近期由于CTS2,CTS5(青岛服)的PPTP协议出现异常,本站非常重视该问题,并且希望今后能避免这种问题出现。为此编写了自动切换协议脚本。用户只需修改脚本里对应的几个参数,然后定时执行,即可在侦测到问题时自动更换连接穿透服务器的协议。建议用户将该脚本加入到定时运行,若之前已存在CTS的连接,则会自动更名。建议5-10分钟循环执行一次。(取消了切换到PPTP)
ROS脚本代码
- ###使用前请确保你当前没有使用穿透进行管理###
- ###请删除之前自己创建的CTS穿透VPN连接,方可使用本脚本。###
- ###建议5-10分钟循环执行一次。6.38.5测试通过。###
- ###定义CTS服务器IP###
- :global ctsip 120.24.176.137
- ###定义CTS服务器虚拟网关###
- :global ctsgw 172.34.56.1
- ###定义CTS服务器用户名###
- :global ctsuser "user"
- ###定义CTS服务器密码###
- :global ctspass "passwd"
- ###获取当前使用的CTS的VPN类型###
- :global usedvpn ""
- ###获取当前CTS连接状态###
- :global stvpn
- :if ([/interface pptp-client find name=CTS-PPTP]!="") do={
- :set usedvpn pptp
- :set stvpn [/interface pptp-client find name=CTS-PPTP running=yes]}
- :if ([/interface l2tp-client find name=CTS-L2TP]!="") do={
- :set usedvpn l2tp
- :set stvpn [/interface l2tp-client find name=CTS-L2TP running=yes]}
- :if ([/interface sstp-client find name=CTS-SSTP]!="") do={
- :set usedvpn sstp
- :set stvpn [/interface sstp-client find name=CTS-SSTP running=yes]}
- :if ([/interface ovpn-client find name=CTS-OVPN]!="") do={
- :set usedvpn ovpn
- :set stvpn [/interface ovpn-client find name=CTS-OVPN running=yes]}
- ###没有发现任何符合条件的穿透接口,我来创建一个###
- :if (usedvpn="") do={
- :if ([/interface pptp-client find connect-to=$ctsip]!="") do={
- /interface pptp-client set [find connect-to=$ctsip] name=CTS-PPTP
- :set usedvpn pptp}
- :if ([/interface l2tp-client find connect-to=$ctsip]!="") do={
- /interface l2tp-client set [find connect-to=$ctsip] name=CTS-L2TP
- :set usedvpn l2tp}
- :if ([/interface sstp-client find connect-to=($ctsip.":22")]!="") do={
- /interface sstp-client set [find connect-to=($ctsip.":22")] name=CTS-SSTP
- :set usedvpn sstp}
- :if ([/interface ovpn-client find connect-to=$ctsip]!="") do={
- /interface ovpn-client set [find connect-to=$ctsip] name=CTS-OVPN
- :set usedvpn ovpn}}
- :if (usedvpn="") do={/interface ovpn-client add cipher=aes128 connect-to=$ctsip port=110 name=CTS-OVPN user=$ctsuser password=$ctspass profile=default-encryption}
- ###检测CTS当前连接是否正常,不正常则切换VPN协议###
- :if ($stvpn="") do={
- :if ($usedvpn="pptp") do={
- /interface pptp-client remove [find name=CTS-PPTP]
- /interface l2tp-client add connect-to=$ctsip disabled=no name=CTS-L2TP user=$ctsuser password=$ctspass profile=default-encryption}
- :if ($usedvpn="l2tp") do={
- /interface l2tp-client remove [find name=CTS-L2TP]
- /interface sstp-client
- add connect-to=($ctsip.":22") disabled=no name=CTS-SSTP profile=default-encryption user=$ctsuser password=$ctspass}
- :if ($usedvpn="sstp") do={
- /interface sstp-client remove [find name=CTS-SSTP]
- /interface ovpn-client add cipher=aes128 connect-to=$ctsip port=110 name=CTS-OVPN user=$ctsuser password=$ctspass profile=default-encryption}
- :if ($usedvpn="ovpn") do={
- /interface ovpn-client remove [find name=CTS-OVPN]
- #/interface pptp-client add connect-to=$ctsip name=CTS-PPTP user=$ctsuser password=$ctspass profile=default-encryption disabled=no
- /interface l2tp-client add connect-to=$ctsip disabled=no name=CTS-L2TP user=$ctsuser password=$ctspass profile=default-encryption}
- } else={
- :if ([/ping $ctsgw count=4]=0) do={
- :if ($usedvpn="pptp") do={
- /interface pptp-client remove [find name=CTS-PPTP]
- /interface l2tp-client add connect-to=$ctsip disabled=no name=CTS-L2TP user=$ctsuser password=$ctspass profile=default-encryption}
- :if ($usedvpn="l2tp") do={
- /interface l2tp-client remove [find name=CTS-L2TP]
- /interface sstp-client
- add connect-to=($ctsip.":22") disabled=no name=CTS-SSTP profile=default-encryption user=$ctsuser password=$ctspass}
- :if ($usedvpn="sstp") do={
- /interface sstp-client remove [find name=CTS-SSTP]
- /interface ovpn-client add cipher=aes128 connect-to=$ctsip port=110 name=CTS-OVPN user=$ctsuser password=$ctspass profile=default-encryption}
- :if ($usedvpn="ovpn") do={
- /interface ovpn-client remove [find name=CTS-OVPN]
- #/interface pptp-client add connect-to=$ctsip name=CTS-PPTP user=$ctsuser password=$ctspass profile=default-encryption disabled=no
- /interface l2tp-client add connect-to=$ctsip disabled=no name=CTS-L2TP user=$ctsuser password=$ctspass profile=default-encryption}
- }}
#1
