From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.3 Message-ID: <47909B28.4050207@rambler.ru> Date: Fri, 18 Jan 2008 14:27:20 +0200 From: =?UTF-8?B?0JTQtdC90LjRgSDQr9Cz0L7RhNCw0YDQvtCy?= User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: sysadmins@lists.altlinux.org Content-Type: multipart/mixed; boundary="------------040608050701010806070402" Subject: [Sysadmins] =?utf-8?b?T3BudnBuINCyINGA0LXQttC40LzQtSBicmlkZ2Vk?= X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jan 2008 12:27:24 -0000 Archived-At: List-Archive: This is a multi-part message in MIME format. --------------040608050701010806070402 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Добрый день. Пробую поднять openvpn в режиме bridged. В режиме routed всё отлично работает. Вот конфиг: port 31194 proto tcp dev tap #dev-node tap0 ca /etc/openvpn/keys/ca.cert cert /etc/openvpn/keys/server.cert key /etc/openvpn/keys/server.key # This file should be kept secret! dh /etc/openvpn/keys/dh1024.pem ifconfig-pool-persist ipp.txt # Configure server mode for ethernet bridging. # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface, here we # assume 10.8.0.4/255.255.255.0. Finally we # must set aside an IP range in this subnet # (start=10.8.0.50 end=10.8.0.100) to allocate # to connecting clients. Leave this line commented # out unless you are ethernet bridging. server-bridge 192.168.100.250 255.255.0.0 192.168.100.50 192.168.100.98 push "route 192.168.10.0 255.255.255.0" keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 В комментариях к конфигу говорится: # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface Для этого я использую вот этот скрипт http://openvpn.net/bridge.html#linuxscript Вот только когда запускается сервис, он использует tap1 и не находит никаких tap0. Такого устройства и я те ненахожу.... в отличии от /dev/net/tup. Так как создать tap0 до старта openvpn и заставить сервиз использовать его? --------------040608050701010806070402 Content-Type: text/x-vcard; charset=utf-8; name="denyago.vcf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="denyago.vcf" YmVnaW46dmNhcmQNCmZuOkRlbmlzIFRpbXVyb3ZpY2ggWWFnb2Zhcm92DQpuOllhZ29mYXJv djtEZW5pcyBUaW11cm92aWNoDQpvcmc6SVRHSVMgTkFTVQ0KYWRyOnJvb20gNjE1OztDaG9r b2xvdnNraSBzcXIuLCAxMztLaWV2OzswMzE1MTtVa3JhaW5lDQplbWFpbDtpbnRlcm5ldDpk ZW55YWdvQHJhbWJsZXIucnUNCnRpdGxlOnN5c3RlbSBhZG1pbmlzdHJhdG9yDQp0ZWw7d29y azo4MDQ0MjQ4MDc1NQ0KeC1tb3ppbGxhLWh0bWw6RkFMU0UNCnZlcnNpb246Mi4xDQplbmQ6 dmNhcmQNCg0K --------------040608050701010806070402--