sysctl not persistent, startup script not running

[scurrier]

I've been trying to get OpenVPN running on my FreeNAS experiment box and have been having a hell of a time with it. I already have it running on Windows but I've had numerous problems on FreeNAS. Here are the most recent problems if anyone can help with them.

1. sysctl set in GUI not persistent through reboots
In order to get OpenVPN to forward packets received on the tun device to the physical ethernet re0, I found out I need to set the sysctl net.inet.ip.forwarding to 1. When I do this in the GUI, it will take when I first hit "OK" on the dialog box, which I verify by doing at the command line:

Code:

[root@freenas] ~# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding: 1

But then when I reboot, it does not persist even though I can still see the sysctl in the GUI.

The FreeNAS manual and wiki state that sysctls are supposed to be persistent through reboots. What's going on here?

2. My simple startup script isn't running
I have a simple startup script intended to start openvpn. Here it is, "startup_openvpn.sh":

Code:

#!/bin/sh
cd /mnt/openvpn
openvpn server.conf

/mnt/openvpn/server.conf is the config file for openvpn.
openvpn is in PATH.
/mnt/openvpn/startup_openvpn.sh is where the script is located.

I used the GUI to select this script as a "post init" script. But it's not starting openvpn. What am I missing?

3. When I start OpenVPN manually, I can connect from my Android phone and I can see local subnet resources through it, but cannot load the FreeNAS GUI or other HTTPS resources via Chrome. I can ping the machines, though. I just get the page where chrome tells me that the certificate is not from a trusted resource, but then I can't get past that to load the page. I am using port 1194 for FreeNAS. Any ideas?

4. Not so much a problem as a question. Are these the cleanest way to reboot or shutdown FreeNAS?
shutdown -r now
shutdown now
There's a million commands for this and the man pages don't help me understand what the differences are.

 

[dlavigne]

Regarding #1, please create a bug report at bugs.freenas.org and post the issue number here.

Regarding #2, this may also be a separate bug report. First, double-check that the script is executable, and that Script and Post Init are selected in the GUI. If the script still isn't running, post a separate bug report and post the issue number here.

Regarding #3, some users have had issues with Chrome. If clearing the cache and cookies doesn't fix it, try firefox instead.

 

[Dusan]

4. Not so much a problem as a question. Are these the cleanest way to reboot or shutdown FreeNAS?
shutdown -r now
shutdown now
There's a million commands for this and the man pages don't help me understand what the differences are.

The FreeNAS GUI uses "shutdown -r now" to reboot the system and "shutdown -p now" to shutdown.

 

[scurrier]

For issue #1, I present to you, bug 4038:
https://bugs.freenas.org/issues/4038

 

[scurrier]

I'm afraid to submit a bug on number 2 because this is my first script and I am probably doing something wrong. Number 1 was so simple that I can't imagine having done anything wrong. Although, both of these bugs seem to be related to startup-type things, hmm.

Here's more details on the 2nd issue.

I made a directory for storing my openvpn files. This shows me listing the directory and, the script (startup_openvpn.sh) and the permissions (which include execute for all).

Code:

[root@freenas] ~# cd /mnt/openvpn
[root@freenas] /mnt/openvpn# ls
./                  ipp.txt              sample-config-files/
../                  openvpn-status.log  server.conf
client.ovpn          openvpn-status.log:  startup_openvpn.sh*
easy-rsa/            openvpn.log
[root@freenas] /mnt/openvpn# ls -l startup_openvpn.sh
-rwxr-xr-x  1 root  wheel  46 Jan 26 22:01 startup_openvpn.sh*

Here's the whole script

Code:

#!/bin/sh
cd /mnt/openvpn
openvpn server.conf

And here's what the GUI setting looks like.

When I run the script from the command line as root, it works fine:

 

[Dusan]

I made a directory for storing my openvpn files. This shows me listing the directory and, the script (startup_openvpn.sh) and the permissions (which include execute for all).

Is /mnt/openvpn a volume or really just a directory created via mkdir? /mnt itself is a tiny ramdisk and will not survive a reboot.

 

[scurrier]

#1 turned out to be that you need to set the gateway_enable variable in rc.conf. View the bug report for more info. It wasn't a bug.

 

[scurrier]

3. When I start OpenVPN manually, I can connect from my Android phone and I can see local subnet resources through it, but cannot load the FreeNAS GUI or other HTTPS resources via Chrome. I can ping the machines, though. I just get the page where chrome tells me that the certificate is not from a trusted resource, but then I can't get past that to load the page. I am using port 1194 for FreeNAS. Any ideas?

FIXED! After about 20 hours of beating my head against this one, I figured out that my TMobile phone was using ipv6 for the APN settings instead of ipv4/ipv6. Christ, that one was a doosy to figure out. I WILL BEND THIS SYSTEM TO MY WILL!

Credit to the gentleman in this thread for posting a fix for this.
http://support.t-mobile.com/thread/60804
Just to mirror the fix here for future reference, you need to do the following on your android phone:
Open Settings > Wireless & Networks > More... > Mobile networks > Access Point Names > T-Mobile GPRS (fast.t-mobile.com) > APN protocol, and change the selection from IPv6 to IPv4/IPv6.

 

[scurrier]

Dusan,
openvpn is a dataset that I created via the ZFS manager.

I can't remember how I mounted it, it was so many hours of messing with this system ago. I might have just gotten lucky by typing something like "mount openvpn" and then getting the result I wanted. Not what I'd do on my final machine but this is just an experiment box to learn on.

So, I'm pretty sure /mnt/openvpn is a legit volume, but how would I check what you're suggesting?

I can tell you, it definitely survives reboots, because I have copied the easy-rsa files in there and store my openvpn config files there too.

Thanks for your help.

 

[Dusan]

Could you please post output of:
zpool list
zfs list
mount
cat /etc/fstab

 

[scurrier]

Code:

[root@freenas] ~# zpool list
NAME      SIZE  ALLOC  FREE    CAP  DEDUP  HEALTH  ALTROOT
openvpn  230G  1.48M  230G    0%  1.00x  ONLINE  /mnt
 
 
[root@freenas] ~# zfs list
NAME      USED  AVAIL  REFER  MOUNTPOINT
openvpn  1.42M  226G  1.02M  /mnt/openvpn
 
 
[root@freenas] ~# mount
/dev/ufs/FreeNASs1a on / (ufs, local, read-only)
devfs on /dev (devfs, local, multilabel)
/dev/md0 on /etc (ufs, local)
/dev/md1 on /mnt (ufs, local)
/dev/md2 on /var (ufs, local)
/dev/ufs/FreeNASs4 on /data (ufs, local, noatime, soft-updates)
openvpn on /mnt/openvpn (zfs, local, nfsv4acls)
 
 
[root@freenas] ~# cat /etc/fstab
/dev/ufs/FreeNASs1a / ufs ro 1 1
/dev/ufs/FreeNASs3 /cfg ufs rw,noauto 2 2
/dev/ufs/FreeNASs4 /data ufs rw,noatime 2 2
/dev/ada1p1.eli none                    swap            sw              0      0

 

[Dusan]

Can you try to change the last line of your script to:
openvpn server.conf &

 

[scurrier]

Dusan,
I tried your suggestion but it didn't work. Any other ideas?