[FUG-BR] openvpn jail
Fabricio Lima
listas em fabriciolima.com.br
Quinta Maio 14 15:38:17 BRT 2015
ola..
alguem ja conseguiu fazer rodar openvpn em uma jail?
to apanhando do devfs....
preciso do /dev/tun pra dar um ifconfig create tun0
mas da operation not permited.
alguma luz?
jail# ls /dev
fd null random stderr stdin stdout urandom zero
---------------------------------------------------------------------
# cat etc/devfs.rules
[openvpn_ruleset=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_login
add include $devfsrules_unhide_basic
add path tun0 unhide
-------------------------------------------------------------------------------
# cat etc/jail.conf
path = "/usr/jails/$name";
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
allow.mount;
allow.sysvipc;
allow.raw_sockets;
exec.consolelog = "/var/log/jail_${name}_console.log";
devfs_ruleset = 4;
interface=lo1;
www {
host.hostname = "www";
ip4.addr = 10.1.1.2;
}
vpn {
host.hostname = "vpn";
ip4.addr = 10.1.1.3;
devfs_ruleset = 5;
}
-----------------------------------------------------------
# cat /usr/jails/vpn/etc/rc.conf
cloned_interface="tun"
------------------------------------------------------------------
[ ]'s
Fabricio Lima
Sendmail administration is not black magic. There are legitimate technical
reasons why it requires the sacrifice of a live chicken.
Mais detalhes sobre a lista de discussão freebsd