#!/sbin/runscript # OpenVPN start/stop script # Adapted to Gentoo by James Yonan # Originally Contributed to the OpenVPN project by # Douglas Keller <doug@voidstar.dyndns.org> # 2002.05.15 # This script does the following: # # - Starts an openvpn process for each .conf file it finds in # /etc/openvpn. # # - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes # it before starting openvpn (useful for doing openvpn --mktun...). # - In addition to start/stop you can do: # # service openvpn reload - SIGHUP # service openvpn reopen - SIGUSR1 # service openvpn status - SIGUSR2 # Location of openvpn binary openvpn=/usr/local/sbin/openvpn # PID directory piddir=/var/run/openvpn # Our working directory (.conf files should be here) work=/etc/openvpn # Our options opts="start stop restart condrestart" depend() { need net use dns } start() { ebegin "Starting OpenVPN" # Load the TUN/TAP module /sbin/modprobe tun >/dev/null 2>&1 if [ ! -d $piddir ]; then mkdir $piddir fi cd $work # Start every .conf in $work and run .sh if exists local errors=0 local successes=0 local retstatus=0 for c in `/bin/ls *.conf 2>/dev/null`; do bn=${c%%.conf} if [ -f "$bn.sh" ]; then . $bn.sh fi rm -f $piddir/$bn.pid $openvpn --daemon openvpn-$bn --writepid $piddir/$bn.pid --config $c --cd $work if [ $? = 0 ]; then successes=1 else errors=1 fi done # Decide status based on errors/successes. # If at least one tunnel succeeded, we return success. # If some tunnels succeeded and some failed, we return # success but give a warning. if [ $successes = 1 ]; then if [ $errors = 1 ]; then ewarn "Note: At least one OpenVPN tunnel failed to start" fi else retstatus=1 if [ $errors = 0 ]; then ewarn "Note: No OpenVPN configuration files were found in $work" fi fi eend $retstatus "Error starting OpenVPN" } stop() { ebegin "Stopping OpenVPN" for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill `cat $pidf` >/dev/null 2>&1 fi rm -f $pidf done eend 0 } # this should really be in runscript.sh started() { if [ -L "${svcdir}/started/${myservice}" ]; then return 1 else return 0 fi } # attempt to restart ONLY if we are already started condrestart() { started || restart }