안녕 모두 여기에이 스크립트를 따르십시오 대홍수 -vpn openvpn에 의해 호출 될 때 아래의 라우팅 scipt에서 스크립트가 실패합니다. 오픈 스크립트없이 openvpn을 시작하고 스크립트를 seperatly 실행하면 정상적으로 실행됩니다. 미안 내가 havent 그것을 correctl 설정하지만 어떤 도움이 큰 도움이 될 것입니다.
오류를 heres
/etc/openvpn/link_up_user_filter.sh
Device "tun0" does not exist.
Error: an inet address is expected rather than "table".
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
sysctl: cannot stat /proc/sys/net/ipv4/conf/tun0/rp_filter: No such file or directory
여기에 올바르게 실행 된 결과가 있습니다.
Nov 17 16:16:46 hp-server openvpn[48795]: /usr/sbin/ip link set dev tun0 up mtu 1500
Nov 17 16:16:46 hp-server openvpn[48795]: /usr/sbin/ip addr add dev tun0 10.4.1.252/16 broadcast 10.4.255.255
Nov 17 16:16:51 hp-server openvpn[48795]: /usr/sbin/ip route add 213.152.161.116/32 via 192.168.1.254
Nov 17 16:16:51 hp-server openvpn[48795]: /usr/sbin/ip route add 0.0.0.0/1 via 10.4.0.1
Nov 17 16:16:51 hp-server openvpn[48795]: /usr/sbin/ip route add 128.0.0.0/1 via 10.4.0.1
Nov 17 16:16:51 hp-server openvpn[48795]: Initialization Sequence Completed
스크립트는 다음과 같습니다.
#!/usr/bin/env bash
SRC_DIR="${BASH_SOURCE%/*}"
if [[ ! -d "$SRC_DIR" ]]; then SRC_DIR="$PWD"; fi
source "$SRC_DIR/vpn_base.sh"
VPN_IP=`get_nic_ip $VPNIF`
# Remove old table
ip route flush table $TABLE_ID
# Add rule to use TABLE_ID for marked packets
if [[ `ip rule list | grep -c $MARK_ID` == 0 ]]; then
ip rule add from all fwmark $MARK_ID lookup $TABLE_ID
fi
ip route replace default via $VPN_IP table $TABLE_ID
ip route append default via 127.0.0.1 dev lo table $TABLE_ID
ip route flush cache
# Set reverse path source validation to lose mode
sysctl -w net.ipv4.conf.all.rp_filter=2
sysctl -w net.ipv4.conf.default.rp_filter=2
sysctl -w net.ipv4.conf.$VPNIF.rp_filter=2
요청에 따라 openvpn.conf
client
dev tun
proto udp
remote *.*.*.* *
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
route-delay 5
verb 3
explicit-exit-notify 5
script-security 2
#up and down scripts to be executed when VPN starts or stops
up /etc/openvpn/link_up_user_filter.sh
show openvpn config
—
Ipor Sircer