ports/108371: Update port: security/openvpn (add profiles support to startup)
Denis Shaposhnikov
dsh at vlink.ru
Fri Jan 26 13:00:36 UTC 2007
>Number: 108371
>Category: ports
>Synopsis: Update port: security/openvpn (add profiles support to startup)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Jan 26 13:00:34 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Denis Shaposhnikov
>Release: FreeBSD 7.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Thu Jan 4 15:33:39 MSK 2007 dsh at neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/MYNERIC i386
>Description:
This patch add ability to run several instances of the openvpn to the
startup script. In my situation I use openvpn via UDP mainly but some
of my collegs can use TCP only so I have to run second instance of the
openvpn.
>How-To-Repeat:
>Fix:
--- openvpn.orig/files/openvpn.sh.in Fri Jan 26 14:18:49 2007
+++ openvpn/files/openvpn.sh.in Fri Jan 26 14:16:25 2007
@@ -44,6 +44,18 @@
# file and directory where keys and certificates reside differ from the above
# settings.
#
+# Add "openvpn_profiles" to run several instances of the openvpn with
+# different parameters. Consider the following example:
+#
+# openvpn_enable="YES"
+# openvpn_profiles="def tcp"
+# openvpn_tcp_configfile="/usr/local/etc/openvpn/openvpn_tcp.conf"
+# openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid"
+#
+# This will run two instances of the openvpn with parameters taken
+# from appropriate openvpn_PROFILENAME_xxx variables. For unspecified
+# parameters openvpn_xxx varialbes will be used.
+#
# Note that we deliberately refrain from unloading drivers.
#
# For further documentation, please see openvpn(8).
@@ -78,6 +90,36 @@
rm -f "$pidfile" || warn "Could not remove $pidfile."
}
+setup_profile_vars()
+{
+ name=openvpn_$1
+ eval ": \${openvpn_${1}_configfile=${openvpn_configfile}}"
+ eval ": \${openvpn_${1}_dir=${openvpn_dir}}"
+ eval ": \${openvpn_${1}_flags=${openvpn_flags}}"
+ eval ": \${openvpn_${1}_pidfile=${pidfile}}"
+ eval "pidfile=\"\${openvpn_${1}_pidfile}\""
+ eval "required_files=\"\${openvpn_${1}_configfile}\""
+ eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\""
+}
+
+start_profiles()
+{
+ unset start_cmd start_precmd
+ for _profile in ${openvpn_profiles}; do
+ setup_profile_vars $_profile
+ run_rc_command "${rc_arg}"
+ done
+}
+
+stop_profiles()
+{
+ unset stop_cmd
+ for _profile in ${openvpn_profiles}; do
+ setup_profile_vars $_profile
+ run_rc_command "${rc_arg}"
+ done
+}
+
# support SIGHUP to reparse configuration file
extra_commands="reload"
@@ -93,11 +135,26 @@
stop_postcmd="stop_postcmd"
load_rc_config ${name}
+
: ${openvpn_enable="NO"}
: ${openvpn_flags=""}
: ${openvpn_if=""}
: ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"}
: ${openvpn_dir="${prefix}/etc/openvpn"}
+
required_files="${openvpn_configfile}"
command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}"
-run_rc_command "$1"
+
+cmd="$1"
+if [ $# -gt 0 ]; then
+ shift
+fi
+
+[ -n "$*" ] && openvpn_profiles="$*"
+
+if [ "${openvpn_profiles}" ]; then
+ start_cmd="start_profiles"
+ stop_cmd="stop_profiles"
+fi
+
+run_rc_command "$cmd"
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list