Date: Fri, 26 Jan 2007 15:53:52 +0300 (MSK) From: Denis Shaposhnikov <dsh@vlink.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/108371: Update port: security/openvpn (add profiles support to startup) Message-ID: <200701261253.l0QCrqkU010799@neva.vlink.ru> Resent-Message-ID: <200701261300.l0QD0Zcc035895@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 108371 >Category: ports >Synopsis: Update port: security/openvpn (add profiles support to startup) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Jan 26 13:00:34 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Denis Shaposhnikov >Release: FreeBSD 7.0-CURRENT i386 >Organization: >Environment: System: FreeBSD neva.vlink.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Thu Jan 4 15:33:39 MSK 2007 dsh@neva.vlink.ru:/var/FreeBSD/obj/var/FreeBSD/src/sys/MYNERIC i386 >Description: This patch add ability to run several instances of the openvpn to the startup script. In my situation I use openvpn via UDP mainly but some of my collegs can use TCP only so I have to run second instance of the openvpn. >How-To-Repeat: >Fix: --- openvpn.orig/files/openvpn.sh.in Fri Jan 26 14:18:49 2007 +++ openvpn/files/openvpn.sh.in Fri Jan 26 14:16:25 2007 @@ -44,6 +44,18 @@ # file and directory where keys and certificates reside differ from the above # settings. # +# Add "openvpn_profiles" to run several instances of the openvpn with +# different parameters. Consider the following example: +# +# openvpn_enable="YES" +# openvpn_profiles="def tcp" +# openvpn_tcp_configfile="/usr/local/etc/openvpn/openvpn_tcp.conf" +# openvpn_tcp_pidfile="/var/run/openpvn_tcp.pid" +# +# This will run two instances of the openvpn with parameters taken +# from appropriate openvpn_PROFILENAME_xxx variables. For unspecified +# parameters openvpn_xxx varialbes will be used. +# # Note that we deliberately refrain from unloading drivers. # # For further documentation, please see openvpn(8). @@ -78,6 +90,36 @@ rm -f "$pidfile" || warn "Could not remove $pidfile." } +setup_profile_vars() +{ + name=openvpn_$1 + eval ": \${openvpn_${1}_configfile=${openvpn_configfile}}" + eval ": \${openvpn_${1}_dir=${openvpn_dir}}" + eval ": \${openvpn_${1}_flags=${openvpn_flags}}" + eval ": \${openvpn_${1}_pidfile=${pidfile}}" + eval "pidfile=\"\${openvpn_${1}_pidfile}\"" + eval "required_files=\"\${openvpn_${1}_configfile}\"" + eval "command_args=\"--cd \${openvpn_${1}_dir} --daemon --config \${openvpn_${1}_configfile} --writepid \${pidfile}\"" +} + +start_profiles() +{ + unset start_cmd start_precmd + for _profile in ${openvpn_profiles}; do + setup_profile_vars $_profile + run_rc_command "${rc_arg}" + done +} + +stop_profiles() +{ + unset stop_cmd + for _profile in ${openvpn_profiles}; do + setup_profile_vars $_profile + run_rc_command "${rc_arg}" + done +} + # support SIGHUP to reparse configuration file extra_commands="reload" @@ -93,11 +135,26 @@ stop_postcmd="stop_postcmd" load_rc_config ${name} + : ${openvpn_enable="NO"} : ${openvpn_flags=""} : ${openvpn_if=""} : ${openvpn_configfile="${prefix}/etc/openvpn/openvpn.conf"} : ${openvpn_dir="${prefix}/etc/openvpn"} + required_files="${openvpn_configfile}" command_args="--cd ${openvpn_dir} --daemon --config ${openvpn_configfile} --writepid ${pidfile}" -run_rc_command "$1" + +cmd="$1" +if [ $# -gt 0 ]; then + shift +fi + +[ -n "$*" ] && openvpn_profiles="$*" + +if [ "${openvpn_profiles}" ]; then + start_cmd="start_profiles" + stop_cmd="stop_profiles" +fi + +run_rc_command "$cmd" >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701261253.l0QCrqkU010799>