openrc-discuss

attached is my patch to solve the openvpn bridge mode. in fact this belongs
in gentoo bugzilla


On Tue, Nov 23, 2010 at 3:04 PM, Ed W <lists@xxxxxxxxxxxxxx> wrote:

>  On 10/11/2010 22:18, nivwiz@xxxxxxxxx wrote:
>
> I am running openrc 0.6.1-r1
> my problem is:
> I am using the default /etc/init.d/openvpn file.
> and here is grep tap0 /etc/conf.d/net :
>   *Quote:*
> tuntap_tap0="tap"
> config_tap0=( "null" )
> br0 bridge_add_tap0="br0"
> depend_tap0() {
> before openvpn
> }
>
> after I boot the client manages to connect to the server. I need to do
> these three things to get it all working:
> 1. ifconfig tap0 0.0.0.0
> 2. brctl addif br0 tap0
> 3. wait until I see tap0 enters forwarding state in /var/log/messages
>
>
>
> I'm not sure if this is even vaguely the correct thing, but I'm using the
> following:
>
> # config eth0
> config_eth0=( "null" )
>
> # config tap0 to bring up bridge
>
> tuntap_tap0="tap"
> config_tap0=( "null" )
> bridge_add_tap0="br0"
> rc_need_tap0="net.br0"
>
> # Config bridge to come up with just eth0
> bridge_br0="eth0"
> config_br0=( "192.168.105.4/24" )
> routes_br0=( "default via 192.168.105.254" )
> # Make the bridge depend on eth0
> #rc_need_br0="net.eth0"
>
>
> The logic is to have the openvpn stuff as a somewhat optional element of
> the bridge so that restarting it doesn't cause every bit of networking on
> the machine to restart.  It's even possible to make the eth0 component
> optional if you wish?
>
> Note that I don't currently depend on eth0 starting since the device itself
> is brought up by the kernel and I don't do any other configuration via
> openvpn.  No idea if this is "correct", but obviously if you do configure
> eth0 then you need to start that also and add the dependency.
>
> I think it's clear that the old networking stuff is quite nice, but now
> that dhcpcd is moving towards doing nearly everything with regards to
> getting devices going, there is some awkwardness in the networking scripts
> in that a lot of stuff becomes optional.  Equally many net configurations
> still need some configuration and arguably the old style network scripts are
> convenient for some of that...
>
> Perhaps someone else can add further insight on the configuration above
> though?
>
> (Actually this is slightly simplified, my real configuration uses two
> bonded devices as bond0, this is then added to the bridge along with the two
> tap connections, one for udp and one for tcp openvpn.  The above scales up
> as you would expect though)
>
> Good luck
>
> Ed W
>

Attachment: openvpn.patch
Description: Binary data