Today I found a problem that I've hunted for many weeks. I run an openvpn
tunnel above an isdn raw line to allow the isdn line to hang up if not data
is flowing through the tunnel. Sometimes (it can take several weeks) one
end of the vpn shuts down his openvpn process. The problem occurs when a
SIGUSR1 is sent to the daemon and the daemon is running with
plugin openvpn-down-root.so "/usr/local/bin/openvpn_fwrules-helper-down"
With these options the route -del command will fail sometimes (I think when
the SIGUSR1 is sent more than once) and causes OpenVPN to make a complete
restart. OpenVPN will try to reopen the config file which is not available
in the chroot. Since this fails OpenVPN will exit.
I think the best way to handle this is to execute the route -del command
within the root plugin or to ignore the error condition and simply go on
with the restart.
Openvpn-users mailing list