Hi, I'm currently working on ironing out some wrinkles of the management interface regarding IPv6 addresses (like the "kill" command only taking IPv4 addresses, which doesn't help if a client connects over IPv6...).
Now, I'm wondering who is actually *using* the management interface on
the server side (where stuff like "status 2" makes a bigger difference).
I know about the OpenVPN Access Server, but even that one is not using
all the functionality (most notably, not using "kill" but "client-kill").
Which features of the management interface are the various client
applications using? Heiko?
One of the results of this work is the patch appended below - the
"status 2" and "status 3" commands currently do not show the IPv6 address
assigned to the client. Since the table is tagged, adding an extra
column will not harm a well-behaved user (like "AS"), but might confuse
an application that only looks for "stuff in the 8th column"...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
From 18d97cf42f35b2a673dd392b9fba6d2c1c141409 Mon Sep 17 00:00:00 2001
From: Gert Doering <g...@greenie.muc.de>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Wed, 10 Apr 2013 20:55:37 +0200
Subject: [PATCH] Print "Virtual IPv6 Address" on management interface queries
for "status 2" or "3".
Add extra column after "Virtual Address", empty if no IPv6 address assigned
to this client (or IPv6 not active at all).
Signed-off-by: Gert Doering <g...@greenie.muc.de>
---
src/openvpn/multi.c | 8 +++++---
src/openvpn/multi.h | 1 +
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index ab3f10c..1076eea 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -807,8 +807,8 @@ multi_print_status (struct multi_context *m, struct
status_output *so, const int
*/
status_printf (so, "TITLE%c%s", sep, title_string);
status_printf (so, "TIME%c%s%c%u", sep, time_string (now, 0, false,
&gc_top), sep, (unsigned int)now);
- status_printf (so, "HEADER%cCLIENT_LIST%cCommon Name%cReal
Address%cVirtual Address%cBytes Received%cBytes Sent%cConnected
Since%cConnected Since (time_t)%cUsername",
- sep, sep, sep, sep, sep, sep, sep, sep, sep);
+ status_printf (so, "HEADER%cCLIENT_LIST%cCommon Name%cReal
Address%cVirtual Address%cVirtual IPv6 Address%cBytes Received%cBytes
Sent%cConnected Since%cConnected Since (time_t)%cUsername",
+ sep, sep, sep, sep, sep, sep, sep, sep, sep, sep);
hash_iterator_init (m->hash, &hi);
while ((he = hash_iterator_next (&hi)))
{
@@ -817,10 +817,11 @@ multi_print_status (struct multi_context *m, struct
status_output *so, const int
if (!mi->halt)
{
- status_printf (so, "CLIENT_LIST%c%s%c%s%c%s%c" counter_format
"%c" counter_format "%c%s%c%u%c%s",
+ status_printf (so, "CLIENT_LIST%c%s%c%s%c%s%c%s%c"
counter_format "%c" counter_format "%c%s%c%u%c%s",
sep, tls_common_name
(mi->context.c2.tls_multi, false),
sep, mroute_addr_print (&mi->real, &gc),
sep, print_in_addr_t (mi->reporting_addr,
IA_EMPTY_IF_UNDEF, &gc),
+ sep, print_in6_addr (mi->reporting_addr_ipv6,
IA_EMPTY_IF_UNDEF, &gc),
sep, mi->context.c2.link_read_bytes,
sep, mi->context.c2.link_write_bytes,
sep, time_string (mi->created, 0, false, &gc),
@@ -1847,6 +1848,7 @@ multi_connection_established (struct multi_context *m,
struct multi_instance *mi
/* set our client's VPN endpoint for status reporting purposes */
mi->reporting_addr = mi->context.c2.push_ifconfig_local;
+ mi->reporting_addr_ipv6 = mi->context.c2.push_ifconfig_ipv6_local;
/* set context-level authentication flag */
mi->context.c2.context_auth = CAS_SUCCEEDED;
diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h
index 2bc0c8a..fc2ffb2 100644
--- a/src/openvpn/multi.h
+++ b/src/openvpn/multi.h
@@ -88,6 +88,7 @@ struct multi_instance {
bool socket_set_called;
in_addr_t reporting_addr; /* IP address shown in status listing */
+ struct in6_addr reporting_addr_ipv6; /* IPv6 address in status listing */
bool did_open_context;
bool did_real_hash;
--
1.7.8.6
pgpaffW4_8DgU.pgp
Description: PGP signature
