FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 01-11-2008, 10:38 PM
Jos Vos
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

Hi,

The Fedora OpenVPN package starts/stops all VPN connections together
via a single init script. The classical way of handling interfaces
in Red Hat / Fedora distros is to support new interface types via
ifup/ifdown scripts. This is also the way it worked in the past for
CIPE. In some situations this is a much better way to control your
connections (i.e. being able to start/stop them separately).

I see in <http://openvpn.net/archive/openvpn-devel/2004-11/msg00042.html>
that some work on this has already been done in this area.

My questions:

- Is there a technical reason to not handle OpenVPN connections this
way in Fedora or is it just that it was decided to stay more close
to the generic OpenVPN startup script?

- Does anyone know of recent work in this area? I guess the example
scripts in the thread I listed above might not work as-is with the
current Fedora and OpenVPN versions.

- Is there any interest in including (and maintaining) this in Fedora's
OpenVPN package, maybe just as an alternative startup method,
assuming someone wants to contribute the initial implementation?

Thanks,

--
-- Jos Vos <jos@xos.nl>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-11-2008, 10:56 PM
"Andrew Parker"
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Jan 11, 2008 6:38 PM, Jos Vos <jos@xos.nl> wrote:
> Hi,
>
> The Fedora OpenVPN package starts/stops all VPN connections together
> via a single init script. The classical way of handling interfaces
> in Red Hat / Fedora distros is to support new interface types via
> ifup/ifdown scripts. This is also the way it worked in the past for
> CIPE. In some situations this is a much better way to control your
> connections (i.e. being able to start/stop them separately).
>
> I see in <http://openvpn.net/archive/openvpn-devel/2004-11/msg00042.html>
> that some work on this has already been done in this area.
>
> My questions:
>
> - Is there a technical reason to not handle OpenVPN connections this
> way in Fedora or is it just that it was decided to stay more close
> to the generic OpenVPN startup script?
>
> - Does anyone know of recent work in this area? I guess the example
> scripts in the thread I listed above might not work as-is with the
> current Fedora and OpenVPN versions.
>
> - Is there any interest in including (and maintaining) this in Fedora's
> OpenVPN package, maybe just as an alternative startup method,
> assuming someone wants to contribute the initial implementation?
>

Personally I would like to see this and the mounting/unmounting of
network shares wired up to NetworkManager. For my purposes, NM
doesn't quite cut it as when I change wired to wireless, I need to
unmount shares, shut down vpn, change network, start up vpn, mount
shares again. Consequently I have some ugly scripts to do this work
for me, but I would be much happier if NM would do the job for me.

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-12-2008, 07:19 AM
Jos Vos
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Fri, Jan 11, 2008 at 06:56:47PM -0500, Andrew Parker wrote:

> Personally I would like to see this and the mounting/unmounting of
> network shares wired up to NetworkManager. For my purposes, NM
> doesn't quite cut it as when I change wired to wireless, I need to
> unmount shares, shut down vpn, change network, start up vpn, mount
> shares again. Consequently I have some ugly scripts to do this work
> for me, but I would be much happier if NM would do the job for me.

I'm personally not interested in NM, but only in the abillity to
control individual OpenVPN connections in scripts and manually
via the ifup/ifdown commands.

--
-- Jos Vos <jos@xos.nl>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-12-2008, 03:30 PM
Ralf Ertzinger
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

Hi.

On Sat, 12 Jan 2008 00:38:41 +0100, Jos Vos wrote


> - Does anyone know of recent work in this area? I guess the example
> scripts in the thread I listed above might not work as-is with the
> current Fedora and OpenVPN versions.

I'm using the scripts below on Rawhide and Centos5:

http://www.skytale.net/files/openvpn-ifscripts/openvpn-ifscripts-0.4-1.sky.src.rpm

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-12-2008, 08:24 PM
Jos Vos
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Sat, Jan 12, 2008 at 05:30:18PM +0100, Ralf Ertzinger wrote:

> I'm using the scripts below on Rawhide and Centos5:
>
> http://www.skytale.net/files/openvpn-ifscripts/openvpn-ifscripts-0.4-1.sky.src.rpm

Thanks. Did you write them yourself or did you only package them?
In case of the latter, what is the source of these scripts?

Now I have (together with the URL I included in my original mail)
two alternatives. Question is which set of scripts is better :-).

--
-- Jos Vos <jos@xos.nl>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-12-2008, 08:49 PM
Ralf Ertzinger
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

Hi.

On Sat, 12 Jan 2008 22:24:00 +0100, Jos Vos wrote

> Thanks. Did you write them yourself or did you only package them?
> In case of the latter, what is the source of these scripts?

The scripts are mine, so they are build to do what I need, which
may not be what everyone else needs

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-13-2008, 07:33 PM
David Woodhouse
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Sat, 2008-01-12 at 00:38 +0100, Jos Vos wrote:
> - Is there a technical reason to not handle OpenVPN connections this
> way in Fedora or is it just that it was decided to stay more close
> to the generic OpenVPN startup script?
>
> - Does anyone know of recent work in this area? I guess the example
> scripts in the thread I listed above might not work as-is with the
> current Fedora and OpenVPN versions.
>
> - Is there any interest in including (and maintaining) this in Fedora's
> OpenVPN package, maybe just as an alternative startup method,
> assuming someone wants to contribute the initial implementation?

Please do. I believe it should have been a condition of the initial
review of the package. We're supposed to be making a coherent
distribution, not just packaging up a bunch of software and chucking it
together on a DVD.

--
dwmw2

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-14-2008, 01:51 PM
David Hollis
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Fri, 2008-01-11 at 18:56 -0500, Andrew Parker wrote:

> Personally I would like to see this and the mounting/unmounting of
> network shares wired up to NetworkManager. For my purposes, NM
> doesn't quite cut it as when I change wired to wireless, I need to
> unmount shares, shut down vpn, change network, start up vpn, mount
> shares again. Consequently I have some ugly scripts to do this work
> for me, but I would be much happier if NM would do the job for me.
>

Couldn't at least some of that be handled thru NetworkManagerDispatcher
scripts?


--
David Hollis <dhollis@davehollis.com>

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-14-2008, 07:40 PM
Steven Pritchard
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Sun, Jan 13, 2008 at 08:33:33PM +0000, David Woodhouse wrote:
> On Sat, 2008-01-12 at 00:38 +0100, Jos Vos wrote:
> > - Is there a technical reason to not handle OpenVPN connections this
> > way in Fedora or is it just that it was decided to stay more close
> > to the generic OpenVPN startup script?

A combination of trying to stay close to upstream and lack of time,
honestly.

> > - Does anyone know of recent work in this area? I guess the example
> > scripts in the thread I listed above might not work as-is with the
> > current Fedora and OpenVPN versions.
> >
> > - Is there any interest in including (and maintaining) this in Fedora's
> > OpenVPN package, maybe just as an alternative startup method,
> > assuming someone wants to contribute the initial implementation?

I'd be happy to include better initscript integration in the Fedora
package. I just haven't had the time (or sufficient motivation) to
write the code myself.

> Please do. I believe it should have been a condition of the initial
> review of the package. We're supposed to be making a coherent
> distribution, not just packaging up a bunch of software and chucking it
> together on a DVD.

It was brought up at the time, but everyone was saying NetworkManager
was going to take over the world, so making ifup/ifdown work didn't
seem like a terribly high priority. NetworkManager-openvpn has been
around for a while...

Steve
--
Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve@kspei.com http://www.kspei.com/
Phone: (618)624-4440 Mobile: (618)567-7320

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 01-14-2008, 08:12 PM
David Hollis
 
Default Start/stop of OpenVPN interfaces with ifup/ifdown

On Mon, 2008-01-14 at 14:40 -0600, Steven Pritchard wrote:

> It was brought up at the time, but everyone was saying NetworkManager
> was going to take over the world, so making ifup/ifdown work didn't
> seem like a terribly high priority. NetworkManager-openvpn has been
> around for a while...
>


Though it seemed abandoned at some point in time and the last time I
checked, it didn't support some options that I use in my config namely
'tls-auth/tls-remote'.

Maybe it's interface needs some simple option to add 'custom' name/value
pairs that get passed to the openvpn program to allow for future
enhancements or local customizations and such.

--
David Hollis <dhollis@davehollis.com>

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 

Thread Tools




All times are GMT. The time now is 12:45 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org