From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-la0-x22e.google.com (mail-la0-x22e.google.com [IPv6:2a00:1450:4010:c03::22e]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id D9C8B21F236 for ; Thu, 2 Oct 2014 19:21:26 -0700 (PDT) Received: by mail-la0-f46.google.com with SMTP id gi9so276903lab.5 for ; Thu, 02 Oct 2014 19:21:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aenertia.net; s=dkimaenertianet; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=8E7eY3K7xBW2JtZkenpUIcJiuKkAE/OpIh/9HeuNV/U=; b=MHXr1QbTMSCqFP1w4wa0SwKB+6oA8jjheEtDCGRatzRYshT1v4eFM/+xwmCB6OdeCl Tn7ahNToiIdm9E6xFA1GnHR6/3yjsSwquXTqZYWmqKRZNpUDtUhJ6zh7KfGKcPIwooJt 1U47rkWIS9hwSjsmB48JVjeGGjjVwaqJFWfUk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=8E7eY3K7xBW2JtZkenpUIcJiuKkAE/OpIh/9HeuNV/U=; b=fapUPSXCZXuXrd2DL3uDc4TCjhK1VwCWI0GJ/cAYcoHE84It4rTDRzDceOlf8KsLpc HiBtz0eLJoZgN0xA3+8vO/f/DyYPRRY9Cb5Qs6oK2OYm17BjTHo0nc+NnfqaxCH0R/mc 4fhEO1UdWnYXlDE4P+ITwShV2AtTP4BdJkbC752x5QFn56holOL6+f4LFA2BL4EJ/u3P 0moVB2Mc0tDYgkU4o/NVc7P6u0Rmn0XqkMHhwWFZPR1Szg9XmorY2W/Tz9uZj0PtasI2 SxcajJpLPmc4NjcgKsOGSmcQ8Wo6CljwSgo7CGOGnVjuMcAkLVoLkNNk0RPSq96nsYob nOFg== X-Gm-Message-State: ALoCoQm14pmie6VmvsYN0FedUMlW9U2b4RN7rdPuIICXVPa+GCKniEttpjUoY9daFKjkrGFqiy08 X-Received: by 10.152.198.204 with SMTP id je12mr2550439lac.52.1412302883818; Thu, 02 Oct 2014 19:21:23 -0700 (PDT) MIME-Version: 1.0 Sender: aenertia@aenertia.net Received: by 10.25.16.220 with HTTP; Thu, 2 Oct 2014 19:21:03 -0700 (PDT) In-Reply-To: <542E06E6.5050102@eggo.org> References: <542DFCCA.7080708@eggo.org> <542E06E6.5050102@eggo.org> From: =?UTF-8?Q?Joel_Wir=C4=81mu_Pauling?= Date: Fri, 3 Oct 2014 15:21:03 +1300 X-Google-Sender-Auth: BJZ-JSjoKsQbR3LB21lvZASA2Qs Message-ID: To: "Eric S. Johansson" Content-Type: text/plain; charset=UTF-8 Cc: cerowrt-devel Subject: Re: [Cerowrt-devel] vpn fw question X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Oct 2014 02:21:55 -0000 In Cerowrt the various net devices have been relabeled; as per here : http://www.bufferbloat.net/projects/cerowrt/wiki/Device_naming_scheme I usually add a new device via Luci (call it somethingvpn) and select custom device (tap0 or tun0). Than add a new Firewall zone (VPN) I tend to edit the /etc/config/openvpn and just point it at a custom config (and set that entry to enabled). Reboot and then fiddle the firewall zone forwarding mappings as appropriate. Remember that unless you are going to be advertising routes on cerowrt to your internet clients you will actually want to set the vpn zone as masqueraded. -Joel On 3 October 2014 15:16, Eric S. Johansson wrote: > > On 10/2/2014 10:02 PM, Dave Taht wrote: >> >> You just add the appropriate commands to /etc/config/openvpn, or so I >> thought. > > one would think. I'll have to try backfitting my .ovpn config into uci. see > of that changes anything > >> logread dmesg > > Thu Oct 2 21:58:59 2014 daemon.notice netifd: wan6 (12721): Command failed: > Unknown error > > not what I'm looking for but if you can give me a hint of where to start > looking, I'll take a stab at fixing it. yes, I'm reading up on netifd. :-) > still haven't found an explanation for the @ge00. > > > > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel