insurgent

view bin/insurgent.sh @ 1:aac5e8f4ce84

find changesets by author, revision, files, or words in the commit message
GNU Affero General Public License
author Binki <ohnobinki@ohnopublishing.net>
date Sun Dec 13 02:30:48 2009 -0500 (7 months ago)
parents 771762915ac3
children
line source
1 #!/bin/bash
2 # Copyright 2009 Nathan Phillip Brink
3 #
4 # This file is a part of insurgent.
5 #
6 # insurgent is free software: you can redistribute it and/or modify
7 # it under the terms of the GNU Affero General Public License as published by
8 # the Free Software Foundation, either version 3 of the License, or
9 # (at your option) any later version.
10 #
11 # insurgent is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU Affero General Public License for more details.
15 #
16 # You should have received a copy of the GNU Affero General Public License
17 # along with insurgent. If not, see <http://www.gnu.org/licenses/>.
18
19 # ssh cli-style userhost
20 REMOTE_HOST="user@blah.net"
21 # port forwardings
22 PORTS="-R 16022:localhost:22 -L 10631:localhost:631 -L5903:localhost:5903 -L5904:localhost:5904
23 -R 16023:acolyte:22 -L 10443:linksys.cdm:443 -L 10025:localhost:25"
24 SSH_OPTS="-o Compression=yes"
25 # a port that is forward from here to the remote host
26 # that we should be able to connect to if the tunnel is up
27 PORT_LOCALTEST=10025
28
29 # the same for a remote-forwarded port:
30 PORT_REMOTETEST=16022
31
32 # where the pidfile should be stored
33 PIDFILE="$0.pid"
34
35 ############
36 # local vars (don't edit beneath here):
37
38 # 1 if the ssh client needs to be restarted
39 START=0
40
41 SSHOUTFILE=$(mktemp)
42
43 if ! [ -z "${PORT_LOCALTEST}" ] \
44 && ! nc -z localhost ${PORT_LOCALTEST}; then
45 START=1
46 echo "starting because my cupsd tunnel is down"
47 kill $(cat ${PIDFILE})
48
49 else
50 if ! [ -z "${PORT_REMOTETEST}" ] \
51 && ! ssh ${REMOTE_HOST} nc -z localhost ${PORT_REMOTETEST} 2>${SSHOUTFILE} >${SSHOUTFILE}; then
52 # ^ aliveness of reverse tunnel (netcat's -z option is a wonderful thing...):
53 echo "ssh to ${REMOTE_HOST} errored or the reverse ssh tunnel is down:"
54 START=1
55 cat ${SSHOUTFILE}
56 #kill the hanging ssh client
57 kill $(cat ${PIDFILE})
58 fi
59 fi
60
61 #TODO make this line more flexible to match ${PORTS} better
62 if ! ps v -p $(cat ${PIDFILE}) | grep "ssh" |grep "[:]localhost[:]" |grep "${REMOTE_HOST}" > /dev/null ;
63 then
64 START=1
65 fi
66
67 if [ "${START}" = "1" ]; then
68 #we get security+speed+efficiency using ssh-hpn+compression :-)
69
70 rm ${PIDFILE}
71 /sbin/start-stop-daemon --start --make-pidfile --background --pidfile ${PIDFILE} \
72 --exec $(which ssh) -- -n -N ${REMOTE_HOST} ${SSH_OPTS} \
73 ${PORTS}
74 fi