Issue with OpenVPN --up parameter

This forum is for discussion about general software issues.
Topic locked

Issue with OpenVPN --up parameter

Postby skinny852 » Thu Mar 14, 2019 12:21 am

Hello,

I am having difficulties with the up parameter in the OpenVPN client configuration file.

The OpenVPN connection itself is fine and my up.sh scripts outputs as expected when run manually. The issue is when up.sh is called by OpenVPN. The script will only run systemctl commands and nothing else.

The end goal of the up.sh script is to start a Transmission daemon, run an API from my VPN provider for a open port number and then send this port number to Transmission. For the moment, however, I am trying to put the pieces together bit by bit and I would like to use echo for debugging. But I am only able to start the Transmission daemon with systemctl.

I have searched Goggle, Arch and Arch ARM forums, OpenVPN forum, Raspberry Pi forum and Stack Exchange, but haven't found anything related to this issue. I have also read the OpenVPN manpage thoroughly. I do fall under the category of newbie and cannot determine the root issue here.

I have identified a few possible causes:

1. OpenVPN issue
2. Systemd issue
3. Deficient Bash skills

Can anyone point me in the right direction as to what I need to focus on? I would like to know what tree to bark at :)

Here are some configuration and logs.

OpenVPN configuration file:

$this->bbcode_second_pass_code('', '
client
dev tun
proto udp
remote ca-vancouver.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

script-security 2
auth-user-pass /etc/openvpn/login
auth-nocache
compress
verb 4
log /var/log/openvpn.log
reneg-sec 0
crl-verify /etc/openvpn/crl.rsa.2048.pem
ca /etc/openvpn/ca.rsa.2048.crt

up /etc/openvpn/up.sh

disable-occ
')

up.sh content:

$this->bbcode_second_pass_code('', '
#!/bin/sh

echo Test > /tmp/test.txt
')

/tmp/test.txt is not created when OpenVPN is started by systemctl enable openvpn-client@Vancouver.service.

Log file output:

$this->bbcode_second_pass_code('', '
...
Thu Mar 7 14:36:24 2019 us=816075 TUN/TAP device tun0 opened
Thu Mar 7 14:36:24 2019 us=816360 TUN/TAP TX queue length set to 100
Thu Mar 7 14:36:24 2019 us=816517 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Mar 7 14:36:24 2019 us=816642 /usr/bin/ip link set dev tun0 up mtu 1500
Thu Mar 7 14:36:24 2019 us=832414 /usr/bin/ip addr add dev tun0 local 10.29.10.6 peer 10.29.10.5
Thu Mar 7 14:36:24 2019 us=843176 /etc/openvpn/up.sh tun0 1500 1558 10.29.10.6 10.29.10.5 init
Thu Mar 7 14:36:24 2019 us=858794 /usr/bin/ip route add xxx.xx.xx.xxx/32 via xxx.xxx.x.x
Thu Mar 7 14:36:24 2019 us=868017 /usr/bin/ip route add 0.0.0.0/1 via 10.29.10.5
Thu Mar 7 14:36:24 2019 us=884024 /usr/bin/ip route add 128.0.0.0/1 via 10.29.10.5
Thu Mar 7 14:36:24 2019 us=892318 /usr/bin/ip route add 10.29.10.1/32 via 10.29.10.5
Thu Mar 7 14:36:24 2019 us=900557 Initialization Sequence Completed
')

If OpenVPN is started manually from the command line then the script runs as expected and /tmp/test.txt is created.

$this->bbcode_second_pass_code('', '$ sudo openvpn --config /etc/openvpn/client/Vancouver.conf --up '/etc/openvpn/up.sh' --daemon')

Log file output:

$this->bbcode_second_pass_code('', '
Thu Mar 7 15:09:12 2019 us=680115 TUN/TAP device tun0 opened
Thu Mar 7 15:09:12 2019 us=680445 TUN/TAP TX queue length set to 100
Thu Mar 7 15:09:12 2019 us=680599 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Mar 7 15:09:12 2019 us=680729 /usr/bin/ip link set dev tun0 up mtu 1500
Thu Mar 7 15:09:12 2019 us=693770 /usr/bin/ip addr add dev tun0 local 10.64.10.10 peer 10.64.10.9
Thu Mar 7 15:09:12 2019 us=705858 /etc/openvpn/up.sh tun0 1500 1558 10.64.10.10 10.64.10.9 init
Thu Mar 7 15:09:12 2019 us=721612 /usr/bin/ip route add xxx.xx.xx.xx/32 via xxx.xxx.x.x
Thu Mar 7 15:09:12 2019 us=730464 /usr/bin/ip route add 0.0.0.0/1 via 10.64.10.9
Thu Mar 7 15:09:12 2019 us=745724 /usr/bin/ip route add 128.0.0.0/1 via 10.64.10.9
Thu Mar 7 15:09:12 2019 us=754666 /usr/bin/ip route add 10.64.10.1/32 via 10.64.10.9
Thu Mar 7 15:09:12 2019 us=775972 Initialization Sequence Completed
')

Back to using systemctl enable openvpn-client@Vancouver.service.

If the contents of up.sh are changed to a systemctl command then the script runs as expected.

$this->bbcode_second_pass_code('', '
#!/bin/sh

systemctl start transmission.service
')

Log file output:

$this->bbcode_second_pass_code('', '
Thu Mar 7 18:32:05 2019 us=965046 TUN/TAP device tun0 opened
Thu Mar 7 18:32:05 2019 us=965553 TUN/TAP TX queue length set to 100
Thu Mar 7 18:32:05 2019 us=965717 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Mar 7 18:32:05 2019 us=965841 /usr/bin/ip link set dev tun0 up mtu 1500
Thu Mar 7 18:32:06 2019 us=16952 /usr/bin/ip addr add dev tun0 local 10.36.11.10 peer 10.36.11.9
Thu Mar 7 18:32:06 2019 us=27277 /etc/openvpn/up.sh tun0 1500 1558 10.36.11.10 10.36.11.9 init
Thu Mar 7 18:32:06 2019 us=498771 /usr/bin/ip route add xxx.xxx.xxx.xx/32 via xxx.xxx.x.x
Thu Mar 7 18:32:06 2019 us=507057 /usr/bin/ip route add 0.0.0.0/1 via 10.36.11.9
Thu Mar 7 18:32:06 2019 us=515375 /usr/bin/ip route add 128.0.0.0/1 via 10.36.11.9
Thu Mar 7 18:32:06 2019 us=523590 /usr/bin/ip route add 10.36.11.1/32 via 10.36.11.9
Thu Mar 7 18:32:06 2019 us=532133 Initialization Sequence Completed
')

But when running a systemctl and an echo command, the Transmission daemon starts but the echo command will not output to /tmp/test.txt and instead writes to the log file!

Multiple commands in up.sh:

$this->bbcode_second_pass_code('', '
#!/bin/sh

echo $(curl -4 icanhazip.com) > /tmp/test.txt

systemctl start transmission.service
')

$this->bbcode_second_pass_code('', '
Thu Mar 7 18:28:26 2019 us=422540 TUN/TAP device tun0 opened
Thu Mar 7 18:28:26 2019 us=422978 TUN/TAP TX queue length set to 100
Thu Mar 7 18:28:26 2019 us=423170 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Mar 7 18:28:26 2019 us=423297 /usr/bin/ip link set dev tun0 up mtu 1500
Thu Mar 7 18:28:26 2019 us=480856 /usr/bin/ip addr add dev tun0 local 10.12.10.10 peer 10.12.10.9
Thu Mar 7 18:28:26 2019 us=490313 /etc/openvpn/up.sh tun0 1500 1558 10.12.10.10 10.12.10.9 init
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12 100 12 0 0 181 0 --:--:-- --:--:-- --:--:-- 184
Thu Mar 7 18:28:27 2019 us=97418 /usr/bin/ip route add xxx.xxx.xxx.xx/32 via xxx.xxx.x.x
Thu Mar 7 18:28:27 2019 us=105472 /usr/bin/ip route add 0.0.0.0/1 via 10.12.10.9
Thu Mar 7 18:28:27 2019 us=113405 /usr/bin/ip route add 128.0.0.0/1 via 10.12.10.9
Thu Mar 7 18:28:27 2019 us=121368 /usr/bin/ip route add 10.12.10.1/32 via 10.12.10.9
Thu Mar 7 18:28:27 2019 us=129599 Initialization Sequence Completed
')
skinny852
 
Posts: 1
Joined: Thu Feb 28, 2019 1:04 am
Top
Topic locked

Return to General

Who is online

Users browsing this forum: No registered users and 2 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group    © Arch Linux ARM

cron