> # start openvpn > # > if [ -x /usr/local/sbin/openvpn ]; then > /usr/local/sbin/openvpn --config /opt/openvpn-2.0/server.conf && > echo 'opening openvpn server...' & > else > echo 'ERROR: cannot start openvpn; file /usr/local/sbin/openvpn is missing.' > fi
Don't start openvpn there. Stick it in your /etc/hostname.tunX file like so: up !/usr/local/sbin/openvpn --daemon openvpn --config /opt/openvpn-2.0/server.conf The reason being, is when OpenVPN starts, it destroys then recreates the tun interface, which makes pf throw a wobbler. I ran into this problem too. It also made other weird stuff happen, like pfctl -vsq showing an invalid file descriptor. Sticking it in the hostname.tun* file sorts that problem out. (I think this should be documented somewhere, maybe in the OpenBSD FAQ) Tom
