OpenVPN Support Forum

hi, im using raspberry pi with the following config file. The system will boot and and will connect to vpn and kicks off the transmission daemon. as soon as the connectivity/openvpn is down down.sh gets triggered and stops transmission.
problem im having is that up.sh gets triggered upon openvpn connectivity, but down.sh doesnt gets triggered when it is going down.

Here is the part of log.

Sat Jul 7 21:29:51 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Jul 7 21:29:51 2018 /sbin/ip link set dev tun0 up mtu 1500
Sat Jul 7 21:29:51 2018 /sbin/ip addr add dev tun0 10.8.8.70/24 broadcast 10.8.8.255
Sat Jul 7 21:29:51 2018 /etc/openvpn/up.sh tun0 1500 1553 10.8.8.70 255.255.255.0 init
Starting Transmission Torrent Downloading
localhost:9091/transmission/rpc/ responded: "success"
Sat Jul 7 21:29:51 2018 /sbin/ip route add 185.236.200.139/32 via 192.168.29.1
Sat Jul 7 21:29:51 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1
Sat Jul 7 21:29:51 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1
Sat Jul 7 21:29:51 2018 GID set to nogroup
Sat Jul 7 21:29:51 2018 UID set to nobody
Sat Jul 7 21:29:51 2018 Initialization Sequence Completed
Sat Jul 7 21:33:19 2018 [us1777.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Sat Jul 7 21:33:19 2018 /sbin/ip route del 185.236.200.139/32
RTNETLINK answers: Operation not permitted
Sat Jul 7 21:33:19 2018 ERROR: Linux route delete command failed: external program exited with error status: 2
Sat Jul 7 21:33:19 2018 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Jul 7 21:33:19 2018 ERROR: Linux route delete command failed: external program exited with error status: 2
Sat Jul 7 21:33:19 2018 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: Operation not permitted
Sat Jul 7 21:33:19 2018 ERROR: Linux route delete command failed: external program exited with error status: 2
Sat Jul 7 21:33:19 2018 Closing TUN/TAP interface
Sat Jul 7 21:33:19 2018 /sbin/ip addr del dev tun0 10.8.8.70/24
RTNETLINK answers: Operation not permitted
Sat Jul 7 21:33:19 2018 Linux ip addr del failed: external program exited with error status: 2
Sat Jul 7 21:33:20 2018 /etc/openvpn/down.sh tun0 1500 1553 10.8.8.70 255.255.255.0 init
Sat Jul 7 21:33:20 2018 WARNING: Failed running command (--up/--down): could not execute external program
Sat Jul 7 21:33:20 2018 Exiting due to fatal error



and here is the actual config file:
client
dev tun
proto udp4
remote 199.241.125.86 1194

remote 185.217.69.142 1194
remote 185.217.69.149 1194

remote 209.58.148.156 1194

remote 23.83.37.242 1194

remote 209.58.147.230 1194
remote 207.189.2.234 1194
remote 196.245.9.86 1194

remote 196.245.9.20 1194
remote 185.236.200.139 1194
resolv-retry infinite
remote-random
nobind


reneg-sec 0
tls-client
explicit-exit-notify 3
user nobody
group nogroup
remote-cert-tls server
keepalive 10 60


comp-lzo
verb 3

pull
fast-io
cipher AES-256-CBC
auth SHA512
script-security 2
disable-occ

log-append /var/log/openvpn.log
auth-user-pass /etc/openvpn/auth

up /etc/openvpn/up.sh
down /etc/openvpn/down.sh

by the way, i already made sure that
1. down.sh is runnable manually from the terminal
2.down.sh has the same owner and group permissions as up.sh

I am simulating the openvpn disconnect by unplugging the ethernet cable.

even though i remove the following settings from the config file, i have the same issue.
user nobody
group nogroup

ideas anyone..?

share your script ......

TinCanTech wrote: ↑

Wed Jul 11, 2018 9:38 pm

share your script ......

hi Tin, I have posted it in the original post. Are you looking for something else?

another one bites the dust ..

TinCanTech wrote: ↑

Fri Jul 13, 2018 7:34 pm

another one bites the dust ..

did i miss something?

kk0239 wrote: ↑

Sat Jul 14, 2018 3:01 pm

did i miss something?

TinCanTech wrote: ↑

Wed Jul 11, 2018 9:38 pm

share your script ......

kk0239 wrote: ↑

Fri Jul 13, 2018 6:10 pm

I have posted it in the original post

I do not see it ..

TinCanTech wrote: ↑

Sat Jul 14, 2018 3:16 pm

I do not see it ..

my bad...
================================================
Here is the down.sh:
#!/bin/sh

echo "Stopping Transmission Torrent Downloading"

transmission-remote --auth transmission:transmission --torrent all --stop
================================================
Here is up.sh:
#!/bin/sh

echo "Starting Transmission Torrent Downloading"

transmission-remote --auth transmission:transmission --torrent all --start
================================================
Here is the openvpn config file that im using.

client
dev tun
proto udp4
remote 199.241.125.86 1194

remote 185.217.69.142 1194
remote 185.217.69.149 1194

remote 209.58.148.156 1194

remote 23.83.37.242 1194

remote 209.58.147.230 1194
remote 207.189.2.234 1194
remote 196.245.9.86 1194

remote 196.245.9.20 1194
remote 185.236.200.139 1194
resolv-retry infinite
remote-random
nobind
reneg-sec 0
tls-client
explicit-exit-notify 3
remote-cert-tls server
keepalive 10 60

comp-lzo
verb 3

pull
fast-io
cipher AES-256-CBC
auth SHA512
script-security 2
disable-occ

log-append /var/log/openvpn.log
auth-user-pass /etc/openvpn/auth

up /etc/openvpn/up.sh
down /etc/openvpn/down.sh

---------------------------------------------------
made sure that
1. down.sh is able to be ran manually from the terminal
2.down.sh has the same owner and group permissions as up.sh

even though i have the following settings from the config file, i have the same issue.
user nobody
group nogroup

Here are the permissions on both the files...
-rwxr-xr-x 1 root root 136 Jul 7 16:21 down.sh
-rwxr-xr-x 1 root root 136 Jul 4 17:04 up.sh

kk0239 wrote: ↑

Sat Jul 14, 2018 5:02 pm

user nobody
group nogroup

You can not use these because your script will fail.


Or, you could try using the down-root plugin.
https://github.com/OpenVPN/openvpn/tree ... /down-root

TinCanTech wrote: ↑

Sat Jul 14, 2018 6:05 pm

Or, you could try using the down-root plugin.
https://github.com/OpenVPN/openvpn/tree ... /down-root

appreciate your time...
i tried down-root pluggin as suggested by replacing the down script in the config file. plugin /usr/lib/openvpn/openvpn-plugin-down-root.so /etc/openvpn/down.sh
I got this error this time....

Sat Jul 14 19:38:46 2018 /sbin/ip route add 207.189.2.234/32 via 192.168.29.1
Sat Jul 14 19:38:46 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1
Sat Jul 14 19:38:46 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1
Sat Jul 14 19:38:46 2018 Initialization Sequence Completed
Sat Jul 14 19:41:19 2018 event_wait : Interrupted system call (code=4)
Sat Jul 14 19:41:19 2018 SIGTERM received, sending exit notification to peer
Sat Jul 14 19:41:22 2018 /sbin/ip route del 207.189.2.234/32
Sat Jul 14 19:41:22 2018 /sbin/ip route del 0.0.0.0/1
Sat Jul 14 19:41:22 2018 /sbin/ip route del 128.0.0.0/1
openvpn: DOWN-ROOT: Failed execute: /etc/openvpn/down.sh: Exec format error
DOWN-ROOT: BACKGROUND: /etc/openvpn/down.sh exited with exit code 32512
Sat Jul 14 19:41:22 2018 PLUGIN_CALL: POST /usr/lib/openvpn/openvpn-plugin-down-root.so/PLUGIN_DOWN status=1
Sat Jul 14 19:41:22 2018 PLUGIN_CALL: plugin function PLUGIN_DOWN failed with status 1: /usr/lib/openvpn/openvpn-plugin-down-root.so
Sat Jul 14 19:41:22 2018 ERROR: up/down plugin call failed
Sat Jul 14 19:41:22 2018 Exiting due to fatal error

does this error have to do with permissions on down.sh file?

kk0239 wrote: ↑

Sat Jul 14, 2018 7:50 pm

DOWN-ROOT: BACKGROUND: /etc/openvpn/down.sh exited with exit code 32512

Openvpn is calling your script and it exits with what looks like an error code.

TinCanTech wrote: ↑

Sun Jul 15, 2018 5:55 pm

Openvpn is calling your script and it exits with what looks like an error code.

Any suggestions on how i can track this down? tried looking up, but not getting a breakthough

down.sh is pretty straight forward... If openvpn is able to call it, this should be a straight fwd to be executed..

pulling my hair out.. (sorry, still my initial days with *NIX systems)

Anyone?

Sent from my SM-G950U using Tapatalk