Hallo,
ich habe in letzter Zeit versucht bei OSMC eine OpenVPN Bridge einzurichten. Das Problem ist es funktioniert nicht. Beim start vom Pi 2 kommt immer die Fehlermeldung:
Jul 15 16:20:41 osmc networking[185]: Configuring network interfaces...done.
Jul 15 16:20:41 osmc avahi-daemon[240]: Found user 'avahi' (UID 105) and group 'avahi' (GID 108).
Jul 15 16:20:41 osmc avahi-daemon[240]: Successfully dropped root privileges.
Jul 15 16:20:41 osmc avahi-daemon[240]: avahi-daemon 0.6.31 starting up.
Jul 15 16:20:41 osmc ovpn-udp[238]: OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec 1 2014
Jul 15 16:20:41 osmc ovpn-udp[238]: library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Jul 15 16:20:41 osmc ovpn-udp[238]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 15 16:20:41 osmc ovpn-udp[238]: Diffie-Hellman initialized with 1024 bit key
Jul 15 16:20:41 osmc ovpn-udp[238]: WARNING: file '/etc/openvpn/server.key' is group or others accessible
Jul 15 16:20:41 osmc ovpn-udp[238]: WARNING: file '/etc/openvpn/static.key' is group or others accessible
Jul 15 16:20:41 osmc ovpn-udp[238]: Control Channel Authentication: using '/etc/openvpn/static.key' as a OpenVPN static key file
Jul 15 16:20:41 osmc ovpn-udp[238]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Jul 15 16:20:41 osmc ovpn-udp[238]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Jul 15 16:20:41 osmc ovpn-udp[238]: Socket Buffers: R=[163840->131072] S=[163840->131072]
Jul 15 16:20:41 osmc ovpn-udp[238]: TUN/TAP device tap0 opened
Jul 15 16:20:41 osmc ovpn-udp[238]: TUN/TAP TX queue length set to 100
Jul 15 16:20:41 osmc ovpn-udp[238]: /etc/openvpn/bridge-start.sh tap0 1500 1589 init
Jul 15 16:20:41 osmc openvpn[238]: Wed Jul 15 16:20:41 2015 ERROR: Cannot ioctl TUNSETIFF tap0: Device or resource busy (errno=16)
Jul 15 16:20:41 osmc openvpn[238]: Wed Jul 15 16:20:41 2015 Exiting due to fatal error
Jul 15 16:20:41 osmc avahi-daemon[240]: Joining mDNS multicast group on interface br0.IPv4 with address 192.168.10.21.
Jul 15 16:20:41 osmc avahi-daemon[240]: New relevant interface br0.IPv4 for mDNS.
Jul 15 16:20:41 osmc avahi-daemon[240]: Registering new address record for 192.168.10.21 on br0.IPv4.
Jul 15 16:20:41 osmc ovpn-udp[277]: GID set to openvpn
Jul 15 16:20:41 osmc ovpn-udp[277]: UID set to openvpn
Jul 15 16:20:41 osmc ovpn-udp[277]: UDPv4 link local (bound): [undef]
Jul 15 16:20:41 osmc ovpn-udp[277]: UDPv4 link remote: [undef]
Jul 15 16:20:41 osmc ovpn-udp[277]: MULTI: multi_init called, r=256 v=256
Jul 15 16:20:41 osmc ovpn-udp[277]: Initialization Sequence Completed
Jul 15 16:20:41 osmc connmand[244]: Connection Manager version 1.29
Jul 15 16:20:41 osmc performance_tuner[286]: performance
Jul 15 16:20:41 osmc avahi-daemon[240]: Withdrawing address record for 192.168.10.21 on br0.
Jul 15 16:20:41 osmc avahi-daemon[240]: Leaving mDNS multicast group on interface br0.IPv4 with address 192.168.10.21.
Jul 15 16:20:41 osmc avahi-daemon[240]: Interface br0.IPv4 no longer relevant for mDNS.
Jul 15 16:20:42 osmc connmand[244]: Checking loopback interface settings
Jul 15 16:20:42 osmc connmand[244]: Failed to open RFKILL control device
Jul 15 16:20:42 osmc connmand[244]: lo {newlink} index 1 address 00:00:00:00:00:00 mtu 65536
Jul 15 16:20:42 osmc connmand[244]: lo {newlink} index 1 operstate 0 <UNKNOWN>
Jul 15 16:20:42 osmc connmand[244]: eth0 {create} index 2 type 1 <ETHER>
Jul 15 16:20:42 osmc connmand[244]: eth0 {update} flags 4355 <UP>
Jul 15 16:20:42 osmc connmand[244]: eth0 {newlink} index 2 address B8:27:EB:4B:44:83 mtu 1500
Jul 15 16:20:42 osmc connmand[244]: eth0 {newlink} index 2 operstate 2 <DOWN>
Jul 15 16:20:42 osmc connmand[244]: Adding interface eth0 [ ethernet ]
Jul 15 16:20:42 osmc connmand[244]: tap0 {create} index 3 type 1 <ETHER>
Jul 15 16:20:42 osmc connmand[244]: tap0 {RX} 0 packets 0 bytes
Jul 15 16:20:42 osmc connmand[244]: tap0 {TX} 9 packets 1619 bytes
Jul 15 16:20:42 osmc connmand[244]: tap0 {update} flags 69955 <UP,RUNNING,LOWER_UP>
Jul 15 16:20:42 osmc connmand[244]: tap0 {newlink} index 3 address DA:67:CC:71:72:B2 mtu 1500
Jul 15 16:20:42 osmc connmand[244]: tap0 {newlink} index 3 operstate 0 <UNKNOWN>
Jul 15 16:20:42 osmc connmand[244]: Skipping disconnect of carrier, network is connecting.
Jul 15 16:20:42 osmc connmand[244]: Adding interface tap0 [ ethernet ]
Jul 15 16:20:42 osmc connmand[244]: br0 {create} index 4 type 1 <ETHER>
Jul 15 16:20:42 osmc connmand[244]: br0 {RX} 0 packets 0 bytes
Jul 15 16:20:42 osmc connmand[244]: br0 {TX} 6 packets 1361 bytes
Jul 15 16:20:42 osmc connmand[244]: br0 {update} flags 36866 <DOWN>
Jul 15 16:20:42 osmc connmand[244]: br0 {newlink} index 4 address B8:27:EB:4B:44:83 mtu 1500
Jul 15 16:20:42 osmc connmand[244]: br0 {newlink} index 4 operstate 2 <DOWN>
Jul 15 16:20:42 osmc connmand[244]: tap0 {del} route fe80:: gw :: scope 0 <UNIVERSE>
Jul 15 16:20:42 osmc rpcbind[317]: Starting rpcbind daemon....
Jul 15 16:20:42 osmc connmand[244]: eth0 {add} route fe80:: gw :: scope 0 <UNIVERSE>
Jul 15 16:20:42 osmc connmand[244]: eth0 {update} flags 69955 <UP,RUNNING,LOWER_UP>
Jul 15 16:20:42 osmc connmand[244]: eth0 {newlink} index 2 address B8:27:EB:4B:44:83 mtu 1500
Jul 15 16:20:42 osmc connmand[244]: eth0 {newlink} index 2 operstate 6 <UP>
Jul 15 16:20:42 osmc connmand[244]: Skipping disconnect of carrier, network is connecting.
Jul 15 16:20:42 osmc avahi-daemon[240]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.10.21.
Jul 15 16:20:42 osmc avahi-daemon[240]: New relevant interface eth0.IPv4 for mDNS.
Jul 15 16:20:42 osmc avahi-daemon[240]: Registering new address record for 192.168.10.21 on eth0.IPv4.
Jul 15 16:20:43 osmc connmand[244]: eth0 {newlink} index 2 address B8:27:EB:4B:44:83 mtu 1500
Jul 15 16:20:43 osmc connmand[244]: eth0 {newlink} index 2 operstate 6 <UP>
Jul 15 16:20:43 osmc connmand[244]: eth0 {add} address 192.168.10.21/24 label eth0 family 2
Jul 15 16:20:43 osmc connmand[244]: eth0 {add} route 192.168.10.0 gw 0.0.0.0 scope 253 <LINK>
Jul 15 16:20:43 osmc connmand[244]: eth0 {add} route 192.168.10.1 gw 0.0.0.0 scope 253 <LINK>
Jul 15 16:20:43 osmc connmand[244]: eth0 {add} route 77.109.128.2 gw 192.168.10.1 scope 0 <UNIVERSE>
Jul 15 16:20:43 osmc connmand[244]: eth0 {add} route 0.0.0.0 gw 192.168.10.1 scope 0 <UNIVERSE>
Jul 15 16:20:43 osmc connmand[244]: eth0 {del} route fe80:: gw :: scope 0 <UNIVERSE>
Jul 15 16:20:48 osmc connmand[244]: Online check failed for 0x45c5d0 Wired
Jul 15 16:21:21 osmc avahi-daemon[240]: Joining mDNS multicast group on interface tap0.IPv4 with address 169.254.193.26.
Jul 15 16:21:21 osmc avahi-daemon[240]: New relevant interface tap0.IPv4 for mDNS.
Jul 15 16:21:21 osmc avahi-daemon[240]: Registering new address record for 169.254.193.26 on tap0.IPv4.
Jul 15 16:21:21 osmc connmand[244]: rp_filter set to 2 (loose mode routing), old value was 0
Jul 15 16:21:21 osmc connmand[244]: tap0 {add} address 169.254.193.26/16 label tap0 family 2
Jul 15 16:21:21 osmc connmand[244]: tap0 {add} route 169.254.0.0 gw 0.0.0.0 scope 253 <LINK>
Jul 15 16:21:32 osmc networking[185]: Configuring network interfaces...done.
Jul 15 16:21:32 osmc avahi-daemon[240]: Found user 'avahi' (UID 105) and group 'avahi' (GID 108).
Jul 15 16:21:32 osmc avahi-daemon[240]: Successfully dropped root privileges.
Jul 15 16:21:32 osmc avahi-daemon[240]: avahi-daemon 0.6.31 starting up.
Meine interfaces sieht so aus:
# interfaces(5) file used by ifup(8) and ifdown(8)
#auto lo
#iface lo inet loopback
#auto eth0
# dhcp configuration
# iface eth0 inet dhcp
# static ip configuration
allow-hotplug eth0
iface eth0 inet static
address 192.168.10.21
netmask 255.255.255.0
gateway 192.168.10.1
network 192.168.10.0
broadcast 192.168.10.255
dns-nameservers 77.109.128.2
bridge_ports all
Und die Config:
mode server
script-security 2 up
up /etc/openvpn/bridge-start.sh
proto udp
port 1194
dev tap0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
tls-auth /etc/openvpn/static.key 0
tls-server
max-clients 3
tun-mtu 1500
mssfix float
verb 3
reneg-sec 21600
cipher AES-128-CBC
keepalive 10 120
persist-tun
persist-key
user openvpn
group openvpn
resolv-retry infinite
client-to-client
Normalerweise ist die interfaces bei OSMC leer, aber auch das bringt micht nicht wirklich weiter. Es wird immer nur ein Tap0 erzeugt, br0 ist nicht zu sehen. Ein manueller start vom Bridge-Script anschliessend bringt zwar auch eine fehlermeldung (br0 soll schon existieren) aber anschliessend wird br0 erzeugt es funktioniert.