How to manage a Tomato router via the CLI using Keyboard Maestro

As I wrote about a few weeks ago, I have my home network connected to the internet through a VPN router, running the Tomato firmware. Although the setup works great, I did run into two issues which I needed to detect and resolve programmatically, using Keyboard Maestro (KM):

Rebooting the router

The router frequently hangs—about once every few days—and requires a reboot. Manually logging into the web interface to click the “reboot” button gets tiresome, and so I decided to see whether I could automate this with Keyboard Maestro.

I have KM running on a Mac mini whose ethernet interface is connected to my VPN-protected LAN, and whose wifi interface is connected to my ISP’s router. The wifi interface is configured as default in the Network Settings preferences such that all internet traffic is, by default, routed through the ISP’s router. (This is to provide Slink-based remote access to my home network.)

So the first problem to solve was how to test internet access on the non-default ethernet interface? Fortunately, the gracious KM author, Peter Lewis, discovered that the ‘ping’ command supports an option (‘-b’) to specify the network interface.

Now that I could check if the router was down, the next problem to solve was programmatically rebooting it. The Tomato software, being a Linux distribution, supports SSH access, and Peter pointed out that if I install my SSH keys on the mini, KM could then login to the router without a password. That, and a little Googling, allowed me to figure out the KM text script needed to reboot the router via SSH.

Putting this all together, here’s the KM macro (configured to run every 5 minutes) I created to test if the Tomato router is down, and reboot it if so. (It’s configured to run every 5 minutes.)

Now, you might be wondering what the ROUTER_REBOOTING variable is for. Turns out, there’s another Tomato-related issue I also solved with Keyboard Maestro.

Restarting the router’s VPN client

The Tomato router supports two VPN clients, VPNClient1 and VPNClient2. I have client 2 connected to a US-based VPN server, and route my AppleTV through that, allowing me to watch content that is IP-restricted to the USA. For minimum latency, though, I have client 1 connected to a server in France, and have it configured to route all other traffic on my home network.

Problem is, when the router boots, and perhaps due to the order in which the two clients start, all traffic ends up getting routed through US-based client 2. To fix this, I just need to stop and restart client 1.

To address this problem, I created another KM macro that that checks the geo-location of my external IP address, and if it’s not “FR”—and if the router isn’t currently rebooting; hence the ROUTER_REBOOTING check—then it restarts the VPN client 1.

Agree? Disagree? What do you think?