGGER="logger -t $NAME" PIDFILE_CONTROL=/var/run/$NAME.control.pid PIDFILE_SSH=/var/run/$NAME.ssh.pid # Set defaults REMOTE_USER=nturner REMOTE_HOST=codeine.cancerprev.org TUNNELS="-L 10143:localhost:143 -L 10025:localhost:25" SSH_OPTS="-g -2 -o ProtocolKeepAlives=300" SSH_IDENT="/etc/$NAME/.ssh/id_rsa" # Read config if [ -f /etc/default/local-ssh-tunnel ]; then . /etc/default/local-ssh-tunnel fi # Run case "$1" in start) if [ -e "$PIDFILE_CONTROL" ] \ && kill -0 `cat "$PIDFILE_CONTROL"` 2>/dev/null; then echo "$NAME already running." 1>&2 exit 1 fi echo -n "Starting $DESC: " ( ( echo "starting up." while true; do ssh -i "$SSH_IDENT" -l $REMOTE_USER \ $SSH_OPTS $TUNNELS $REMOTE_HOST -N & # XXX replace -N with sleep 5 to test failover XXX ssh_pid=$! echo $ssh_pid > "$PIDFILE_SSH" echo "connected. [$ssh_pid]" wait $ssh_pid echo "disconnected [$ssh_pid]; reconnecting in 1 second..." sleep 1 done ) & echo $! > "$PIDFILE_CONTROL" wait $! ) 2>&1 | $LOGGER & echo "cdp-tunnel." ;; stop) if [ ! -e "$PIDFILE_CONTROL" -a ! -e "$PIDFILE_SSH" ]; then echo "$NAME not running." 1>&2 exit 1 fi echo -n "Stopping $DESC:" echo "shutting down." | $LOGGER if [ -e "$PIDFILE_CONTROL" ]; then if kill -0 `cat "$PIDFILE_CONTROL"` 2>/dev/null; then kill -HUP `cat "$PIDFILE_CONTROL"` 2>/dev/null echo -n " control" fi rm "$PIDFILE_CONTROL" fi if [ -e "$PIDFILE_SSH" ]; then if kill -0 `cat "$PIDFILE_SSH"` 2>/dev/null; then kill -HUP `cat "$PIDFILE_SSH"` 2>/dev/null echo -n " ssh" fi rm "$PIDFILE_SSH" fi echo "." ;; restart|force-reload) $0 stop || true $0 start ;; *) echo "ERROR: (FIXME need better feedback)" exit 2 ;; esac