Date: Mon, 27 Jun 2005 19:01:29 -0500 From: Calvin Hendryx-Parker <calvin@sixfeetup.com> To: freebsd-questions@freebsd.org Subject: Re: How to Start OpenVPN? Message-ID: <d9q3jc$h0r$1@sea.gmane.org> In-Reply-To: <42C0863D.2000003@mykitchentable.net> References: <42C0863D.2000003@mykitchentable.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------010600050401030400000806 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Here is a copy of the one I have modified to work. Calvin -- S i x F e e t U p | "Nowhere to go but open-source" Silicon Valley: +1 (650) 401-8579 | Midwest: +1 (317) 861-5948 Toll-Free: 1-866-SIX-FEET mailto:calvin@sixfeetup.com http://www.sixfeetup.com | Zope Hosting from $19.95/month --------------010600050401030400000806 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="openvpn.sh" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="openvpn.sh" #!/bin/sh # # openvpn This shell script takes care of starting and stopping # openvpn on FreeBSD # # description: OpenVPN is a robust and highly flexible tunneling application that # uses all of the encryption, authentication, and certification features # of the OpenSSL library to securely tunnel IP networks over a single # UDP port. # # Contributed to the OpenVPN project by # Douglas Keller <doug@voidstar.dyndns.org> # 2002.05.15 # FreeBSD version by Mikhail Levin <m_levin_99@yahoo.com> # 2005.01.20 # The init script does the following: # # - Starts an openvpn process for each .conf file it finds in # /usr/local/etc/openvpn/config # # - If /usr/local/etc/openvpn/config/xxx.sh exists for a xxx.conf file then it executes # it before starting openvpn (useful for doing openvpn --mktun...). # # - In addition to start/stop you can do: # # /usr/local/etc/rc.d/openvpn.sh reload - SIGHUP # /usr/local/etc/rc.d/openvpn.sh reopen - SIGUSR1 # /usr/local/etc/rc.d/openvpn.sh status - SIGUSR2 # Modifications 2003.05.02 # * Changed == to = for sh compliance (Bishop Clark). # * If condrestart|reload|reopen|status, check that we were # actually started (James Yonan). # * Added lock, piddir, and work variables (James Yonan). # * If start is attempted twice, without an intervening stop, or # if start is attempted when previous start was not properly # shut down, then kill any previously started processes, before # commencing new start operation (James Yonan). # * Do a better job of flagging errors on start, and properly # returning success or failure status to caller (James Yonan). # Location of openvpn binary openvpn="/usr/local/sbin/openvpn" # Lockfile lock="/var/run/lock.openvpn" # PID directory piddir="/var/run" # Our working directory work=/usr/local/etc/openvpn/config # Check that binary exists if ! [ -f $openvpn ] then echo 'openvpn binary not found' exit 0 fi # See how we were called. case "$1" in start) echo -n 'Starting openvpn: ' echo -n 'if_tap ' kldload if_tap echo '' if [ -f $lock ] then echo -n '(we were not shut down correctly) ' for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null` do if [ -s $pidf ] then kill `cat $pidf` >/dev/null 2>&1 fi rm -f $pidf done rm -f $lock sleep 2 fi rm -f $piddir/openvpn.*.pid cd $work # Start every .conf in $work and run .sh if exists errors=0 successes=0 for c in `/bin/ls *.conf 2>/dev/null` do bn=${c%%.conf} if [ -f "$bn.sh" ] then . $bn.sh fi rm -f $piddir/openvpn.$bn.pid $openvpn --daemon --writepid $piddir/openvpn.$bn.pid --config $c --cd $work if [ $? = 0 ] then successes=1 else errors=1 fi done if [ $errors = 1 ] then echo 'failure' else echo 'success' fi if [ $successes = 1 ] then touch $lock fi ;; stop) echo -n 'Shutting down openvpn: ' for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null` do if [ -s $pidf ] then kill `cat $pidf` >/dev/null 2>&1 fi rm -f $pidf done echo -n 'success' rm -f $lock echo -n ' if_tap' kldunload if_tap echo '' ;; restart) $0 stop sleep 2 $0 start ;; reload) if [ -f $lock ] then for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null` do if [ -s $pidf ] then kill -HUP `cat $pidf` >/dev/null 2>&1 fi done else echo 'openvpn: service not started' exit 1 fi ;; reopen) if [ -f $lock ] then for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null` do if [ -s $pidf ] then kill -USR1 `cat $pidf` >/dev/null 2>&1 fi done else echo 'openvpn: service not started' exit 1 fi ;; condrestart) if [ -f $lock ] then $0 stop # avoid race sleep 2 $0 start fi ;; status) if [ -f $lock ] then for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null` do if [ -s $pidf ] then kill -USR2 `cat $pidf` >/dev/null 2>&1 fi done echo 'Status written to /var/log/messages' tail -n 3 /var/log/messages else echo 'openvpn: service not started' exit 1 fi ;; *) echo 'Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}' exit 1 ;; esac exit 0 --------------010600050401030400000806--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d9q3jc$h0r$1>