Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Services Depending on OpenVPN
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Corona688
Veteran
Veteran


Joined: 10 Jan 2004
Posts: 1204

PostPosted: Tue Aug 07, 2007 4:57 pm    Post subject: Services Depending on OpenVPN Reply with quote

Occasionally you may have services depending on OpenVPN that get cranky when OpenVPN is running but not yet connected. For instance I have tinyproxy and darkstat configured to allow connections only from my VPN, but connecting to the main server over a satellite link can take time; they're liable to get started before OpenVPN finishes. Adding the 'openvpn' dependency to these scripts doesn't always work since openvpn daemonizes before it connects.

Fortunately openvpn has an option for problems like these; when openvpn is run with --up scriptname it will run a script once it connects. We can create another runlevel for openvpn to switch into once it connects, starting the extra services.


  • Create the new runlevel
    Code:
    # Make directory for runlevel "vpn"
    mkdir /etc/runlevels/vpn
    # Add all entries from default to the vpn runlevel
    cd /etc/runlevels/default
    for FILE in * ; do rc-update add ${FILE} vpn ; done
    # Add extra services to vpn runlevel
    rc-update add darkstat vpn
    rc-update add tinyproxy vpn

  • Add it to the inittab
    Code:
    ### Add this to the tail end of /etc/inittab
    # Used by OpenVPN to start processes that depend on OpenVPN being
    # connected.  See the runlevel /etc/runlevels/vpn, the modified
    # /etc/init.d/openvpn, and the script /usr/local/sbin/vpn-notify.sh
    # Note that whatever gets added to default should also get added to
    # vpn, lest it stop when the VPN connects and switches the system
    # to runlevel VPN.
    v:b:once:/sbin/rc vpn

  • Create a script for OpenVPN to call on connection
    Code:
    nano /usr/local/sbin/vpn-notify.sh

    Code:
    #!/bin/sh
    # Contents of /usr/local/sbin/vpn-notify.sh

    # Shut down VPN-dependent services if they're already running.
    init 3
    # Start VPN-dependent sevices.
    init b
    # Optional.  Makes the server beep.
    exec beep -f 660 -l 250 -n -f 880 -l 250

    Code:
    # Set /usr/local/sbin/vpn-notify.sh executable
    chmod +x /usr/local/sbin/vpn-notify.sh

  • Modify /etc/init.d/openvpn
    Code:
    # Change
    # -- --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}
    # to:
    -- --up /usr/local/sbin/vpn-notify.sh --config "${VPNCONF}" --writepid "${VPNPID}" --daemon ${args}

  • Restart OpenVPN
    Code:
    /etc/init.d/openvpn restart
When OpenVPN connects, your system should switch to the vpn runlevel, starting the darkstat and tinyproxy services.

I welcome any comments or improvements.
_________________
Petition for Better 64-bit ATI Drivers - Sign Here
http://www.petitiononline.com/atipet/petition.html
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum