[systemd-devel] F16_64: attempt at OpenVPN server service file

Michael D. Berger m.d.berger at ieee.org
Sat Nov 26 14:39:55 PST 2011 

> -----Original Message-----
> From: Reindl Harald [mailto:h.reindl at thelounge.net] 
> Sent: Saturday, November 26, 2011 17:17
> To: Michael D. Berger
> Cc: systemd-devel at lists.freedesktop.org
> Subject: Re: [systemd-devel] F16_64: attempt at OpenVPN 
> server service file
> 
> 
> 
> Am 26.11.2011 22:36, schrieb Michael D. Berger:
> > I see you use "Restart=always".  Do I understand correctly that 
> > whenever you stop the service it will restart?  That is what "man 
> > systemd.service" says.  What if you really want to stop it, as I 
> > might?
> 
> than i type "systemctl stop whatever.service"
> 
> Restart is triggered if they process goes away and in the 
> case of "Always" this happens even if the process gives back 
> a successfull 0 like after "killall processname"
> 
So I gather that Restart is triggered only if the process
goes away ***for reasons other than a stop having been issued***.
I suggest that the man pages be modified to say that.




[...]
> because i have no idea what this does
> 
> > I have a complex iptables that must be changed a little 
> depending on 
> > whether the vpn is running.  The command "setIptVpn"
> > runs a sed to takes care of that, and obviously, iptables must be 
> > restarted whenever that is done.
> 
> why?
> 
> if the bridge and openvpn are not running the devide does not 
> exist, so why is there anything to modify in firewall rules?

The details are not important; it should work, and it idoes n my scripts
that run without systemd.

> 
> > As for restarting the network, that appears to usually (but not
> > always) be required whenever the vpn is shutdown.  If there 
> is another 
> > way to get things working after shutting down vpn, I would 
> be happy to 
> > hear it.  I tried ifdown and ifup, but it didn't work.
> > Did you try to ping google.com after your vpn starts on boot?
> > I see no difference between yours and mine that would solve that 
> > problem.  I imagine that another dependency is required.
> 
> i am not sure what excatly you are doing with openvpn
> 
> in my case i connect to the company network and all traffic 
> to company-LÖAN-IPs goes thorugh the tunnel, BUT all other 
> traffic does NOT use openvpn because why in the world i 
> should route public traffic over a vpn-tunnel and from there 
> out in the world?
> 
> 
>
It doesn't make any difference what I am doing.  I run openvpn
as a daemon on a box that must otherwise function normally.
In SysV, corresponding scripts work with no problem.  I guess
I should run openvpn as SysV until this can be made to work.

Mike.
--
Michael D. Berger
m.d.berger at ieee.org
http://www.rosemike.net/

More information about the systemd-devel mailing list