dopo mesi di facazzismo mi sono deciso a mettere in respawn i miei processi OpenVPN .
[..cut /etc/inittab ..]
s1:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-A.conf
s2:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-B.conf
s3:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-C.conf
s4:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-D.conf
[..cut..]
s1:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-A.conf
s2:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-B.conf
s3:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-C.conf
s4:2345:respawn:/usr/local/sbin/openvpn --config /etc/openvpn/server-D.conf
[..cut..]
La configurazione è OK , al boot parte tutto , MA le interfacce non se la sentivano di partire. Alla fine ho trovato il disguido , questo :
[..cut /etc/openvpn/server-A.conf ..]
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log openvpn.log
;log-append /var/log/openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 4 # da mettere a 0, o abilitare il log
[..cut..]
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log openvpn.log
;log-append /var/log/openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 4 # da mettere a 0, o abilitare il log
[..cut..]
essendo che esiste del "pattume" inviato allo standard output ( STDOUT ) il processo partiva , ma non procedeva, per cui come da commento nel file di configurazione ( /etc/openvpn/server-A.conf ) o si elimina la "verbosità" e basta , oppure si abilita il log. Così da eliminare il redirect allo STDOUT .
L'opzione "verb X" serve ad aumentare / diminuire ( come scritto nella descrizione ) i messaggi generati dal programma. In questo caso ho suggerito di mettere 0 ( zero ) all'opzione pensando che chi l'utente finale sia un privato,comunque è sempre bene tenere traccia tramite log di quello che succede, soprattutto se si tratta di una vpn.
2 commenti:
i use this solution for more then 3 years for a VPN. :)
the only problem I have and I left it behind - sometimes computers can't see each other in different networks (i remember I added the right IPs to WINS servers and also did something with samba)
I suggest you to debug the lan-to-lan settings, if this never go down the problem is on the smb packages maybe the remotes drop them , but i'm not so shure about this, 'cause can be generated only if the lan-to-lan "view" doesn't work properly.
Posta un commento