Hi, interesting. We should have seen this before then because this parameter was added to the configuration file ages ago. Is there a chance that OpenVPN has changed the parameters those scripts are called with? No matter what, we will need a wrapper script that will accept all those parameters, probably not care much about them and then call /etc/init.d/static-routes. I will revert the patch for now then, so that we have some time to work on a solution. Best, -Michael > On 26 Nov 2020, at 11:13, ummeegge wrote: > > Hi all, > during some testings with N2N ciphers, i recognized a strange behavior > with this patch, the 'up /etc/init.d/static-routes start' command but > only with client connections. The complete network went down while > starting the connection and nothing was reachable anymore. The last > line in messages was > > Nov 25 23:53:21 ipfire-prime testcryptn2n[12261]: /etc/init.d/static- > routes start tun1 1500 1573 10.123.123.2 10.123.123.1 init > > and from there on the screen freezes. The WUI was not reachable anymore > and SSH delivers a > > ssh: connect to host 192.168.123.1 port 222: No route to host > > have had no problems with the N2N TLS-Server which starts without > problems but the N2N TLS-Client crashed, even if no static route has > been defined, the whole network/routing. > > Am not sure what causes this but i would strongly recommend to revert > this patch from origin/next !!! > > May someone else can check this patch too ? > > Best regards, > > Erik > > > Am Mittwoch, den 11.11.2020, 18:12 +0000 schrieb ummeegge: >> Fixes: #12529 >> >> - If a client N2N configuration will be imported into IPFire systems, >> a line will be added which calls the --up script to restart the >> static route initscript. Since this is IPFire specific, i will only >> be >> added via import on IPFire system. >> - Deleted unneeded line in CLIENTCONF section. >> - Added description to SERVERCONF section. >> >> Signed-off-by: ummeegge >> --- >> html/cgi-bin/ovpnmain.cgi | 8 +++++++- >> 1 file changed, 7 insertions(+), 1 deletion(-) >> >> diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi >> index 8626a94ca..44cb48996 100644 >> --- a/html/cgi-bin/ovpnmain.cgi >> +++ b/html/cgi-bin/ovpnmain.cgi >> @@ -953,6 +953,7 @@ unless(-d >> "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir >> "${General >> print SERVERCONF "ifconfig $ovsubnet.1 $ovsubnet.2\n"; >> print SERVERCONF "# Client Gateway Network\n"; >> print SERVERCONF "route $remsubnet[0] $remsubnet[1]\n"; >> + print SERVERCONF "# Call up script for static routes\n"; >> print SERVERCONF "up \"/etc/init.d/static-routes start\"\n"; >> print SERVERCONF "# tun Device\n"; >> print SERVERCONF "dev tun\n"; >> @@ -1052,7 +1053,6 @@ unless(-d >> "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir >> "${General >> print CLIENTCONF "ifconfig $ovsubnet.2 $ovsubnet.1\n"; >> print CLIENTCONF "# Server Gateway Network\n"; >> print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n"; >> - print CLIENTCONF "up \"/etc/init.d/static-routes start\"\n"; >> print CLIENTCONF "# tun Device\n"; >> print CLIENTCONF "dev tun\n"; >> print CLIENTCONF "#Logfile for statistics\n"; >> @@ -3333,6 +3333,12 @@ END >> print FILE "status /var/run/openvpn/$n2nname[0]-n2n 10\n"; >> close FILE; >> >> + # Add static route command to client configuration >> + open(FILE, ">> $tempdir/$uplconffilename") or die 'Unable to >> open config file.'; >> + print FILE "# Call up script for static routes\n"; >> + print FILE "up \"/etc/init.d/static-routes start\"\n"; >> + close FILE; >> + >> move("$tempdir/$uplconffilename", >> "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2"); >> >> if ($? ne 0) { > >