[Clug-tech] OpenVPN scripting
Shawn Grover
sgrover at open2space.com
Thu Mar 12 04:15:26 PDT 2009
Hi All.
I've searched Google for quite a while on this and am not finding the
magic bullet. I'm trying to execute a script after the VPN connection
is up, and another when the connection ends.
I'm connecting manually with "openvpn --config myconfig.opvn". My
config file looks like this:
#OpenVPN Server conf
tls-client
client
dev tun
proto udp
tun-mtu 1400
remote 111.222.111.222 1194
pkcs12 /home/sgrover/Documents/vpn/mykeyfile.p12
cipher BF-CBC
verb 3
ns-cert-type server
route-up /home/sgrover/Documents/vpn/setup
down /home/sgrover/Documents/vpn/teardown
The last two lines seem like the *should* work. The setup script works
fine if I run it manually. But putting it into the config file fails.
I've tried "up" and "route-up" here with similar results. I'm seeing
the following in the output:
openvpn_execve: external program may not be called due to setting of
--script-security level
Route script failed: external program fork failed
I see this for both the up and down scripts.
I found a reference that suggested I had to "return control to openvpn
immediately after calling my script", and this hinted that the
setup/teardown scripts should call a second script then exit. I revised
my setup script to be something like this:
#!/bin/bash
/home/sgrover/Documents/vpn/doSetup &
But that made no difference.
The idea here is to mount remote directories when the VPN connection is
made, and unmount them when the VPN goes away.
Any tips/suggestions? Thanks.
Shawn
More information about the clug-tech
mailing list