10.0-RELEASE openvpn jail with ezjail
Marko Turk
markoml at markoturk.info
Sun Jul 6 20:20:55 UTC 2014
On Sun, Jul 06, 2014 at 02:28:23PM +0000, Mark Felder wrote:
> July 6 2014 5:36 AM, "Marko Turk" wrote:
>
> > Hi,
> >
> > I'm trying to create an OpenVPN jail on 10.0-RELEASE using tun device.
>
> I have it working without issues. The only problem is that you cannot restart the daemon within the jail, you have to restart the jail.
>
> host's /etc/rc.conf:
>
> # needed for openvpn
> gateway_enable="YES"
> cloned_interfaces="tun0"
>
> in my ezjail openvpn config:
>
> export jail_openvpn_exec_prestart0="ifconfig tun0 10.8.0.1 10.8.0.2 netmask 255.255.255.0"
> export jail_openvpn_exec_prestart1="route add -net 10.8.0.0/24 10.8.0.2"
>
>
> That should get you pointed in the right direction.
Thanks, that worked.
Is the multi0 method deprecated in 10.0-RELEASE or is there a problem
with new jail configuration file?
Regards,
Marko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140706/350a65db/attachment.sig>
More information about the freebsd-questions
mailing list