When I try to shutdown the laptop I get the following logged in the system log console I see (alt+F12): hostname openvpn[6733] ERROR: Linux route delete command failed: shell command exited with error status: 7 hostname openvpn[6733] Closing TUN/TAP interface hostname openvpn[6733] /sbin/ifconfig tun0 addr 0.0.0.0 hostname openvpn[6733] Linux ip addr del failed: shell command exited with error status: 1 hostname openvpn[6733] Exiting Although I have now upgraded to -r2 it seems to me it not fixed fixed either. I have sys-apps/net-tools-1.60_p20071202044231-r1 and sys-apps/iproute2-2.6.24.20080108 installed. However, default net setup (ifconfig?): # grep -v '^#' /etc/conf.d/net | uniq config_eth0=( "192.168.0.2/24" ) routes_eth0=("default via 192.168.0.1") dns_domain_eth0="upc.cz" dns_servers_eth0="192.168.0.1 195.113.57.20" dns_search_eth0="" # # emerge --info Portage 2.1.5_rc5 (default-linux/x86/2007.0/desktop, gcc-4.2.3, glibc-2.7-r2, 2.6.24.3 i686) ================================================================= System uname: 2.6.24.3 i686 Mobile Intel(R) Pentium(R) 4 - M CPU 1.80GHz Timestamp of tree: Sun, 20 Apr 2008 11:30:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.5 dev-lang/python: 2.5.2-r2 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.2 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.62 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.25 ACCEPT_KEYWORDS="x86 ~x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind /var/qmail/alias /var/qmail/control /var/spool/torque /var/vpopmail/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://gentoo.mirror.web4u.cz" LDFLAGS="" LINGUAS="en cs cz" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="7zip R X Xaw3d a52 aac aalib ace acl acpi alsa amr amrnb amrwb apache2 audacious audiofile bash-completion bcmath berkdb blas boost bzip2 cairo cblas cddb cdparanoia cdr clamav cli colordiff compress cpio cracklib crypt cscope css ctype cups curl curlwrappers cxx dbus dga dia directfb djbfft dri dts dv dvb dvd dvdr dvdread eds emacs emboss emf enblend encode enscript exif expat fam fame fat fbcon ffmpeg fftw firefox flac flash foomaticdb fortran fpx ftp gcj gd gdbm ggi gif gimp gimpprint glibc-compat20 glibc-omitfp glitz glut gmp gnuplot gnutls gpgme gphoto2 gpm graphviz gs gsl gstreamer gtk gtkhtml hal hdf hdf5 i8x0 icc iconv icu id3 ieee1394 ifc imagemagick imlib inifile innodb isdnlog ithreads jack java javascript jbig jikes jpeg jpeg2k kdtree kerberos lame lapack lcms leim libcaca libedit libwww live lzo lzw mad maildir matroska mhash midi mikmod mime ming mjpeg mmap mmx mng mod_python modperl modplug motif mozilla moznoirc mp2 mp3 mp4 mpeg mpi mpi_njtree mplayer mudflap mule musepack mxdatetime mysql mysqli ncurses netcdf netpbm network nls nntp nptl nptlonly nsplugin ntfs numeric ogg opengl openmp oss pam pango pcmcia pcntl pcre pdf perl plotutils plugin png pnm postproc postscript ppds pppd procmail pymol python qt3 qt3support qt4 quicktime rar raw readline real recode reflection reiserfs rpm rtc samba sasl scanner scp seamonkey server session sftp sift slp smime sndfile soap sockets spell spl sqlite srt sse sse2 ssl subtitles subversion svg svgz sysfs sysvipc t1lib tcl tcpd tetex theora threads tidy tiff tk transcode truetype unicode urandom usb userlocales uuencode v4l v4l2 vcd vim-syntax vim-with-x vorbis wifi win32codecs wmf wxwindows x264 x86 xanim xcb xcf xfs xft xinetd xml xorg xpm xprint xsl xslt xv xvid xvmc yv12 zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config mem_cache mime mime_magic rewrite setenvif speling status unique_id userdir usertrack vhost_alias negotiation" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en cs cz" USERLAND="GNU" VIDEO_CARDS="radeon" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Are you sure -r2 did not fix this? The patch clearly states: + IFCONFIG_PATH " %s 0.0.0.0", Note that the addr was removed.
No, it is not fixed. But, there is a difference: hostname openvpn[6733] Linux ip addr del failed: shell command exited with error status: 255 So error 255 instead of 1.
Please paste the command from the log. Also, can you please see how you can reset the address manually, while OpenVPN is up?
on startup Apr 20 20:34:05 vrapenec openvpn[6356]: OpenVPN 2.1_rc7 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Apr 20 2008 Apr 20 20:34:05 vrapenec openvpn[6356]: Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Apr 20 20:34:05 vrapenec openvpn[6356]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:05 vrapenec openvpn[6356]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:05 vrapenec openvpn[6356]: LZO compression initialized Apr 20 20:34:05 vrapenec openvpn[6356]: Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Apr 20 20:34:05 vrapenec openvpn[6356]: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Apr 20 20:34:05 vrapenec openvpn[6356]: Local Options hash (VER=V4): 'ee93268d' Apr 20 20:34:05 vrapenec openvpn[6356]: Expected Remote Options hash (VER=V4): 'bd577cd1' Apr 20 20:34:05 vrapenec openvpn[6357]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Apr 20 20:34:05 vrapenec openvpn[6357]: Attempting to establish TCP connection with 195.113.57.20:1194 [nonblock] Apr 20 20:34:06 vrapenec sshd[6386]: Server listening on 0.0.0.0 port 22. Apr 20 20:34:06 vrapenec openvpn[6357]: TCP connection established with 195.113.57.20:1194 Apr 20 20:34:06 vrapenec openvpn[6357]: Socket Buffers: R=[87380->131072] S=[16384->131072] Apr 20 20:34:06 vrapenec openvpn[6357]: TCPv4_CLIENT link local: [undef] Apr 20 20:34:06 vrapenec openvpn[6357]: TCPv4_CLIENT link remote: 195.113.57.20:1194 Apr 20 20:34:06 vrapenec openvpn[6357]: TLS: Initial packet from 195.113.57.20:1194, sid=d2ff7ffb 81aa0fd3 Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: depth=1, /C=CZ/ST=Czech_Republic/L=Prague/O=Faculty_of_Science__Charles_University/OU=Department_of_genetics_and_microbiology__RNA_laboratory/CN=www.iresite.org/emailAddress=mmok rejs@iresite.org Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: nsCertType=SERVER Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: depth=0, /C=CZ/ST=Czech_Republic/L=Prague/O=Faculty_of_Science__Charles_University/OU=Department_of_genetics_and_microbiology__RNA_laboratory/CN=server/emailAddress=mmokrejs@ires ite.org Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:07 vrapenec openvpn[6357]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Apr 20 20:34:07 vrapenec openvpn[6357]: [server] Peer Connection Initiated with 195.113.57.20:1194 Apr 20 20:34:08 vrapenec openvpn[6357]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Apr 20 20:34:08 vrapenec openvpn[6357]: PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: timers and/or timeouts modified Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: --ifconfig/up options modified Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: route options modified Apr 20 20:34:08 vrapenec openvpn[6357]: TUN/TAP device tun0 opened Apr 20 20:34:08 vrapenec openvpn[6357]: TUN/TAP TX queue length set to 100 Apr 20 20:34:08 vrapenec openvpn[6357]: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 Apr 20 20:34:08 vrapenec openvpn[6357]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 Apr 20 20:34:08 vrapenec openvpn[6357]: GID set to openvpn Apr 20 20:34:08 vrapenec openvpn[6357]: UID set to openvpn Apr 20 20:34:08 vrapenec openvpn[6357]: Initialization Sequence Completed on shutdown Apr 20 21:17:49 vrapenec openvpn[6357]: event_wait : Interrupted system call (code=4) Apr 20 21:17:49 vrapenec openvpn[6357]: TCP/UDP: Closing socket Apr 20 21:17:49 vrapenec openvpn[6357]: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 Apr 20 21:17:49 vrapenec openvpn[6357]: ERROR: Linux route delete command failed: shell command exited with error status: 7 Apr 20 21:17:49 vrapenec openvpn[6357]: Closing TUN/TAP interface Apr 20 21:17:49 vrapenec openvpn[6357]: /sbin/ifconfig tun0 0.0.0.0 Apr 20 21:17:49 vrapenec openvpn[6357]: Linux ip addr del failed: shell command exited with error status: 255 Apr 20 21:17:49 vrapenec openvpn[6357]: Exiting
OK, these two commands fails at your end: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 /sbin/ifconfig tun0 0.0.0.0 While OpenVPN is running, please find commands that does do to reverse of: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 Thanks!
Answer to comment #5. You wanted wanted me to execute the two commands? Here they are: vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=31.5 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=33.6 ms 64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=33.1 ms --- 10.8.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 31.554/32.783/33.618/0.912 ms vrapenec ~ # /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=11.2 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=11.0 ms --- 10.8.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 11.069/11.176/11.284/0.150 ms vrapenec ~ # /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 SIOCADDRT: File exists vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=12.8 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=10.3 ms --- 10.8.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 10.365/11.598/12.831/1.233 ms vrapenec ~ #
No... :) OpenVPN execute these commands at startup. Our problem is during termination. So if OpenVPN is up and tun interface is opened, we have a chance to see what wrong with the command which does not work. Can you please execute the commands that does not work? /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 /sbin/ifconfig tun0 0.0.0.0
Yes, I just got the idea: # route del -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 # /sbin/ifconfig tun0 0.0.0.0 down #
Or alternatively as you have said: vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=31.3 ms --- 10.8.0.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 31.316/31.316/31.316/0.000 ms vrapenec ~ # /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 vrapenec ~ # /sbin/ifconfig tun0 0.0.0.0 vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. --- 10.8.0.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 999ms vrapenec ~ #
> vrapenec ~ # /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 > vrapenec ~ # /sbin/ifconfig tun0 0.0.0.0 > vrapenec ~ # ping 10.8.0.1 > PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. So what is the difference between these commands and the ones that failed? As far as I can see they are the same.
I had a look into the console and in the console log (and /var/log/messages) there are still the errors. Just into my xterm/bash I did not see them. How does the start-stop-deamon handler STDIN/STDOUT/STDERR? Could that be the cause?
You can simply execute OpenVPN manualy /usr/sbin/openvpn --cd /etc/openvpn --config <whatever> --verb 7 But I don't understand what you want to do... :) Maybe the commands are correct, and they just return none zero return code? Can you please echo $? after each command?
vrapenec ~ # cp /dev/null /var/log/messages vrapenec ~ # vim /etc/init.d/openvpn.iresite vrapenec ~ # /etc/init.d/openvpn.iresite stop * Caching service dependencies ... [ ok ] * Stopping openvpn.iresite ... 0 [ ok ] vrapenec ~ # cat /var/log/messages Apr 21 10:57:34 vrapenec openvpn[3004]: event_wait : Interrupted system call (code=4) Apr 21 10:57:34 vrapenec openvpn[3004]: TCP/UDP: Closing socket Apr 21 10:57:34 vrapenec openvpn[3004]: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 Apr 21 10:57:34 vrapenec openvpn[3004]: ERROR: Linux route delete command failed: shell command exited with error status: 7 Apr 21 10:57:34 vrapenec openvpn[3004]: Closing TUN/TAP interface Apr 21 10:57:34 vrapenec openvpn[3004]: /sbin/ifconfig tun0 0.0.0.0 Apr 21 10:57:34 vrapenec openvpn[3004]: Linux ip addr del failed: shell command exited with error status: 255 Apr 21 10:57:34 vrapenec openvpn[3004]: Exiting vrapenec ~ # ifconfig -a eth0 Link encap:Ethernet HWaddr 00:e0:18:b6:9d:31 inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2184 errors:0 dropped:0 overruns:0 frame:0 TX packets:2289 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:503247 (491.4 KiB) TX bytes:304014 (296.8 KiB) Interrupt:11 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:2 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:356 (356.0 B) TX bytes:356 (356.0 B) vrapenec ~ #
So it fine. The interface is unavailable the commands fail, no harm here. These commands are helpful if you create a persistant tun/tap interface using baselayout.