OpenVPN --route-up Missing environment variables when passing to script

Question

I'm diving into the glory of OpenVPN and I'm having a bit of trouble manually configuring the routing tables. I'm on Arch Linux.

I know OpenVPN automatically updates the routing tables when connecting but I want to write a script to update them myself. I've learned about OpenVPN's “--route-noexec” argument to prevent the automatic updates and the “--route-up” argument to pass relevant information via environment variables to a script of my choice.

This is where I run into trouble. I'd expect environment variables to be passed to the script, which happens, but it looks like I'm missing a few. Especially the one that lists my remote IP address, (untrusted/trusted_ip I believe) which makes it difficult to set iproute.

The environment variables my scripts receives are as follows:

dev_type=tun proto_1=udp tun_mtu=1500 script_type=route-up verb=1 local_port_1=1194 dev=tun0 remote_port_1=1194 PWD=/tmp daemon=0 SHLVL=1 script_context=init daemon_start_time=1409367799 daemon_pid=927 daemon_log_redirect=0 link_mtu=1500 _=/usr/bin/printenv 

The command I use to launch my VPN is as follows:

sudo openvpn --dev tun --route-noexec --script-security 2 --route-up /tmp/print.sh 

And finally the script I pass it to reads as follows:

#!/bin/bash printenv 

Does anybody know why I'm missing the variables? Any help would be appreciated!

Answer 1

Could it be that you should pass also "--config" option? eg.

openvpn --config /etc/openvpn/vpn.conf --script-security 2 --ifconfig-noexec --route-noexec --up ./netnsvpn-up --route-up ./netnsvpn-up 

And netnsvpn-up something like:

case $script_type in up) ip netns add vpntun0 ip netns exec vpntun0 ip link set dev lo up ip link set dev "$1" up netns vpntun0 mtu "$2" env ip netns exec vpntun0 ip addr add dev "$1" "${ifconfig_local}"/"${ifconfig_netmask:-30}" ;; route-up) ip netns exec vpntun0 ip route add default via "$route_vpn_gateway" ;; down) ip netns delete vpntun0 ;; esac 

vpntun0 is the name space.