ovalcoconut
Dabbler
- Joined
- Feb 11, 2018
- Messages
- 12
Running 11.3-U1 newly updated from 11.2-U8 posted here first
Background
I had a running warden jail with transmission and openvpn (with PIA) for awhile on 11.1 using this guide then later I updated to 11.2 and I didn't bother migrating the jail from warden to iocage as it was still working.
I was having permissions issues in a separate (iocage) jail that I couldn't narrow down (Completely unrelated issue, solved now). I thought that updating the jail may fix it, it did not. I thought updating the host would solve it, it did not.
Upon updating to 11.3 I realize that warden had been removed completely, killing my working jail. -- "Oh well, I can just rebuild it in iocage now, good learning experience."
I read a bit of this guide in the transmission section to plan my moves.
The new guide doesn't have any notes on openvpn setup, so I fell back onto the old guide, which should do fine as it's pretty much just config files.
The Issue
I haven't even gotten to setting up the firewall as I can't get openvpn to start due to issues with creating/unhiding tun0
/var/log/messages:
I tried just starting openvpn not as a service and I get this:
note the extra line: *ifconfig: interface tun0 does not exist*
which is accurate, here's ifconfig:
More recently in the guide I used back in 11.1 I found this thread where apparently using
but I'm not that fortunate:
It was already set when I built the jail.
But in the new guide there's that line
Yes of course, but what if it's already applied?
oh.
"Well maybe I can just make one"
Well there's where I stand, tun0 is missing/hidden/shy and I'm stuck unable to run openvpn. I may try again from scratch in a day or two and see if I can get it working.
Anyone have any ideas? At the moment, all of mine are spent.
I'm assuming that I've missed a critical step somewhere, or perhaps my understanding of the problem is flawed. Another perspective would be appreciated.
Background
I had a running warden jail with transmission and openvpn (with PIA) for awhile on 11.1 using this guide then later I updated to 11.2 and I didn't bother migrating the jail from warden to iocage as it was still working.
I was having permissions issues in a separate (iocage) jail that I couldn't narrow down (Completely unrelated issue, solved now). I thought that updating the jail may fix it, it did not. I thought updating the host would solve it, it did not.
Upon updating to 11.3 I realize that warden had been removed completely, killing my working jail. -- "Oh well, I can just rebuild it in iocage now, good learning experience."
I read a bit of this guide in the transmission section to plan my moves.
The new guide doesn't have any notes on openvpn setup, so I fell back onto the old guide, which should do fine as it's pretty much just config files.
The Issue
I haven't even gotten to setting up the firewall as I can't get openvpn to start due to issues with creating/unhiding tun0
/var/log/messages:
Code:
Mar 23 16:17:27 transmission openvpn[98848]: OpenVPN 2.4.8 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jan 31 2020
Mar 23 16:17:27 transmission openvpn[98848]: library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
Mar 23 16:17:27 transmission openvpn[98849]: TCP/UDP: Preserving recently used remote address: [AF_INET]174.128.243.98:1198
Mar 23 16:17:27 transmission openvpn[98849]: UDP link local: (not bound)
Mar 23 16:17:27 transmission openvpn[98849]: UDP link remote: [AF_INET]174.128.243.98:1198
Mar 23 16:17:27 transmission openvpn[98849]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 23 16:17:27 transmission openvpn[98849]: [7a0de1d2acfc5854c5330e7aeb0c3fb8] Peer Connection Initiated with [AF_INET]174.128.243.98:1198
Mar 23 16:17:28 transmission openvpn[98849]: TUN/TAP device /dev/tun0 opened
Mar 23 16:17:28 transmission openvpn[98849]: /sbin/ifconfig tun0 10.36.11.6 10.36.11.5 mtu 1500 netmask 255.255.255.255 up
Mar 23 16:17:28 transmission openvpn[98849]: FreeBSD ifconfig failed: external program exited with error status: 1
Mar 23 16:17:28 transmission openvpn[98849]: Exiting due to fatal error
Mar 23 16:52:41 transmission openvpn[3985]: OpenVPN 2.4.8 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jan 31 2020
Mar 23 16:52:41 transmission openvpn[3985]: library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
Mar 23 16:52:41 transmission openvpn[3986]: TCP/UDP: Preserving recently used remote address: [AF_INET]174.128.245.106:1198
Mar 23 16:52:41 transmission openvpn[3986]: UDP link local: (not bound)
Mar 23 16:52:41 transmission openvpn[3986]: UDP link remote: [AF_INET]174.128.245.106:1198
Mar 23 16:52:41 transmission openvpn[3986]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 23 16:52:41 transmission openvpn[3986]: [67a92ac75cf9e2c6aced3b82e01bc951] Peer Connection Initiated with [AF_INET]174.128.245.106:1198
Mar 23 16:52:43 transmission openvpn[3986]: TUN/TAP device /dev/tun0 opened
Mar 23 16:52:43 transmission openvpn[3986]: /sbin/ifconfig tun0 10.72.10.6 10.72.10.5 mtu 1500 netmask 255.255.255.255 up
Mar 23 16:52:43 transmission openvpn[3986]: FreeBSD ifconfig failed: external program exited with error status: 1
Mar 23 16:52:43 transmission openvpn[3986]: Exiting due to fatal error
I tried just starting openvpn not as a service and I get this:
Code:
Mon Mar 23 16:57:37 2020 OpenVPN 2.4.8 amd64-portbld-freebsd11.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jan 31 2020
Mon Mar 23 16:57:37 2020 library versions: OpenSSL 1.0.2o-freebsd 27 Mar 2018, LZO 2.10
Mon Mar 23 16:57:37 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]174.128.243.106:1198
Mon Mar 23 16:57:37 2020 UDP link local: (not bound)
Mon Mar 23 16:57:37 2020 UDP link remote: [AF_INET]174.128.243.106:1198
Mon Mar 23 16:57:37 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Mar 23 16:57:37 2020 [8c51f84393f1075e9e60f027aee3b712] Peer Connection Initiated with [AF_INET]174.128.243.106:1198
Mon Mar 23 16:57:38 2020 TUN/TAP device /dev/tun0 opened
Mon Mar 23 16:57:38 2020 /sbin/ifconfig tun0 10.41.10.10 10.41.10.9 mtu 1500 netmask 255.255.255.255 up
ifconfig: interface tun0 does not exist
Mon Mar 23 16:57:38 2020 FreeBSD ifconfig failed: external program exited with error status: 1
Mon Mar 23 16:57:38 2020 Exiting due to fatal error
note the extra line: *ifconfig: interface tun0 does not exist*
which is accurate, here's ifconfig:
Code:
root@transmission:~ # ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:60:03:aa:47
hwaddr 02:80:d0:00:0b:0b
inet 192.168.1.23 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
root@transmission:~ #
More recently in the guide I used back in 11.1 I found this thread where apparently using
iocage set allow_tun=1 transmission would fix my problem... but I'm not that fortunate:
Code:
root@BlargNAS:~ # iocage set allow_tun=1 transmission
allow_tun: 1 -> 1
root@BlargNAS:~ #
It was already set when I built the jail.
iocage create -n "transmission" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.23/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on" allow_tun="1"But in the new guide there's that line
devfs rule -s 4 add path 'tun*' unhide that should make tun devices available in my iocage jail right‽ Yes of course, but what if it's already applied?
Code:
root@BlargNAS:~ # devfs rule -s 4 show
100 include 1
200 include 2
300 include 3
400 path zfs unhide
500 path tun* unhide
root@BlargNAS:~ #
oh.
"Well maybe I can just make one"
Code:
root@transmission:~ # ifconfig tun0
ifconfig: interface tun0 does not exist
root@transmission:~ # ifconfig tun0 create
ifconfig: SIOCIFCREATE2: File exists
root@transmission:~ #
Well there's where I stand, tun0 is missing/hidden/shy and I'm stuck unable to run openvpn. I may try again from scratch in a day or two and see if I can get it working.
Anyone have any ideas? At the moment, all of mine are spent.
I'm assuming that I've missed a critical step somewhere, or perhaps my understanding of the problem is flawed. Another perspective would be appreciated.
