我在用Ubuntu 12.04連接到 openvpn 伺服器。
兩個腳本,更新解析會議和vpn-up.sh/etc/openvpn 中的 , 應在連線建立時執行。
在設定檔中新增以下命令客戶端.ovpn讓兩個腳本在 openvpn 連線時運作並在 openvpn 斷開連線時停止:
script-security 2
up /etc/openvpn/update-resolv-conf
up /etc/openvpn/vpn-up.sh
down /etc/openvpn/vpn-down.sh
down /etc/openvpn/update-resolv-conf
但是,在連線期間僅執行第一個腳本。每次我必須運行腳本vpn-up.sh單獨用手。所以我想知道當 openvpn 隧道建立時如何讓它們都工作?
答案1
一個快速的方法是從最後一個腳本的末尾呼叫第二個腳本:
只需將以下內容新增至「/etc/openvpn/update-resolv-conf」腳本的末尾:
/etc/openvpn/vpn-up.sh
我相信這裡的人們會提供一種更優雅的方式來做到這一點。
答案2
僅供參考。如果您有一些腳本並且時間並不重要,您也可以使用另一個參數來執行腳本。
Script Order of Execution
--up
Executed after TCP/UDP socket bind and TUN/TAP open.
--tls-verify
Executed when we have a still untrusted remote peer.
--ipchange
Executed after connection authentication, or remote IP address change.
--client-connect
Executed in --mode server mode immediately after client authentication.
--route-up
Executed after connection authentication, either immediately after, or some number of seconds after as defined by the --route-delay option.
--client-disconnect
Executed in --mode server mode on client instance shutdown.
--down
Executed after TCP/UDP and TUN/TAP close.
--learn-address
Executed in --mode server mode whenever an IPv4 address/route or MAC address is added to OpenVPN's internal routing table.
--auth-user-pass-verify
Executed in --mode server mode on new client connections, when the client is still untrusted.
https://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html
答案3
up '/bin/bash -c "/etc/openvpn/update-resolv-conf; /etc/openvpn/vpn-up.sh"'