This works fine - the VPN comes up, and if I then manually run the below on the client machine, once the VPN is up, then a bridge interface br0 is created, and I have exactly the setup I need.
However, if I run this script automatically once the VPN is up by adding:
script-security 2
up "/etc/openvpn/up.sh"
To the client config, then although there are apparently no errors, and the bridge interface is created, I loose all connectivity of any kind across the VPN. This is the case even if I add an arbitrary delay to the "up.sh" script. Can anyone suggest what it is that differs between me running this bridge script manually (which works) as opposed to as part of the openvpn config file (which doesn't)
Code: Select all
#!/bin/bash
bridge="br0" # The bridge we want to create
tap="tap0" # The VPN endpoint
eth="eth1" # The physical interface we want to bridge
if [[ ! $(/sbin/ifconfig $tap 2>/dev/null) ]]; then
echo TAP is not active, quitting...
exit
fi
default_route=$(/bin/ip r | /usr/bin/awk '/^default/ {print $3}')
default_if=$(/bin/ip r | /usr/bin/awk '/^default/ {print $5}')
echo Creating bridge interface $bridge...
/sbin/ifconfig $bridge down 2>/dev/null
/sbin/brctl delbr $bridge 2>/dev/null
/sbin/brctl addbr $bridge
echo Adding TAP interface $eth to bridge $bridge...
/sbin/brctl addif $bridge $tap
echo Adding Ethernet interface $eth to bridge $bridge...
/sbin/brctl addif $bridge $eth
echo Creating interface down symbolic link...
ln -s /sbin/bridge-stop /etc/sysconfig/network/scripts/ifdown-$bridge 2>/dev/null
exit 0