📄 openvpn.init
字号:
#!/bin/sh### BEGIN INIT INFO# Provides: openvpn# Required-Start: $network# Required-Stop: $network# Default-Start: 3 5# Default-Stop: 0 1 2 6# Short-Description: This shell script takes care of starting and stopping OpenVPN.# Description: OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP port. ### END INIT INFO# Contributed to the OpenVPN project by# Douglas Keller <doug@voidstar.dyndns.org># 2002.05.15# Modified for SuSE by# Frank Plohmann <openvpn@franks-planet.de># 2003.08.24# Please feel free to contact me if you have problems or suggestions# using this script.# To install:# copy this file to /etc/rc.d/init.d/openvpn# use the runlevel editor in Yast to add it to runlevel 3 and/or 5# shell> mkdir /etc/openvpn# make .conf or .sh files in /etc/openvpn (see below)# To uninstall:# use also Yast and the runlevel editor to uninstall# Author's Notes:## I have created an /etc/init.d init script and enhanced openvpn.spec to# automatically register the init script. Once the RPM is installed you# can start and stop OpenVPN with "service openvpn start" and "service# openvpn stop".## The init script does the following:## - Starts an openvpn process for each .conf file it finds in# /etc/openvpn.## - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes# it before starting openvpn (useful for doing openvpn --mktun...).## - In addition to start/stop you can do:## /etc/init.d/openvpn reload - SIGHUP# /etc/init.d/openvpn reopen - SIGUSR1# /etc/init.d/openvpn status - SIGUSR2# Modifications 2003.05.02# * Changed == to = for sh compliance (Bishop Clark).# * If condrestart|reload|reopen|status, check that we were# actually started (James Yonan).# * Added lock, piddir, and work variables (James Yonan).# * If start is attempted twice, without an intervening stop, or# if start is attempted when previous start was not properly# shut down, then kill any previously started processes, before# commencing new start operation (James Yonan).# * Do a better job of flagging errors on start, and properly# returning success or failure status to caller (James Yonan).## Modifications 2003.08.24# * Converted the script for SuSE Linux distribution. # Tested with version 8.2 (Frank Plohmann).# - removed "chkconfig" header# - added Yast header# - changed installation notes# - corrected path to openvpn binary# - removes sourcing "functions"# - removed sourcing "network"# - removed network checking. it seemed not to work with SuSE.# - added sourcing "rc.status", comments and "rc_reset" command# - removed "succes; echo" and "failure; echo" lines# - added "rc_status" lines at the end of each section# - changed "service" to "/etc/init.d/" in "In addition to start/stop"# section above.# Location of openvpn binaryopenvpn="/usr/local/sbin/openvpn"# Lockfilelock="/var/lock/subsys/openvpn"# PID directorypiddir="/var/run/openvpn"# Our working directorywork=/etc/openvpn# Source rc functions. /etc/rc.status# Shell functions sourced from /etc/rc.status:# rc_check check and set local and overall rc status# rc_status check and set local and overall rc status# rc_status -v ditto but be verbose in local rc status# rc_status -v -r ditto and clear the local rc status# rc_failed set local and overall rc status to failed# rc_reset clear local rc status (overall remains)# rc_exit exit appropriate to overall rc status# rc_status check and set local and overall rc status# rc_status -v ditto but be verbose in local rc status# rc_status -v -r ditto and clear the local rc status# rc_failed set local and overall rc status to failed# rc_reset clear local rc status (overall remains)# rc_exit exit appropriate to overall rc status# First reset status of this servicerc_reset[ -f $openvpn ] || exit 0# See how we were called.case "$1" in start) echo -n $"Starting openvpn: " /sbin/modprobe tun >/dev/null 2>&1 # From a security perspective, I think it makes # sense to remove this, and have users who need # it explictly enable in their --up scripts or # firewall setups. #echo 1 > /proc/sys/net/ipv4/ip_forward if [ ! -d $piddir ]; then mkdir $piddir fi if [ -f $lock ]; then # we were not shut down correctly for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill `cat $pidf` >/dev/null 2>&1 fi rm -f $pidf done rm -f $lock sleep 2 fi rm -f $piddir/*.pid cd $work # Start every .conf in $work and run .sh if exists errors=0 successes=0 for c in `/bin/ls *.conf 2>/dev/null`; do bn=${c%%.conf} if [ -f "$bn.sh" ]; then . $bn.sh fi rm -f $piddir/$bn.pid $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work if [ $? = 0 ]; then successes=1 else errors=1 fi done if [ $successes = 1 ]; then touch $lock fi rc_status -v ;; stop) echo -n $"Shutting down openvpn: " for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill `cat $pidf` >/dev/null 2>&1 fi rm -f $pidf done rm -f $lock rc_status -v ;; restart) $0 stop sleep 2 $0 start rc_status ;; reload) if [ -f $lock ]; then for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill -HUP `cat $pidf` >/dev/null 2>&1 fi done else echo "openvpn: service not started" exit 1 fi rc_status -v ;; reopen) if [ -f $lock ]; then for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill -USR1 `cat $pidf` >/dev/null 2>&1 fi done else echo "openvpn: service not started" exit 1 fi rc_status -v ;; condrestart) if [ -f $lock ]; then $0 stop # avoid race sleep 2 $0 start fi rc_status ;; status) if [ -f $lock ]; then for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do if [ -s $pidf ]; then kill -USR2 `cat $pidf` >/dev/null 2>&1 fi done echo "Status written to /var/log/messages" else echo "openvpn: service not started" exit 1 fi rc_status -v ;; *) echo "Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}" exit 1esacexit 0⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -