Jail

.

export JAIL=vpngw
export JAILHOSTNAME=vpngw
export JAILDOMAIN=ahlawat.com
export JAILIP=66
export JAILUSER=X
export JAILUSERID=1000
export JAILUSERVNC=false

/root/FreeBSD/jails/create.sh $JAIL $JAILHOSTNAME $JAILDOMAIN $JAILIP $JAILUSER $JAILUSERID $JAILUSERVNC

iocage set allow_mount=1 enforce_statfs=1 allow_mount_devfs=1 allow_tun=1 devfs_ruleset=300 $JAIL

iocage fstab -r $JAIL /mnt/ship/certs /mnt/certs nullfs ro 0 0

iocage exec $JAIL "mkdir /mnt/p"
iocage fstab -a $JAIL /mnt/data/p /mnt/p nullfs rw 0 0

iocage fstab -l $JAIL

iocage exec $JAIL "pkg install -y openvpn"

iocage exec $JAIL "sysrc firewall_script=/mnt/config/ipfw.rules"

iocage exec $JAIL "mkdir -p /usr/local/etc/openvpn"
iocage exec $JAIL "sysrc openvpn_configfile=/mnt/config/secret/ovpn.conf"
iocage exec $JAIL "sysrc openvpn_enable=NO"
# enabling with YES makes openvn prompt for username and password

iocage exec $JAIL "sysrc gateway_enable=YES"
iocage exec $JAIL "sysrc natd_enable=YES"
iocage exec $JAIL "sysrc natd_interface=tun1"
iocage exec $JAIL 'sysrc natd_flags="-f /mnt/config/natd.conf"'

# restart jail to pickup new ruleset
iocage restart $JAIL

iocage exec $JAIL "service openvpn onestart"
iocage exec $JAIL "service ipfw restart"