How to Start OpenVPN?
Calvin Hendryx-Parker
calvin at sixfeetup.com
Tue Jun 28 00:07:17 GMT 2005
Here is a copy of the one I have modified to work.
Calvin
--
S i x F e e t U p | "Nowhere to go but open-source"
Silicon Valley: +1 (650) 401-8579 | Midwest: +1 (317) 861-5948
Toll-Free: 1-866-SIX-FEET
mailto:calvin at sixfeetup.com
http://www.sixfeetup.com | Zope Hosting from $19.95/month
-------------- next part --------------
#!/bin/sh
#
# openvpn This shell script takes care of starting and stopping
# openvpn on FreeBSD
#
# description: OpenVPN is a robust and highly flexible tunneling application that
# uses all of the encryption, authentication, and certification features
# of the OpenSSL library to securely tunnel IP networks over a single
# UDP port.
#
# Contributed to the OpenVPN project by
# Douglas Keller <doug at voidstar.dyndns.org>
# 2002.05.15
# FreeBSD version by Mikhail Levin <m_levin_99 at yahoo.com>
# 2005.01.20
# The init script does the following:
#
# - Starts an openvpn process for each .conf file it finds in
# /usr/local/etc/openvpn/config
#
# - If /usr/local/etc/openvpn/config/xxx.sh exists for a xxx.conf file then it executes
# it before starting openvpn (useful for doing openvpn --mktun...).
#
# - In addition to start/stop you can do:
#
# /usr/local/etc/rc.d/openvpn.sh reload - SIGHUP
# /usr/local/etc/rc.d/openvpn.sh reopen - SIGUSR1
# /usr/local/etc/rc.d/openvpn.sh status - SIGUSR2
# Modifications 2003.05.02
# * Changed == to = for sh compliance (Bishop Clark).
# * If condrestart|reload|reopen|status, check that we were
# actually started (James Yonan).
# * Added lock, piddir, and work variables (James Yonan).
# * If start is attempted twice, without an intervening stop, or
# if start is attempted when previous start was not properly
# shut down, then kill any previously started processes, before
# commencing new start operation (James Yonan).
# * Do a better job of flagging errors on start, and properly
# returning success or failure status to caller (James Yonan).
# Location of openvpn binary
openvpn="/usr/local/sbin/openvpn"
# Lockfile
lock="/var/run/lock.openvpn"
# PID directory
piddir="/var/run"
# Our working directory
work=/usr/local/etc/openvpn/config
# Check that binary exists
if ! [ -f $openvpn ]
then
echo 'openvpn binary not found'
exit 0
fi
# See how we were called.
case "$1" in
start)
echo -n 'Starting openvpn: '
echo -n 'if_tap '
kldload if_tap
echo ''
if [ -f $lock ]
then
echo -n '(we were not shut down correctly) '
for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
do
if [ -s $pidf ]
then
kill `cat $pidf` >/dev/null 2>&1
fi
rm -f $pidf
done
rm -f $lock
sleep 2
fi
rm -f $piddir/openvpn.*.pid
cd $work
# Start every .conf in $work and run .sh if exists
errors=0
successes=0
for c in `/bin/ls *.conf 2>/dev/null`
do
bn=${c%%.conf}
if [ -f "$bn.sh" ]
then
. $bn.sh
fi
rm -f $piddir/openvpn.$bn.pid
$openvpn --daemon --writepid $piddir/openvpn.$bn.pid --config $c --cd $work
if [ $? = 0 ]
then
successes=1
else
errors=1
fi
done
if [ $errors = 1 ]
then
echo 'failure'
else
echo 'success'
fi
if [ $successes = 1 ]
then
touch $lock
fi
;;
stop)
echo -n 'Shutting down openvpn: '
for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
do
if [ -s $pidf ]
then
kill `cat $pidf` >/dev/null 2>&1
fi
rm -f $pidf
done
echo -n 'success'
rm -f $lock
echo -n ' if_tap'
kldunload if_tap
echo ''
;;
restart)
$0 stop
sleep 2
$0 start
;;
reload)
if [ -f $lock ]
then
for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
do
if [ -s $pidf ]
then
kill -HUP `cat $pidf` >/dev/null 2>&1
fi
done
else
echo 'openvpn: service not started'
exit 1
fi
;;
reopen)
if [ -f $lock ]
then
for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
do
if [ -s $pidf ]
then
kill -USR1 `cat $pidf` >/dev/null 2>&1
fi
done
else
echo 'openvpn: service not started'
exit 1
fi
;;
condrestart)
if [ -f $lock ]
then
$0 stop
# avoid race
sleep 2
$0 start
fi
;;
status)
if [ -f $lock ]
then
for pidf in `/bin/ls $piddir/openvpn.*.pid 2>/dev/null`
do
if [ -s $pidf ]
then
kill -USR2 `cat $pidf` >/dev/null 2>&1
fi
done
echo 'Status written to /var/log/messages'
tail -n 3 /var/log/messages
else
echo 'openvpn: service not started'
exit 1
fi
;;
*)
echo 'Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}'
exit 1
;;
esac
exit 0
More information about the freebsd-questions
mailing list