Load Balancing with Endian Firewall Community

[Guest]

[haiau]

First, I'sorry for my English ability is not good!

Endian Firewall Community work well with Proxy server, they bring great advantage to caching.
I see many questions about editing your Endian Firewall Community load balancer, I also tried setting to try but found that this mechanism works by Endian not improve speed Internet access for lost profit the memory buffer, proxy caching.

If you want to test your Endian Firewall Community, please make: You can modifications your Endian run banlancing

Step1. Create a script to run at startup, put in: /etc/rc.d/start/balancing99startup

# --- Begin balancing99startup ---
#!/bin/sh

/etc/init.d/balancingstartup start

exit 0
# --- End balancing99startup ---

Step2. Create test scenarios and change the default gateway, put in: /etc/rc.d/init.d/checkgateway(change)balancingstartup

Step2. Create test scenarios and change the default gateway, put in: /etc/rc.d/init.d/balancingstartup

# ---  Begin checkgateway ---
#!/bin/sh

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
CHECKGATEWAYLOG=/var/log/gatewaystatus

command="$1"

case "$command" in
start)
   echo "Starting modifications routing"
   if [ -f $CHECKGATEWAYLOG ]; then
      /bin/rm $CHECKGATEWAYLOG
   fi
   /usr/local/sbin/balancing & > /dev/null  2>&1
   echo $! > /usr/local/share/balancing.pid
   date +"----- Starting modifications routing ----- (%D %T)" >> $CHECKGATEWAYLOG

;;
stop)
   echo "Stoping modifications routing"
   if [ -f $CHECKGATEWAYLOG ]; then
      /bin/rm $CHECKGATEWAYLOG
   fi
   kill -9 $(cat /usr/local/share/balancing.pid) && rm /usr/local/share/balancing.pid
   date +"----- Stoping modifications routing ----- (%D %T)" >> $CHECKGATEWAYLOG

;;
*)
# --- echo "Usage /etc/init.d/checkgateway(change)balancingstartup start|stop"
echo "Usage /etc/init.d/balancingstartup start|stop"
;;
esac

# ---  End checkgateway ---

Step3. Scripting made simple load balancing, put in: /usr/local/sbin/balancing

# --- Create for 3 Wan, you can custom modifications ---

# ---  Begin balancing ---
#!/bin/bash

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
PROG="balancing"
PROGDIR="/usr/local/sbin"
PROGSTATUS=000

# Configuration Variables

# ----- Begin Of Configuration -----

# Conventionally 0 indicates success in this script.

# Time between checks in seconds
SLEEPTIME=15

# IP Address or Domain name to ping. The script relies on the domain being
# Pingable and always available
# www.sf.net
CHECKHOST1=216.34.181.60
# www.yahoo.com
CHECKHOST2=209.131.36.158
# www.google.com
CHECKHOST3=208.67.216.231
# www.vnexpress.net
CHECKHOST4=210.245.0.22
# www.sourceforge.net
CHECKHOST5=216.34.181.60

# Total ping not available
CHECKNOTRETVAL=0

# If a ping detection does not receive normal response in standard time and the former state of the line is normal.
# When continuous ping detections do not receive normal responses, and the number exceed set number (default :3 ),
# then the state will change into "Break down ?off".
CHECKWEIGHT=3

# Ping timeout in seconds
TIMEOUT=3

# External interfaces (Change for your external interfaces)
EXTIF1=eth1
EXTIF2=eth2
EXTIF3=eth3

# IP address of external interfaces. This is not the gateway address. (Change for IP WAN your external interfaces)
IP1=192.168.1.254
IP2=192.168.2.254
IP3=192.168.3.254

# Gateway IP addresses. This is the first (hop) gateway, could be your router IP
# Address if it has been configured as the gateway. (Change for ip wan your gateway interfaces)
GW1=192.168.1.1
GW2=192.168.2.1
GW3=192.168.3.1

# Relative weights of routes. Keep this to a low integer value. I am using 1 for wan connection
WEIGHT1=1
WEIGHT2=1
WEIGHT3=1

# Broadband providers name; use your own names here.
NAME1=WAN1
NAME2=WAN2
NAME3=WAN3

# No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=3
FAILUREREPEATCOUNT=1

# Do not change anything below this line

# Last link status indicates the macro status of the link we determined. This is down initially to force routing change upfront. Don't change these values.
LASTLINKSTATUS1=1
LASTLINKSTATUS2=1
LASTLINKSTATUS3=1

# Last ping status. Don't change these values.
LASTPINGSTATUS1=1
LASTPINGSTATUS2=1
LASTPINGSTATUS3=1

# Current ping status. Don't change these values.
CURRENTPINGSTATUS1=1
CURRENTPINGSTATUS2=1
CURRENTPINGSTATUS3=1

# Change link status indicates that the link needs to be changed. Don't change these values.
CHANGELINKSTATUS1=1
CHANGELINKSTATUS2=1
CHANGELINKSTATUS3=1

# Count of repeated up status or down status. Don't change these values.
COUNT1=0
COUNT2=0
COUNT3=0

# Log last load balancing routing status
CHECKGATEWAYLOG=/var/log/gatewaystatus

# ----- End Of Configuration -----

# Check all wan link status

while : ; do

for CHECKHOSTS in {$CHECKHOST1,$CHECKHOST2,$CHECKHOST3,$CHECKHOST4,$CHECKHOST5}
   do
      ping -W $TIMEOUT -I $IP1 -c 1 $CHECKHOSTS > /dev/null  2>&1
      RETVAL=$?
      if [ $RETVAL -ne 0 ]; then
          CHECKNOTRETVAL=`expr $CHECKNOTRETVAL + 1`
      fi
   done

if [ $CHECKNOTRETVAL -ge $CHECKWEIGHT ]; then
   RETVAL=1
else
   RETVAL=0
fi

CHECKNOTRETVAL=0

if [ $RETVAL -ne 0 ]; then
   echo Warning !!! $NAME1 Down
   echo $PROGSTATUS
   CURRENTPINGSTATUS1=1
else
   CURRENTPINGSTATUS1=0
fi

if [ $LASTPINGSTATUS1 -ne $CURRENTPINGSTATUS1 ]; then
   echo Ping status changed for $NAME1 from $LASTPINGSTATUS1 to $CURRENTPINGSTATUS1
   COUNT1=1
else
   if [ $LASTPINGSTATUS1 -ne $LASTLINKSTATUS1 ]; then
      COUNT1=`expr $COUNT1 + 1`
   fi
fi

if [[ $COUNT1 -ge $SUCCESSREPEATCOUNT || ($LASTLINKSTATUS1 -eq 0 && $COUNT1 -ge $FAILUREREPEATCOUNT) ]]; then
   echo Uptime status will be changed for $NAME1 from $LASTLINKSTATUS1
   CHANGELINKSTATUS1=0
   COUNT1=0
if [ $LASTLINKSTATUS1 -eq 1 ]; then
   LASTLINKSTATUS1=0
else
   LASTLINKSTATUS1=1
fi
else
   CHANGELINKSTATUS1=1
fi

LASTPINGSTATUS1=$CURRENTPINGSTATUS1

for CHECKHOSTS in {$CHECKHOST1,$CHECKHOST2,$CHECKHOST3,$CHECKHOST4,$CHECKHOST5}
   do
     ping -W $TIMEOUT -I $IP2 -c 1 $CHECKHOSTS > /dev/null  2>&1
     RETVAL=$?
     if [ $RETVAL -ne 0 ]; then
        CHECKNOTRETVAL=`expr $CHECKNOTRETVAL + 1`
     fi
   done

if [ $CHECKNOTRETVAL -ge $CHECKWEIGHT ]; then
   RETVAL=1
else
   RETVAL=0
fi

CHECKNOTRETVAL=0

if [ $RETVAL -ne 0 ]; then
   echo Warning !!! $NAME2 Down
   echo $PROGSTATUS
   CURRENTPINGSTATUS2=1
else
   CURRENTPINGSTATUS2=0
fi

if [ $LASTPINGSTATUS2 -ne $CURRENTPINGSTATUS2 ]; then
   echo Ping status changed for $NAME2 from $LASTPINGSTATUS2 to $CURRENTPINGSTATUS2
   COUNT2=1
else
if [ $LASTPINGSTATUS2 -ne $LASTLINKSTATUS2 ]; then
   COUNT2=`expr $COUNT2 + 1`
fi
fi

if [[ $COUNT2 -ge $SUCCESSREPEATCOUNT || ($LASTLINKSTATUS2 -eq 0 && $COUNT2 -ge $FAILUREREPEATCOUNT) ]]; then
   echo Uptime status will be changed for $NAME2 from $LASTLINKSTATUS2
   CHANGELINKSTATUS2=0
   COUNT2=0
if [ $LASTLINKSTATUS2 -eq 1 ]; then
   LASTLINKSTATUS2=0
else
   LASTLINKSTATUS2=1
fi
else
   CHANGELINKSTATUS2=1
fi

LASTPINGSTATUS2=$CURRENTPINGSTATUS2

for CHECKHOSTS in {$CHECKHOST1,$CHECKHOST2,$CHECKHOST3,$CHECKHOST4,$CHECKHOST5}
   do
     ping -W $TIMEOUT -I $IP3 -c 1 $CHECKHOSTS > /dev/null  2>&1
     RETVAL=$?
     if [ $RETVAL -ne 0 ]; then
        CHECKNOTRETVAL=`expr $CHECKNOTRETVAL + 1`
     fi
   done

if [ $CHECKNOTRETVAL -ge $CHECKWEIGHT ]; then
   RETVAL=1
else
   RETVAL=0
fi

CHECKNOTRETVAL=0

if [ $RETVAL -ne 0 ]; then
   echo Warning !!! $NAME3 Down
   echo $PROGSTATUS
   CURRENTPINGSTATUS3=1
else
   CURRENTPINGSTATUS3=0
fi

if [ $LASTPINGSTATUS3 -ne $CURRENTPINGSTATUS3 ]; then
   echo Ping status changed for $NAME3 from $LASTPINGSTATUS3 to $CURRENTPINGSTATUS3
   COUNT3=1
else
if [ $LASTPINGSTATUS3 -ne $LASTLINKSTATUS3 ]; then
   COUNT3=`expr $COUNT3 + 1`
fi
fi

if [[ $COUNT3 -ge $SUCCESSREPEATCOUNT || ($LASTLINKSTATUS3 -eq 0 && $COUNT3 -ge $FAILUREREPEATCOUNT) ]]; then
   echo Uptime status will be changed for $NAME3 from $LASTLINKSTATUS3
   CHANGELINKSTATUS3=0
   COUNT3=0
if [ $LASTLINKSTATUS3 -eq 1 ]; then
   LASTLINKSTATUS3=0
else
   LASTLINKSTATUS3=1
fi
else
   CHANGELINKSTATUS3=1
fi

LASTPINGSTATUS3=$CURRENTPINGSTATUS3

# Custom policy-based routing

if [[ $CHANGELINKSTATUS1 -eq 0 || $CHANGELINKSTATUS2 -eq 0 || $CHANGELINKSTATUS3 -eq 0 ]]; then
   if [[ $LASTLINKSTATUS1 -eq 1 && $LASTLINKSTATUS2 -eq 1 && $LASTLINKSTATUS3 -eq 0  ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 1 Wan - Switching To $NAME3
      date +"----- Custom policy-based routing :: 1 Wan - $NAME3 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=003
      echo $PROGSTATUS
      ip route replace default scope global via $GW2 dev $EXTIF2
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 1 && $LASTLINKSTATUS2 -eq 0 && $LASTLINKSTATUS3 -eq 1 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 1 Wan - Switching To $NAME2
      date +"----- Custom policy-based routing :: 1 Wan - $NAME2 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=002
      echo $PROGSTATUS
      ip route replace default scope global via $GW2 dev $EXTIF2
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 0 && $LASTLINKSTATUS2 -eq 1 && $LASTLINKSTATUS3 -eq 1 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 1 Wan - Switching To $NAME1
      date +"----- Custom policy-based routing :: 1 Wan - $NAME1 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=001
      echo $PROGSTATUS
      ip route replace default scope global via $GW1 dev $EXTIF1
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 1 && $LASTLINKSTATUS2 -eq 0 && $LASTLINKSTATUS3 -eq 0 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 2 Wan - Switching To $NAME2, $NAME3
      date +"----- Custom policy-based routing :: 2 Wan - $NAME2, $NAME3 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=023
      echo $PROGSTATUS
      ip route replace default scope global nexthop via $GW2 dev $EXTIF2 weight $WEIGHT2 nexthop via $GW3 dev $EXTIF3 weight $WEIGHT3
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 0 && $LASTLINKSTATUS2 -eq 0 && $LASTLINKSTATUS3 -eq 1 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 2 Wan - Switching To $NAME1, $NAME2
      date +"----- Custom policy-based routing :: 2 Wan - $NAME1, $NAME2 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=012
      echo $PROGSTATUS
      ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $WEIGHT1 nexthop via $GW2 dev $EXTIF2 weight $WEIGHT2
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 0 && $LASTLINKSTATUS2 -eq 1 && $LASTLINKSTATUS3 -eq 0 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 2 Wan - Switching To $NAME1, $NAME3
      date +"----- Custom policy-based routing :: 2 Wan - $NAME1, $NAME3 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=013
      echo $PROGSTATUS
      ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $WEIGHT1 nexthop via $GW3 dev $EXTIF3 weight $WEIGHT3
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   elif [[ $LASTLINKSTATUS1 -eq 0 && $LASTLINKSTATUS2 -eq 0 && $LASTLINKSTATUS3 -eq 0 ]]; then
      ip route flush cache
      sleep $SLEEPTIME
      echo Custom policy-based routing To 3 Wan - Switching To $NAME1, $NAME2, $NAME3
      date +"----- Custom policy-based routing :: 3 Wan - $NAME1, $NAME2, $NAME3 (%D %T) -----" >> $CHECKGATEWAYLOG
      PROGSTATUS=123
      echo $PROGSTATUS
      ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $WEIGHT1 nexthop via $GW2 dev $EXTIF2 weight $WEIGHT2 nexthop via $GW3 dev $EXTIF3 weight $WEIGHT3
      ip route show | awk '{print}' >> $CHECKGATEWAYLOG
   fi
   ip route flush cache
fi
sleep $SLEEPTIME
done

# ---  End balancing ---

### Luck for you ###

   
PS:
I wish if others are able to use static routes using different uplinks gateway - "Custom policy-based routing with static routes"

If anyone has ideas about this?

------------------------------------------------

Thanks schnoerkel for the advice of my mistakes.

Please correct the following:

Step1. Create a script to run at startup, put in: /etc/rc.d/start/balancing99startup

purposes; program called the boot Endian Firewall


Step2. Create test scenarios and change the default gateway, put in: /etc/rc.d/init.d/balancingstartup

purposes; permanent check the status of links wan (checkgateway)

Step3. Scripting made simple load balancing, put in: /usr/local/sbin/balancing

[schnoerkel]

Hi haiau,

the script "/etc/init.d/balancingstartup" does not exist, it should be "/etc/init.d/checkgateway" in te script "balancing99startup" step 1 ?


or need to create a sript "balancingstartup" created

with "checkgateway", it works perfectly.


schnoerkel

[haiau]

Hi haiau,

the script "/etc/init.d/balancingstartup" does not exist, it should be "/etc/init.d/checkgateway" in te script "balancing99startup" step 1 ?


or need to create a sript "balancingstartup" created

with "checkgateway", it works perfectly.


schnoerkel

Thanks for the advice of my mistakes.

Please correct the following:

Step1. Create a script to run at startup, put in: /etc/rc.d/start/balancing99startup

purposes; program called the boot Endian Firewall


Step2. Create test scenarios and change the default gateway, put in: /etc/rc.d/init.d/balancingstartup

purposes; permanent check the status of links wan (checkgateway)

Step3. Scripting made simple load balancing, put in: /usr/local/sbin/balancing

[schnoerkel]

Hi haiau,

endian 2.3rc1

no internet available if only a wan

no failover works with the script.

can anyone confirm, you can use the recheck,

Thanks

Schnoerkel

[haiau]

I tested the EFW 2.3RC1, but the failover feature does not work on version 2.2 and 2.3RC1, I have to go back to using version 2.2RC3. I'll try to check this script.

[takasungi]

i use this script with 2.3 release loadbalance work but haveing some ploblem, smtp can't use firewall log say allow but can't connect to smtp server.if i stop script and use for original smtp can sent email.

[DBX]

Hey everyone...
I have made some modifications on the script for only 2 wan connections (which is the normal enviroment).

I have Efw 2.3 Released on Oct 27/2009.
which says it self has support for multiwan failover, it doesnt matter for me load balancig at this moment.

the script doesn't work for me...

anyway, doing some tests, i find this... I do configure 2 uplinks, Main and Backup...
both of them enabled and started at boot and managed(checkboxes selected)
from outside both IP responses to ping as I permit ICMP for testing...

but whe i phisically disconnect the cable or simply turnoff Modem1 (main uplink)
on the logs I see ifplugd detects the disconnection and then, i should change the ip routes, but looking "ip route" output, still have the gw for MainUplink...

but if I manually disable (by clicking on enable/disable checkbox) the mainuplink, the routes and everything changes to backup uplink! and everything works perfectly!

seems something is wrong or missing on the steps scripts(efw) must do to have failover working!!!

any suggestion???

[haiau]

You can refer to more information about the error in:

1. http://bugs.endian.com/view.php?id=2213
2. http://bugs.endian.com/view.php?id=1438
3. http://bugs.endian.com/view.php?id=2526
4. http://bugs.endian.com/view_all_bug_page.php
5. http://bugs.endian.com/roadmap_page.php

[Steve]

Does the failover system work if Endian does the dialing instead of the modem?

[Argen]

Any updates on this? Does it work on 2.5.1?

This topic seems to be VERY popular! 

[Kajowas]

I'm trying to add load balancing to EFW 2.5.1 Community and I'm in the middle of the way.

I managed to get it working adding a new script like this one:

route del default

ip route add default scope global \
   nexthop via 192.168.1.1 dev eth0 weight 4 \
   nexthop via 192.168.2.1 dev eth2 weight 10

and manually running it from shell.

So that the command "ip route" show me the two hop with weighted links.

But at this point I cannot made it start automatically at boot...

How can I made the script run at startup on EFW 2.5.1 ?? It should run after everything else has terminated, because running manually from the shell after every re-boot it does work!

[jeremycald]

As far as I know the only thing you need to do is add policies and it takes care of the rest. We've never installed any scripts or done anything from the command-line.

We've been running two connections since 2.4 and had no problems.

[Kajowas]

As far as I know the only thing you need to do is add policies and it takes care of the rest. We've never installed any scripts or done anything from the command-line.

We've been running two connections since 2.4 and had no problems.

Ok, so I have no idea of what policies I have to add in order to allows both WAN in a "round robin" mood.

Can you help me ?

[Kajowas]

 
I managed to get the script running at startup !!! And now it seems to work !!

I simply edited the file  /etc/rc.d/rc.ipac in this way:

echo "Setting up ip accounting"
/etc/rc.d/helper/writeipac.pl
/usr/sbin/fetchipac -S

echo "Starting user scripts"
/etc/rc.d/init.d/dual_wan_balance.sh

exit 0

As you see I added the line
 /etc/rc.d/init.d/dual_wan_balance.sh
before the exit 0
So that it launch my script from /etc/rc.d/init.d/

I added some beep and sleep to my script be sure it get launched and now on every reboot it starts!

So my dual_wan_balance.sh is now

#!/bin/sh
echo "Settings dual wan load balancing"

route del default

beep -f 880
beep -f 440
beep -f 220

sleep 1

ip route add default scope global \
   nexthop via 192.168.2.1 dev eth2 weight 10 \
   nexthop via 192.168.1.1 dev eth0 weight 4

beep -f 220
beep -f 440
beep -f 880

Now the next thing is to get acpi working  

[Kajowas]

Ok guys, there's just another problem!!
Whenever one the wan uplinks goes down, the route with weights is no more valid.

So I modified a bit more my script just to check my two WAN connection (using ping), then, when I know which WAN is alive I could modify the route policy according to the WANs status.

Here's the script: (I've not parameterized it, but anyone more expert than me could)

#!/bin/sh
echo "Settings dual wan load balancing"

WAN1_IF=eth2
WAN1_CHECK_IP=8.8.8.8
WAN1_GATEWAY=192.168.2.1
WAN1_WEIGHT=10

WAN2_IF=eth0
WAN2_CHECK_IP=8.8.8.8
WAN2_GATEWAY=192.168.1.1
WAN2_WEIGHT=4

PING_TIMEOUT=5
PING_TRIALS=1

ping -W $PING_TIMEOUT -I $WAN1_IF -c $PING_TRIALS $WAN1_CHECK_IP >/dev/null 2>&1
RETVAL1=$?
if [ $RETVAL1 -ne 0 ]; then
   beep -f 220
   echo "WAN1 inactive"
   WAN1_ACTIVE=0
else
   beep -f 880
   echo "WAN1 active"
   WAN1_ACTIVE=1
fi

sleep 1

ping -W $PING_TIMEOUT -I $WAN2_IF -c $PING_TRIALS $WAN2_CHECK_IP  >/dev/null 2>&1
RETVAL0=$?
if [ $RETVAL0 -ne 0 ]; then
   beep -f 220
   echo "WAN2 inactive"
   WAN2_ACTIVE=0
else
   beep -f 880
   echo "WAN2 active"
   WAN2_ACTIVE=1
fi

sleep 1

beep -f 880
beep -f 440
beep -f 220

route del default
sleep 1

if [ $WAN1_ACTIVE == 1 ] && [ $WAN2_ACTIVE == 1 ]; then
   echo "Both WAN active"
   ip route add default scope global \
      nexthop via $WAN1_GATEWAY dev $WAN1_IF weight $WAN1_WEIGHT \
      nexthop via $WAN2_GATEWAY dev $WAN2_IF weight $WAN2_WEIGHT

elif [ $WAN1_ACTIVE == 1 ] && [ $WAN2_ACTIVE == 0 ]; then
   echo "Only WAN1 active"
   ip route add default scope global \
      nexthop via $WAN1_GATEWAY dev $WAN1_IF weight $WAN1_WEIGHT \

elif [ $WAN1_ACTIVE == 0 ] && [ $WAN2_ACTIVE == 1 ]; then
   echo "Only WAN2 ACTIVE"
   ip route add default scope global \
      nexthop via $WAN2_GATEWAY dev $WAN2_IF weight $WAN2_WEIGHT

elif [ $WAN1_ACTIVE == 0 ] && [ $WAN2_ACTIVE == 0 ]; then
   echo "No WAN active"
fi
   
beep -f 220
beep -f 440
beep -f 880

The great thing is that adding the call to that script in the file  /etc/rc.d/rc.ipac make it run every time that a device get inactive or active, so it reacts automatically to the status of the links!!

At this point is necessary to disable the failover for the uplinks in the UI of EFW. (because failover is embedded in my script and enabling from UI makes a weird behaviour).