В Sun, 01 Dec 2013 00:10:36 -0800 jen...@promessage.com пишет: I cannot answer why iptables do not work, but general comment
> with the ExecStartPre= script, > > cat /usr/local/etc/openvpn/up.script > > #!/bin/sh > /usr/local/sbin/openvpn --rmtun --dev tun1 > /dev/null > 2>&1 There is no reason to lose valuable debugging information. All output is collected by systemd and is available via journal. Hiding it makes really no sense. > /usr/sbin/iptables -I FORWARD -i eth0 -o tun1 -j ACCEPT > iptables -L -v -n | grep tun > 0 0 ACCEPT all -- eth0 tun1 0.0.0.0/0 > 0.0.0.0/0 > > journalctl shows the up.script launched, and the tun1 device is broight > up, > > journalctl -xb | egrep -i "up.script|tables" Use "journalctl -u openvpn.service", this will show *all* output associated with your unit start/stop. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
