From cdd35ab6cbcd2cc6fc089d3507451cac311c7766 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Tue, 1 Mar 2022 08:48:14 +0100 Subject: [PATCH] Firmware: make the connectivity audit more robust Change the ping to size 1500 to emulate a typical download scenario. Sometimes small pings will respond but not the larger fetch. Secondly, do a separate IPv4 and IPv6 update of the repository depending on whether we got a corresponding address from the host. It should clear up the question if IPv4 or IPv6 or both is broken/defunct/disabled. --- src/opnsense/scripts/firmware/connection.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/src/opnsense/scripts/firmware/connection.sh b/src/opnsense/scripts/firmware/connection.sh index c4781b16e..e2705c058 100755 --- a/src/opnsense/scripts/firmware/connection.sh +++ b/src/opnsense/scripts/firmware/connection.sh @@ -30,6 +30,8 @@ TEE="/usr/bin/tee -a" : > ${LOCKFILE} URL=$(opnsense-update -M) +POPT="-c4 -s1500" + HOST=${URL#*://} HOST=${HOST%%/*} IPV4=$(host -t A ${HOST} | head -n 1 | cut -d\ -f4) @@ -37,17 +39,20 @@ IPV6=$(host -t AAAA ${HOST} | head -n 1 | cut -d\ -f5) echo "***GOT REQUEST TO AUDIT CONNECTIVITY***" >> ${LOCKFILE} echo "Currently running $(opnsense-version) at $(date)" >> ${LOCKFILE} -echo "Checking connectivity for host: ${HOST}" | ${TEE} ${LOCKFILE} if [ -n "${IPV4}" -a -z "${IPV4%%*.*}" ]; then - (ping -c4 ${IPV4} 2>&1) | ${TEE} ${LOCKFILE} + echo "Checking connectivity for host: ${HOST} -> ${IPV4}" | ${TEE} ${LOCKFILE} + (ping ${POPT} ${IPV4} 2>&1) | ${TEE} ${LOCKFILE} + echo "Checking connectivity for repository (IPv4): ${URL}" | ${TEE} ${LOCKFILE} + (pkg -4 update -f 2>&1) | ${TEE} ${LOCKFILE} else - echo "No IPv4 address could be found." | ${TEE} ${LOCKFILE} + echo "No IPv4 address could be found for host: ${HOST}" | ${TEE} ${LOCKFILE} fi if [ -n "${IPV6}" -a -z "${IPV6%%*:*}" ]; then - (ping6 -c4 ${IPV6} 2>&1) | ${TEE} ${LOCKFILE} + echo "Checking connectivity for host: ${HOST} -> ${IPV6}" | ${TEE} ${LOCKFILE} + (ping6 ${POPT} ${IPV6} 2>&1) | ${TEE} ${LOCKFILE} + echo "Checking connectivity for repository (IPv6): ${URL}" | ${TEE} ${LOCKFILE} + (pkg -6 update -f 2>&1) | ${TEE} ${LOCKFILE} else - echo "No IPv6 address could be found." | ${TEE} ${LOCKFILE} + echo "No IPv6 address could be found for host: ${HOST}" | ${TEE} ${LOCKFILE} fi -echo "Checking connectivity for URL: ${URL}" | ${TEE} ${LOCKFILE} -(pkg update -f 2>&1) | ${TEE} ${LOCKFILE} echo '***DONE***' >> ${LOCKFILE}