search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
OpenVPN: update to 2.3.5
[tomato.git] / release / src / router / openvpn / distro / rpm / openvpn.init.d.suse
blob270024e89940e967ad715c2edbd5e2e1cc305b75
1 #!/bin/sh
2 ### BEGIN INIT INFO
3 # Provides: openvpn
4 # Required-Start: $network
5 # Required-Stop: $network
6 # Default-Start: 3 5
7 # Default-Stop: 0 1 2 6
8 # Short-Description: This shell script takes care of starting and stopping OpenVPN.
9 # Description: OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP port.
10 ### END INIT INFO
11
12 # Contributed to the OpenVPN project by
13 # Douglas Keller <doug@voidstar.dyndns.org>
14 # 2002.05.15
15
16 # Modified for SuSE by
17 # Frank Plohmann <openvpn@franks-planet.de>
18 # 2003.08.24
19 # Please feel free to contact me if you have problems or suggestions
20 # using this script.
21
22 # To install:
23 # copy this file to /etc/rc.d/init.d/openvpn
24 # use the runlevel editor in Yast to add it to runlevel 3 and/or 5
25 # shell> mkdir /etc/openvpn
26 # make .conf or .sh files in /etc/openvpn (see below)
27
28 # To uninstall:
29 # use also Yast and the runlevel editor to uninstall
30
31 # Author's Notes:
32 #
33 # I have created an /etc/init.d init script and enhanced openvpn.spec to
34 # automatically register the init script. Once the RPM is installed you
35 # can start and stop OpenVPN with "service openvpn start" and "service
36 # openvpn stop".
37 #
38 # The init script does the following:
39 #
40 # - Starts an openvpn process for each .conf file it finds in
41 # /etc/openvpn.
42 #
43 # - If /etc/openvpn/xxx.sh exists for a xxx.conf file then it executes
44 # it before starting openvpn (useful for doing openvpn --mktun...).
45 #
46 # - In addition to start/stop you can do:
47 #
48 # /etc/init.d/openvpn reload - SIGHUP
49 # /etc/init.d/openvpn reopen - SIGUSR1
50 # /etc/init.d/openvpn status - SIGUSR2
51
52 # Modifications 2003.05.02
53 # * Changed == to = for sh compliance (Bishop Clark).
54 # * If condrestart|reload|reopen|status, check that we were
55 # actually started (James Yonan).
56 # * Added lock, piddir, and work variables (James Yonan).
57 # * If start is attempted twice, without an intervening stop, or
58 # if start is attempted when previous start was not properly
59 # shut down, then kill any previously started processes, before
60 # commencing new start operation (James Yonan).
61 # * Do a better job of flagging errors on start, and properly
62 # returning success or failure status to caller (James Yonan).
63 #
64 # Modifications 2003.08.24
65 # * Converted the script for SuSE Linux distribution.
66 # Tested with version 8.2 (Frank Plohmann).
67 # - removed "chkconfig" header
68 # - added Yast header
69 # - changed installation notes
70 # - corrected path to openvpn binary
71 # - removes sourcing "functions"
72 # - removed sourcing "network"
73 # - removed network checking. it seemed not to work with SuSE.
74 # - added sourcing "rc.status", comments and "rc_reset" command
75 # - removed "succes; echo" and "failure; echo" lines
76 # - added "rc_status" lines at the end of each section
77 # - changed "service" to "/etc/init.d/" in "In addition to start/stop"
78 # section above.
79 #
80 # Modifications 2005.04.04
81 # * Added openvpn-startup and openvpn-shutdown script calls (James Yonan).
82 #
83
84 # Location of openvpn binary
85 openvpn="/usr/sbin/openvpn"
86
87 # Lockfile
88 lock="/var/lock/subsys/openvpn"
89
90 # PID directory
91 piddir="/var/run/openvpn"
92
93 # Our working directory
94 work=/etc/openvpn
95
96 # Source rc functions
97 . /etc/rc.status
98
99 # Shell functions sourced from /etc/rc.status:
100 # rc_check check and set local and overall rc status
101 # rc_status check and set local and overall rc status
102 # rc_status -v ditto but be verbose in local rc status
103 # rc_status -v -r ditto and clear the local rc status
104 # rc_failed set local and overall rc status to failed
105 # rc_reset clear local rc status (overall remains)
106 # rc_exit exit appropriate to overall rc status
107
108 # rc_status check and set local and overall rc status
109 # rc_status -v ditto but be verbose in local rc status
110 # rc_status -v -r ditto and clear the local rc status
111 # rc_failed set local and overall rc status to failed
112 # rc_reset clear local rc status (overall remains)
113 # rc_exit exit appropriate to overall rc status
114
115 # First reset status of this service
116 rc_reset
117
118 [ -f $openvpn ] || exit 0
119
120 # See how we were called.
121 case "$1" in
122 start)
123 echo -n $"Starting openvpn: "
124
125 /sbin/modprobe tun >/dev/null 2>&1
126
127 # From a security perspective, I think it makes
128 # sense to remove this, and have users who need
129 # it explictly enable in their --up scripts or
130 # firewall setups.
131
132 #echo 1 > /proc/sys/net/ipv4/ip_forward
133
134 # Run startup script, if defined
135 if [ -f $work/openvpn-startup ]; then
136 $work/openvpn-startup
137 fi
138
139 if [ ! -d $piddir ]; then
140 mkdir $piddir
141 fi
142
143 if [ -f $lock ]; then
144 # we were not shut down correctly
145 for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
146 if [ -s $pidf ]; then
147 kill `cat $pidf` >/dev/null 2>&1
148 fi
149 rm -f $pidf
150 done
151 rm -f $lock
152 sleep 2
153 fi
154
155 rm -f $piddir/*.pid
156 cd $work
157
158 # Start every .conf in $work and run .sh if exists
159 errors=0
160 successes=0
161 for c in `/bin/ls *.conf 2>/dev/null`; do
162 bn=${c%%.conf}
163 if [ -f "$bn.sh" ]; then
164 . ./$bn.sh
165 fi
166 rm -f $piddir/$bn.pid
167 $openvpn --daemon --writepid $piddir/$bn.pid --config $c --cd $work
168 if [ $? = 0 ]; then
169 successes=1
170 else
171 errors=1
172 fi
173 done
174
175 if [ $successes = 1 ]; then
176 touch $lock
177 fi
178
179 rc_status -v
180 ;;
181 stop)
182 echo -n $"Shutting down openvpn: "
183 for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
184 if [ -s $pidf ]; then
185 kill `cat $pidf` >/dev/null 2>&1
186 fi
187 rm -f $pidf
188 done
189
190 # Run shutdown script, if defined
191 if [ -f $work/openvpn-shutdown ]; then
192 $work/openvpn-shutdown
193 fi
194
195 rm -f $lock
196
197 rc_status -v
198 ;;
199 restart)
200 $0 stop
201 sleep 2
202 $0 start
203
204 rc_status
205 ;;
206 reload)
207 if [ -f $lock ]; then
208 for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
209 if [ -s $pidf ]; then
210 kill -HUP `cat $pidf` >/dev/null 2>&1
211 fi
212 done
213 else
214 echo "openvpn: service not started"
215 exit 1
216 fi
217
218 rc_status -v
219 ;;
220 reopen)
221 if [ -f $lock ]; then
222 for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
223 if [ -s $pidf ]; then
224 kill -USR1 `cat $pidf` >/dev/null 2>&1
225 fi
226 done
227 else
228 echo "openvpn: service not started"
229 exit 1
230 fi
231
232 rc_status -v
233 ;;
234 condrestart)
235 if [ -f $lock ]; then
236 $0 stop
237 # avoid race
238 sleep 2
239 $0 start
240 fi
241
242 rc_status
243 ;;
244 status)
245 if [ -f $lock ]; then
246 for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
247 if [ -s $pidf ]; then
248 kill -USR2 `cat $pidf` >/dev/null 2>&1
249 fi
250 done
251 echo "Status written to /var/log/messages"
252 else
253 echo "openvpn: service not started"
254 exit 1
255 fi
256
257 rc_status -v
258 ;;
259 *)
260 echo "Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}"
261 exit 1
262 esac
263
264 exit 0
Tomato firmware and modifications.