From owner-freebsd-questions@FreeBSD.ORG  Tue Jun 28 00:07:17 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 14B0B16A427
	for <freebsd-questions@freebsd.org>;
	Tue, 28 Jun 2005 00:07:17 +0000 (GMT)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 903EA43D49
	for <freebsd-questions@freebsd.org>;
	Tue, 28 Jun 2005 00:07:16 +0000 (GMT)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from root by ciao.gmane.org with local (Exim 4.43)
	id 1Dn3WK-00060e-G6
	for freebsd-questions@freebsd.org; Tue, 28 Jun 2005 02:00:08 +0200
Received: from rrcs-24-123-25-236.central.biz.rr.com ([24.123.25.236])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Tue, 28 Jun 2005 02:00:08 +0200
Received: from calvin by rrcs-24-123-25-236.central.biz.rr.com with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Tue, 28 Jun 2005 02:00:08 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Calvin Hendryx-Parker <calvin@sixfeetup.com>
Date: Mon, 27 Jun 2005 19:01:29 -0500
Lines: 244
Message-ID: <d9q3jc$h0r$1@sea.gmane.org>
References: <42C0863D.2000003@mykitchentable.net>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------010600050401030400000806"
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: rrcs-24-123-25-236.central.biz.rr.com
User-Agent: Mozilla Thunderbird 1.0.2 (Macintosh/20050317)
X-Accept-Language: en-us, en
In-Reply-To: <42C0863D.2000003@mykitchentable.net>
Sender: news <news@sea.gmane.org>
Subject: Re: How to Start OpenVPN?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2005 00:07:17 -0000

This is a multi-part message in MIME format.
--------------010600050401030400000806
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Here is a copy of the one I have modified to work.

Calvin
-- 
S i x  F e e t  U p  |  "Nowhere to go but open-source"
Silicon Valley: +1 (650) 401-8579  |  Midwest: +1 (317) 861-5948
Toll-Free: 1-866-SIX-FEET
mailto:calvin@sixfeetup.com
http://www.sixfeetup.com  |  Zope Hosting from $19.95/month

--------------010600050401030400000806
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="openvpn.sh"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="openvpn.sh"

#!/bin/sh
#
# openvpn       This shell script takes care of starting and stopping
#               openvpn on FreeBSD
#
# description: OpenVPN is a robust and highly flexible tunneling application that
#              uses all of the encryption, authentication, and certification features
#              of the OpenSSL library to securely tunnel IP networks over a single
#              UDP port.
#

# Contributed to the OpenVPN project by
# Douglas Keller <doug@voidstar.dyndns.org>
# 2002.05.15
# FreeBSD version by Mikhail Levin <m_levin_99@yahoo.com>
# 2005.01.20

# The init script does the following:
#
# - Starts an openvpn process for each .conf file it finds in
#   /usr/local/etc/openvpn/config
#
# - If /usr/local/etc/openvpn/config/xxx.sh exists for a xxx.conf file then it executes
#   it before starting openvpn (useful for doing openvpn --mktun...).
#
# - In addition to start/stop you can do:
#
#   /usr/local/etc/rc.d/openvpn.sh reload - SIGHUP
#   /usr/local/etc/rc.d/openvpn.sh reopen - SIGUSR1
#   /usr/local/etc/rc.d/openvpn.sh status - SIGUSR2

# Modifications 2003.05.02
#   * Changed == to = for sh compliance (Bishop Clark).
#   * If condrestart|reload|reopen|status, check that we were
#     actually started (James Yonan).
#   * Added lock, piddir, and work variables (James Yonan).
#   * If start is attempted twice, without an intervening stop, or
#     if start is attempted when previous start was not properly
#     shut down, then kill any previously started processes, before
#     commencing new start operation (James Yonan).
#   * Do a better job of flagging errors on start, and properly
#     returning success or failure status to caller (James Yonan).

# Location of openvpn binary
openvpn="/usr/local/sbin/openvpn"

# Lockfile
lock="/var/run/lock.openvpn"

# PID directory
piddir="/var/run"

# Our working directory
work=/usr/local/etc/openvpn/config

# Check that binary exists
if ! [ -f  $openvpn ] 
then
  echo 'openvpn binary not found'
  exit 0
fi

# See how we were called.
case "$1" in

 start)
  echo -n 'Starting openvpn: '

  echo -n 'if_tap '
  kldload if_tap
  echo ''

  if [ -f $lock ]
  then
   echo -n '(we were not shut down correctly) '

   for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
   do
    if [ -s $pidf ]
    then
     kill `cat $pidf` >/dev/null 2>&1
    fi
    rm -f $pidf
   done

   rm -f $lock
   sleep 2
  fi

  rm -f $piddir/openvpn.*.pid
  cd $work

  # Start every .conf in $work and run .sh if exists

  errors=0
  successes=0

  for c in `/bin/ls *.conf 2>/dev/null`
  do
   bn=${c%%.conf}
   if [ -f "$bn.sh" ]
   then
    . $bn.sh
   fi

   rm -f $piddir/openvpn.$bn.pid
   $openvpn --daemon --writepid $piddir/openvpn.$bn.pid --config $c --cd $work
   if [ $? = 0 ]
   then
    successes=1
   else
    errors=1
   fi
  done
  
  if [ $errors = 1 ]
  then
   echo 'failure'
  else
   echo 'success'
  fi

  if [ $successes = 1 ]
  then
   touch $lock
  fi
  ;;

 stop)
  echo -n 'Shutting down openvpn: '

  for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
  do
   if [ -s $pidf ]
   then
    kill `cat $pidf` >/dev/null 2>&1
   fi
   rm -f $pidf
  done
  echo -n 'success'
  rm -f $lock
  echo -n ' if_tap'
  kldunload if_tap
  echo ''
  ;;

 restart)
  $0 stop
  sleep 2
  $0 start
  ;;

 reload)
  if [ -f $lock ]
  then
   for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
   do
    if [ -s $pidf ]
    then
     kill -HUP `cat $pidf` >/dev/null 2>&1
    fi
   done
  else
   echo 'openvpn: service not started'
   exit 1
  fi
  ;;

 reopen)
  if [ -f $lock ]
  then
   for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
   do
    if [ -s $pidf ]
    then
     kill -USR1 `cat $pidf` >/dev/null 2>&1
    fi
    done
  else
   echo 'openvpn: service not started'
   exit 1
  fi
  ;;

 condrestart)
  if [ -f $lock ]
  then
   $0 stop
   # avoid race
   sleep 2
   $0 start
  fi
  ;;

 status)
  if [ -f $lock ]
  then
   for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
   do
    if [ -s $pidf ]
    then
     kill -USR2 `cat $pidf` >/dev/null 2>&1
    fi
   done
   echo 'Status written to /var/log/messages'
   tail -n 3 /var/log/messages
  else
   echo 'openvpn: service not started'
   exit 1
  fi
  ;;

 *)
  echo 'Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}'
  exit 1
  ;;

esac

exit 0

--------------010600050401030400000806--