From owner-freebsd-questions@FreeBSD.ORG Sun Jul 6 20:20:55 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 134AF5A9; Sun, 6 Jul 2014 20:20:55 +0000 (UTC) Received: from vps.markoturk.info (vps.markoturk.info [109.73.172.217]) by mx1.freebsd.org (Postfix) with ESMTP id D11EF2244; Sun, 6 Jul 2014 20:20:54 +0000 (UTC) Received: by vps.markoturk.info (Postfix, from userid 1000) id 9117A674AD72; Sun, 6 Jul 2014 22:20:52 +0200 (CEST) Date: Sun, 6 Jul 2014 22:20:52 +0200 From: Marko Turk To: Mark Felder Subject: Re: 10.0-RELEASE openvpn jail with ezjail Message-ID: <20140706202052.GA17233@vps.markoturk.info> Reply-To: markoml@markoturk.info References: <20140706102642.GA13371@vps.markoturk.info> <8718a7fe8a79f3341104e5811c0ceb14@mail.feld.me> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="jI8keyz6grp/JLjh" Content-Disposition: inline In-Reply-To: <8718a7fe8a79f3341104e5811c0ceb14@mail.feld.me> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jul 2014 20:20:55 -0000 --jI8keyz6grp/JLjh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 06, 2014 at 02:28:23PM +0000, Mark Felder wrote: > July 6 2014 5:36 AM, "Marko Turk" wrote:=20 >=20 > > Hi, > >=20 > > I'm trying to create an OpenVPN jail on 10.0-RELEASE using tun device. >=20 > I have it working without issues. The only problem is that you cannot res= tart the daemon within the jail, you have to restart the jail. >=20 > host's /etc/rc.conf: >=20 > # needed for openvpn > gateway_enable=3D"YES" > cloned_interfaces=3D"tun0" >=20 > in my ezjail openvpn config: >=20 > export jail_openvpn_exec_prestart0=3D"ifconfig tun0 10.8.0.1 10.8.0.2 net= mask 255.255.255.0" > export jail_openvpn_exec_prestart1=3D"route add -net 10.8.0.0/24 10.8.0.2" >=20 >=20 > That should get you pointed in the right direction. Thanks, that worked. Is the multi0 method deprecated in 10.0-RELEASE or is there a problem with new jail configuration file? Regards, Marko --jI8keyz6grp/JLjh Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJTua+jAAoJEJXL/ReD3UkFE48P/jmzOaBJ0yEFHpu89yx1caCD nBhJULatNKFA9SHTSuBx4gz6vTCGJ6VK1obGhJQpr+WtfG2v8w6Bwf4HZY4c14kY xMhEXW8QoOfmcxQKAQaRXeVJSjyg29a2B01kmmyp3pall9bRtr7ai/Nt1d09BSsq hygLl0SBu57xRPaxIWJnmfi02/l1dCv7zv2nx83i3KQ2wzslqsAiYjwTiYkZsjH1 bcxYO3cNlrgf0LcKr1N9yRsvpOYVlOVbEzXbe84rfcZ6FiFXLUjDnf8cBoiVzGX4 aao2YPoM2124Mdm0+GDWUOzBx1vr80fHr5lI8edJdFxKaOMh8UqktQETMt/3oZV2 XrzSrYi01PdfLZ7RwYwWAImQlegCVzo0yGEuD5Yk8elgGA1z44aGf0/nX/xPL5us Y5HrVPHO+09mQlii+mt1+JdQlLYADwYsUm1ic5MrVmHBknNcDd/92RsWv3My91lq xlTNVeg3yRDv0otE/C+L+xbBj99y2ZwYrPe8DqMXckOiV9chSR3tXtH7s0zxvoq8 xuR2Ms10dHuaf6MpCHy9Pz4QbSQEd72BEogtTLKCukuvH3wEKbSw/EROvzHQB+pr h+GKb/ai4iCjXcOO9ZKDXn2REAoUjEnAofB95+G5pT2NkNa+nQK+OUVzKf67FLp7 3Hwjo+y2jnobUoz1bLS8 =+Qra -----END PGP SIGNATURE----- --jI8keyz6grp/JLjh--