From owner-freebsd-questions@FreeBSD.ORG Sun Jul 6 14:28:34 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1A111BFA for ; Sun, 6 Jul 2014 14:28:34 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BD4F22691 for ; Sun, 6 Jul 2014 14:28:33 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id bad47c6f; Sun, 6 Jul 2014 09:28:24 -0500 (CDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=feld.me; h=mime-version :date:content-type:content-transfer-encoding:message-id:from :subject:to:in-reply-to:references:sender; s=blargle2; bh=R9MVdF bJ9Zjx9ZV53UjA+RvrnWM=; b=DZOjoWJ/Ox3LESjAsi8Bs8dFgmn7st+Q2dzKyt L7JtUrOLKbrcj+EsLXGWUs6TYu6zf4ZS7xbIdjYYnV6F/8UBtDb+PP4V5shbyz0v xTqOXPJ6femOO6fItcRm6cW3b0KXCUt/LDd1WVCCACdVXedZFs8WKCaFtmPZK3mn TMBglvo4TMGZnVWLmlZvCnywNoYcIwq1RXHKJKU7QcsbfItiC4vxdG6jC+Edmmkk LC7AdBpwiH2OqArv8rYK8XVxWi+VYzJRPcd7KEZ6K9Nsds9JmPSnXZNcSLA2sWn/ EGJfsdnfdrzENQzYQn71X/q8LHd4Rtv9S+ajjjhusKvB1nLA== DomainKey-Signature: a=rsa-sha1; c=nofws; d=feld.me; h=mime-version:date :content-type:content-transfer-encoding:message-id:from:subject :to:in-reply-to:references:sender; q=dns; s=blargle2; b=cPBN9uhE Jnh9OwbTnKoIQpvu4nm++8nY7OIRTk4Op+AIHvCK/7QCHtaZX6yO+RmmYqEhUCEn Q3CfB5WOzbkhM1MQB+yzicFuYlzoe2vuTR2xTbnU4NgMpSbpqqWzca8uBIzv9OiQ Jjv5c9njvgnHtN87MtTKuX4UQei6EXF6/JmYvc2I7OpcQCkudZ3PEESq1yRbeCBZ oQhfjh3/rV99gmp2rhg2dH9HW8iOnDBdliyLi6eHFeACFLIX2uQVMFM0fRpfJUAO p/8AMOCUGC5vghYhksOlnojp5mNXikF3stSUF10jzQMEH5gGryeqWyPwZpIul9r3 0IdAFkO7/TUsyQ== Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id 48b66683; Sun, 6 Jul 2014 09:28:24 -0500 (CDT) Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with esmtpa id 1404656903-4188-4185/5/14; Sun, 6 Jul 2014 14:28:23 +0000 Mime-Version: 1.0 Date: Sun, 6 Jul 2014 14:28:23 +0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Message-Id: <8718a7fe8a79f3341104e5811c0ceb14@mail.feld.me> X-Mailer: RainLoop/1.6.7.132 From: Mark Felder Subject: Re: 10.0-RELEASE openvpn jail with ezjail To: marko@markoturk.info, freebsd-questions@freebsd.org In-Reply-To: <20140706102642.GA13371@vps.markoturk.info> References: <20140706102642.GA13371@vps.markoturk.info> Sender: feld@feld.me X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2014 14:28:34 -0000 July 6 2014 5:36 AM, "Marko Turk" wrote:=20 > Hi, >=20 > I'm trying to create an OpenVPN jail on 10.0-RELEASE using tun device. I have it working without issues. The only problem is that you cannot = restart the daemon within the jail, you have to restart the jail. host's /etc/rc.conf: # needed for openvpn gateway_enable=3D"YES" cloned_interfaces=3D"tun0" in my ezjail openvpn config: export jail_openvpn_exec_prestart0=3D"ifconfig tun0 10.8.0.1 10.8.0.2 = netmask 255.255.255.0" export jail_openvpn_exec_prestart1=3D"route add -net 10.8.0.0/24 = 10.8.0.2" That should get you pointed in the right direction.