[Openvpn-users] Problem with plugin openvpn-down-root.so and SIGUSR1 restarts

Today I found a problem that I've hunted for many weeks. I run an openvpn tunnel above an isdn raw line to allow the isdn line to hang up if not data is flowing through the tunnel. Sometimes (it can take several weeks) one end of the vpn shuts down his openvpn process. The problem occurs when a SIGUSR1 is sent to the daemon and the daemon is running with

chroot /var/run/openvpn/obermann-isdn/chroot
plugin openvpn-down-root.so "/usr/local/bin/openvpn_fwrules-helper-down"

With these options the route -del command will fail sometimes (I think when the SIGUSR1 is sent more than once) and causes OpenVPN to make a complete restart. OpenVPN will try to reopen the config file which is not available in the chroot. Since this fails OpenVPN will exit.

I think the best way to handle this is to execute the route -del command within the root plugin or to ignore the error condition and simply go on with the restart.

Claas Hilbrecht

