On Sun, 21 Jan 2024 10:10:10 +0100, Gert Doering <g...@greenie.muc.de> wrote:
>> Well, looking up a name in a "forbiddenusers" file which just contains alist >> of >> the CN of blocked users should qualify for "quick". > >This should normally be fine. > >Things people do in --client-connect scripts include LDAP or DNS queries, >which can lead to problems if said servers are slow/down - so, you have >an outage in your network and the DNS server is down, and that breaks >VPN usage because on every new client connect, OpenVPN stops forwarding >for all clients until the DNS query expires... > >So, avoid doing things in synchronous ways that rely on "external services". Could I launch a screen -d command in my script to do the actual work there? In that case the main script could exit instantly. But only provided the environment vars are transfered to the screen instance of course... -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
