有没有办法用 shell 命令行断开由 free-radius 建立的 openvpn 连接?
我拥有有关 openvpn 连接的所有信息:
- 用户名
- 客户端 IP
- 帐号会话ID
- ...
答案1
pkill -SIGTERM -f'openvpn --daemon --conf $OPENVPNCONFFILE'
pkill 命令允许您根据名称或其他属性向进程发出信号
这将向 openvpn 发送 SIGTERM,使其正常退出并关闭 tun 接口。您可能需要修改 -f 后面的部分以匹配您启动 openvpn 连接的方式。
我在 openvpn 手册页的信号部分找到了这一点。
SIGINT, SIGTERM
Causes OpenVPN to exit gracefully.
答案2
确定虚拟接口ifconfig:
tap0 Link encap:Ethernet HWaddr 32:28:a4:04:34:cc
inet addr:172.22.18.14 Bcast:172.22.18.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
并使用以下命令关闭它:
sudo ifconfig tap0 down
这是我为 RedHat 编写的初始化脚本:
#! /bin/bash
#
# openvpn-client Start/Stop the openvpn client
#
# chkconfig: 2345 90 60
# description: start openvpn client at boot
# processname: openvpn
# Source function library.
. /etc/init.d/functions
daemon="openvpn"
prog="openvpn-client"
conf_file="/vagrant/vpn/client-dept18-payment.ovpn"
start() {
echo -n $"Starting $prog: "
if [ -e /var/lock/subsys/openvpn-client ] && [ $(pgrep -fl "openvpn --config /vagrant/vpn/client-dept18-payment.ovpn" | wc -l) -gt 0 ]; then
echo_failure
echo
exit 1
fi
runuser -l root -c "$daemon --config $conf_file >/dev/null 2>&1 &" && echo_success || echo_failure
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/openvpn-client;
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
pid=$(ps -ef | grep "[o]penvpn --config $conf_file" | awk '{ print $2 }')
kill $pid > /dev/null 2>&1 && echo_success || echo_failure
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/openvpn-client;
return $RETVAL
}
status() {
pgrep -fl "openvpn --config /vagrant/vpn/client-dept18-payment.ovpn" >/dev/null 2>&1
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
pid=$(ps -ef | grep "[o]penvpn --config $conf_file" | awk '{ print $2 }')
echo $"$prog (pid $pid) is running..."
else
echo $"$prog is stopped"
fi
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status
;;
condrestart)
[ -f /var/lock/subsys/openvpn-client ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart}"
exit 1
esac
然后你就可以照常使用它:
# /etc/init.d/openvpn-client start
Starting openvpn-client: [ OK ]
# /etc/init.d/openvpn-client start
Starting openvpn-client: [FAILED]
# /etc/init.d/openvpn-client status
openvpn-client (pid 5369) is running...
# /etc/init.d/openvpn-client stop
Stopping openvpn-client: [ OK ]
# /etc/init.d/openvpn-client stop
Stopping openvpn-client: [FAILED]
# /etc/init.d/openvpn-client status
openvpn-client is stopped
# /etc/init.d/openvpn-client restart
Stopping openvpn-client: [ OK ]
Starting openvpn-client: [ OK ]
# /etc/init.d/openvpn-client status
openvpn-client (pid 5549) is running...
答案3
对我来说,简单运行sudo pkill openvpn就很好了。(Linux Mint 19.1)
答案4
我从未使用过自由半径,但我熟悉 OpenVPN 中的类似问题。如果从命令行启动连接,则 VPN 客户端要么在提示符下保持活动状态,要么退回到后台,但没有命令明确停止连接。
在 Linux 下,停止连接的唯一方法是使用“kill”或“killall”命令。自由半径连接可能类似。