X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@lists.alpinelinux.org Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by lists.alpinelinux.org (Postfix) with ESMTP id 441891EBFF9 for ; Wed, 22 Dec 2010 20:21:19 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbra.netvantix.net (Postfix) with ESMTP id B1F13804166 for ; Wed, 22 Dec 2010 13:21:18 -0700 (MST) X-Virus-Scanned: amavisd-new at zimbra.netvantix.net Received: from zimbra.netvantix.net ([127.0.0.1]) by localhost (zimbra.netvantix.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xpLCa+pY6kkP for ; Wed, 22 Dec 2010 13:21:13 -0700 (MST) Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181]) by zimbra.netvantix.net (Postfix) with ESMTP id E3DFB804165 for ; Wed, 22 Dec 2010 13:21:13 -0700 (MST) Date: Wed, 22 Dec 2010 13:21:13 -0700 (MST) From: Steve Fink To: Alpine-Devel Message-ID: <10450761.4579.1293049273891.JavaMail.root@zimbra.netvantix.net> In-Reply-To: <24386711.4576.1293049124082.JavaMail.root@zimbra.netvantix.net> Subject: [alpine-devel] Updated: Multiple OpenVPN Tunnels X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_4578_10426113.1293049273890" X-Originating-IP: [174.52.152.201] X-Mailer: Zimbra 6.0.3_GA_1915.RHEL4 (ZimbraWebClient - FF3.0 (Linux)/6.0.3_GA_1915.RHEL4) ------=_Part_4578_10426113.1293049273890 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Ok, I have modified the /etc/init.d/openvpn script to support both the original Gentoo symlinked style and the multiple .conf file style. The script is below. Best, Steve #!/sbin/runscript # OpenVPN start/stop script # Adapted to Gentoo by James Yonan # Modified by Steve Fink to support /etc/conf.d/openvpn # and to support multiple .conf files or Gentoo style symlinks # USAGE: # If the file openvpn.conf exists then it is assumed that you are # using the Gentoo style symlinking way of starting # # If the file openvpn.conf does not exist ie you have your files named # server.conf client.conf or anythingelse.conf then all tunnels are started # This has been modified so it does the following if no openvpn.conf # file exists: # # - Starts an OpenVPN process for each .conf file in $CONFDIR # # - If /etc/openvpn/xxx.start exists for a xxx.conf file then it executes # it before starting OpenVPN (useful for doing openvpn --mktun...). # # - If /etc/openvpn/xxx.stop exists for a xxx.conf file then it executes # it after stopping OpenVPN (useful for doing openvpn --rmtun...). # # OpenRC options opts="start stop restart" # Determine which variables to set for Gentoo symlinked or multiple .conf files if [ ! -e /etc/openvpn/openvpn.conf ]; then # Set variables for multiple .conf files # Default location of openvpn DEF_OPENVPN=/usr/sbin/openvpn # Default pid directory DEF_PIDDIR=/var/run/openvpn # Default conf directory DEF_CONFDIR=/etc/openvpn else # Set variables for Gentoo symlinked VPNDIR="/etc/openvpn" VPN="${SVCNAME#*.}" if [ -n "${VPN}" ] && [ "${SVCNAME}" != "openvpn" ]; then VPNPID="/var/run/openvpn.${VPN}.pid" else VPNPID="/var/run/openvpn.pid" fi VPNCONF="${VPNDIR}/${VPN}.conf" fi depend() { need net use dns after sshd } chkconfd() { if [ -z $PIDDIR ]; then PIDDIR=$DEF_PIDDIR einfo "No pid file directory defined in /etc/conf.d/openvpn using default $PIDDIR." fi if [ -z $OPENVPN ]; then OPENVPN=$DEF_OPENVPN einfo "No path to OpenVPN defined in /etc/conf.d/openvpn using default $OPENVPN." fi if [ -z $CONFDIR ]; then CONFDIR=$DEF_CONFDIR einfo "No config file directory defined in /etc/conf.d/openvpn using default $CONFDIR." fi } chktundev() { if [ ! -e /dev/net/tun ]; then if ! modprobe tun ; then eerror "TUN/TAP module unable to load into kernel" return 1 fi fi if [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then ebegin "Detected broken /dev/net/tun symlink, fixing..." rm -f /dev/net/tun ln -s /dev/misc/net/tun /dev/net/tun eend $? fi } start() { # Determine whether it's Gentoo symlinked or multiple .conf files if [ ! -e /etc/openvpn/openvpn.conf ]; then # Start multiple .conf files chkconfd chktundev || return 1 ebegin "Starting OpenVPN" # Load the TUN/TAP module /sbin/modprobe tun >/dev/null 2>&1 if [ ! -d $PIDDIR ]; then mkdir $PIDDIR fi cd $CONFDIR # Start every .conf file in $CONFDIR and run .start if available local errors=0 local successes=0 local retstatus=0 for c in `/bin/ls *.conf 2>/dev/null`; do VPN=${c%%.conf} ebegin "Starting VPN: $VPN" if [ -f "$VPN.start" ]; then . $VPN.start fi rm -f $PIDDIR/$VPN.pid $OPENVPN --daemon OpenVPN-$VPN --writepid $PIDDIR/$VPN.pid --config $CONFDIR/$c --cd $CONFDIR result=$? if [ $result = 0 ]; then successes=1 else errors=1 FAILED="$FAILED $VPN" fi eend $result done # Decide status based on errors/successes. # If at least one tunnel succeeded, we return success. # If some tunnels succeeded and some failed, we return success but give a warning. if [ $successes = 1 ]; then if [ $errors = 1 ]; then ewarn "The VPN$FAILED failed to start" fi else retstatus=1 if [ $errors = 0 ]; then ewarn "Note: No OpenVPN configuration files were found in $CONFDIR" fi fi eend $retstatus "Error starting OpenVPN" else # Start Gentoo symlinked openvpn.conf ebegin "Starting ${SVCNAME}" chktundev || return 1 if [ ! -e "${VPNCONF}" ]; then eend 1 "${VPNCONF} does not exist" return 1 fi local args="" # If the config file does not specify the cd option, we do # But if we specify it, we override the config option which we do not want if ! grep -q "^[ \t]*cd[ \t].*" "${VPNCONF}" ; then args="${args} --cd ${VPNDIR}" fi start-stop-daemon --start --exec /usr/sbin/openvpn --pidfile "${VPNPID}" \ -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args} eend $? "Check your logs to see why startup failed" fi } stop() { # Determine if it's Gentoo symlinked or multiple .conf files if [ ! -e /etc/openvpn/openvpn.conf ]; then # Stop multiple .conf files ebegin "Stopping OpenVPN" for PIDF in `find $PIDDIR -name '*.pid' 2>/dev/null`; do if [ -s $PIDF ]; then VPN=${PIDF%%.pid} VPN=${VPN##$PIDDIR/} einfo "Stopping VPN: $VPN ..." kill `cat $PIDF` >/dev/null 2>&1 if [ -f "${CONFDIR}/${VPN}.stop" ]; then . ${CONFDIR}/${VPN}.stop fi eend $? rm -rf $PIDF >/dev/null 2>&1 if [ `ls -A "$PIDDIR"|wc -w` = 0 ]; then rm -rf "$PIDDIR" fi fi done eend 0 else # Stop Gentoo symlinked ebegin "Stopping ${SVCNAME}" start-stop-daemon --stop --exec /usr/sbin/openvpn --pidfile "${VPNPID}" eend $? fi } ------=_Part_4578_10426113.1293049273890 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <= div style=3D'font-family: Times New Roman; font-size: 12pt; color: #000000'= >Ok, I have modified the /etc/init.d/openvpn script to support both the ori= ginal Gentoo symlinked style and the multiple .conf file style.

The = script is below.

Best,

Steve

#!/sbin/runscript

= # OpenVPN start/stop script
# Adapted to Gentoo by James Yonan
# Modi= fied by Steve Fink to support /etc/conf.d/openvpn
# and to support multi= ple .conf files or Gentoo style symlinks

# USAGE:
# If the file o= penvpn.conf exists then it is assumed that you are
# using the Gentoo st= yle symlinking way of starting
#
# If the file openvpn.conf does not = exist ie you have your files named
# server.conf client.conf or anything= else.conf then all tunnels are started

# This has been modified so i= t does the following if no openvpn.conf
# file exists:
#
# - Start= s an OpenVPN process for each .conf file in $CONFDIR
#
# - If /etc/op= envpn/xxx.start exists for a xxx.conf file then it executes
#  = ; it before starting OpenVPN (useful for doing openvpn --mktun...).
## - If /etc/openvpn/xxx.stop exists for a xxx.conf file then it executes#   it after stopping OpenVPN (useful for doing openvpn --rmtun= ...).
#

# OpenRC options
opts=3D"start stop restart"

# = Determine which variables to set for Gentoo symlinked or multiple .conf fil= es
if [ ! -e /etc/openvpn/openvpn.conf ]; then
    # S= et variables for multiple .conf files
    # Default locat= ion of openvpn
    DEF_OPENVPN=3D/usr/sbin/openvpn
    # Default pid directory
    DEF_PIDDI= R=3D/var/run/openvpn

    # Default conf directory
=     DEF_CONFDIR=3D/etc/openvpn
else
   = # Set variables for Gentoo symlinked
    VPNDIR=3D"/etc/= openvpn"
    VPN=3D"${SVCNAME#*.}"
    = if [ -n "${VPN}" ] && [ "${SVCNAME}" !=3D "openvpn" ]; then
&nbs= p;       VPNPID=3D"/var/run/openvpn.${VPN}.pid"    else
        VPNPID=3D= "/var/run/openvpn.pid"
    fi
    VPNCO= NF=3D"${VPNDIR}/${VPN}.conf"
fi

depend() {
    = need net
    use dns
    after sshd
= }

chkconfd() {
    if [ -z $PIDDIR ]; then
&nbs= p;       PIDDIR=3D$DEF_PIDDIR
  =       einfo "No pid file directory defined in /etc= /conf.d/openvpn using default $PIDDIR."
    fi
 &= nbsp;  if [ -z $OPENVPN ]; then
      = ;  OPENVPN=3D$DEF_OPENVPN
       = ; einfo "No path to OpenVPN defined in /etc/conf.d/openvpn using default $O= PENVPN."
    fi
    if [ -z $CONFDIR ];= then
        CONFDIR=3D$DEF_CONFDIR<= br>        einfo "No config file directo= ry defined in /etc/conf.d/openvpn using default $CONFDIR."
  &= nbsp; fi
   
}

chktundev() {
  &n= bsp; if [ ! -e /dev/net/tun ]; then
       = ; if ! modprobe tun ; then
         &= nbsp;  eerror "TUN/TAP module unable to load into kernel"
 &nb= sp;          return 1
  &nb= sp;     fi
    fi
    if= [ -h /dev/net/tun ] && [ -c /dev/misc/net/tun ]; then
 &nb= sp;      ebegin "Detected broken /dev/net/tun symlink, = fixing..."
        rm -f /dev/net/tun
&= nbsp;       ln -s /dev/misc/net/tun /dev/net/tun        eend $?
    fi}

start() {

    # Determine whether it's Gent= oo symlinked or multiple .conf files
    if [ ! -e /etc/o= penvpn/openvpn.conf ]; then
        # Star= t multiple .conf files
        chkconfd        chktundev || return 1
  = ;      ebegin "Starting OpenVPN"

  &nb= sp;         # Load the TUN/TAP module
&nbs= p;           /sbin/modprobe tun >= ;/dev/null 2>&1

         &= nbsp;  if [ ! -d  $PIDDIR ]; then
    &nbs= p;           mkdir $PIDDIR
 = ;           fi

  &= nbsp;     cd $CONFDIR

      =       # Start every .conf file in $CONFDIR and run .sta= rt if available
           = local errors=3D0
          &nbs= p; local successes=3D0
          = ;  local retstatus=3D0
         =    for c in `/bin/ls *.conf 2>/dev/null`; do
  &n= bsp;             VPN=3D${= c%%.conf}
           &= nbsp;    ebegin "Starting VPN: $VPN"
    &= nbsp;           if [ -f "$VPN.start= " ]; then
           &= nbsp;        . $VPN.start
  &nbs= p;             fi
&nbs= p;              = ; rm -f $PIDDIR/$VPN.pid
        = ;        $OPENVPN --daemon OpenVPN-$VPN --writepid= $PIDDIR/$VPN.pid --config $CONFDIR/$c --cd $CONFDIR
   &= nbsp;            result=3D$?             =   if [ $result =3D 0 ]; then
      &= nbsp;             success= es=3D1
           &nbs= p;    else
        &nb= sp;           errors=3D1
 &= nbsp;          FAILED=3D"$FAILED $VPN"             =   fi
           =      eend $result
        d= one

        # Decide status based on e= rrors/successes.
           = ; # If at least one tunnel succeeded, we return success.
  &nb= sp;         # If some tunnels succeeded and s= ome failed, we return success but give a warning.
    &nb= sp;       if [ $successes =3D 1 ]; then
 &= nbsp;              i= f [ $errors =3D 1 ]; then
         &n= bsp;          ewarn "The VPN$FAILED fail= ed to start"
          &nbs= p;     fi
         &nb= sp;  else
          &n= bsp;     retstatus=3D1
     &nbs= p;          if [ $errors =3D 0 ]; then             =        ewarn "Note: No OpenVPN configuration files= were found in $CONFDIR"
        &nbs= p;       fi
      &nbs= p;     fi
         &nb= sp;  eend $retstatus "Error starting OpenVPN"
    el= se
        # Start Gentoo symlinked openvp= n.conf
        ebegin "Starting ${SVCNAME= }"

        chktundev || return 1
        if [ ! -e "${VPNCONF}" ]; then
&= nbsp;           eend 1 "${VPNCONF} = does not exist"
           = return 1
        fi

  &n= bsp;     local args=3D""
      &= nbsp; # If the config file does not specify the cd option, we do
 &= nbsp;      # But if we specify it, we override the conf= ig option which we do not want
        if = ! grep -q "^[ \t]*cd[ \t].*" "${VPNCONF}" ; then
    &nbs= p;       args=3D"${args} --cd ${VPNDIR}"
 =        fi
   
  &n= bsp;     start-stop-daemon --start --exec /usr/sbin/openvpn = --pidfile "${VPNPID}" \
         &nbs= p;  -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}        eend $? "Check your logs to see why= startup failed"
    fi
}

stop() {
 &nb= sp;  # Determine if it's Gentoo symlinked or multiple .conf files
&= nbsp;   if [ ! -e /etc/openvpn/openvpn.conf ]; then
 &nbs= p;      # Stop multiple .conf files
  &nbs= p;     ebegin "Stopping OpenVPN"
     = ;   for PIDF in `find $PIDDIR -name '*.pid' 2>/dev/null`; do            if [ -s $PI= DF ]; then
           =      VPN=3D${PIDF%%.pid}
     &n= bsp;          VPN=3D${VPN##$PI= DDIR/}
           &nbs= p;    einfo "Stopping VPN: $VPN ..."
    &= nbsp;           kill `cat= $PIDF` >/dev/null 2>&1
       &= nbsp;        if [ -f "${CONFDIR}/${VPN}.= stop" ]; then
          &nb= sp;         . ${CONFDIR}/${VPN}.sto= p
            &nb= sp;   fi
         &nbs= p;      eend $?
      =           rm -rf $PIDF >/de= v/null 2>&1
         &nbs= p;      if [ `ls -A "$PIDDIR"|wc -w` =3D 0 ]; then=
            &nbs= p;       rm -rf "$PIDDIR"
  &nbs= p;             fi            fi
 =        done
      &nbs= p; eend 0
    else
      &nbs= p; # Stop Gentoo symlinked
        ebegin = "Stopping ${SVCNAME}"
        start-stop-d= aemon --stop --exec /usr/sbin/openvpn --pidfile "${VPNPID}"
  =       eend $?
    fi
}


= ------=_Part_4578_10426113.1293049273890-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---