> On Sunday, February 18th, 2024 at 12:27 PM, Bo Berglund > <bo.bergl...@gmail.com> wrote:
> On Sun, 18 Feb 2024 06:50:06 +0000, Peter Davis via Openvpn-users > openvpn-users@lists.sourceforge.net wrote: > > > > SOLUTION > > > > > > Just to follow up on my question > > > --------------------------------- > > > I have done the following and it seems to work: > > > > > > /etc/openvpn/server/serverlocal.conf: > > > > > > #Add logging of client connect/disconnect events: > > > script-security 2 > > > client-connect /etc/openvpn/scripts/serverlocal-events.sh > > > client-disconnect /etc/openvpn/scripts/serverlocal-events.sh > > > > > > /etc/openvpn/scripts/serverlocal-events.sh: > > > > > > #!/bin/bash > > > # Executed on the server side for client connect and disconnect events. > > > # Log file path > > > LOG_FILE="/etc/openvpn/log/serverlocal-events.log" > > > # Log timestamp > > > LOG_TIMESTAMP=$(date "+%Y-%m-%d %H:%M:%S") > > > # Log client connect or disconnect event with IP address > > > if [ "$script_type" == "client-connect" ]; then > > > echo "$LOG_TIMESTAMP - $common_name connected with IP $trusted_ip" >> > > > > > > "$LOG_FILE" > > > elif [ "$script_type" == "client-disconnect" ]; then > > > echo "$LOG_TIMESTAMP - $common_name disconnected with IP $trusted_ip" >> > > > > > > "$LOG_FILE" > > > fi > > > > > > And when I test this with a connect - disconnect cycle this is what I get: > > > > > > 2024-02-16 11:34:26 - BosseUbu connected with IP 217.213.74.168 > > > 2024-02-16 11:34:32 - BosseUbu disconnected with IP 217.213.74.168 > > > > > > So it seems to work as expected... > > > > > > -- > > > Bo Berglund > > > Developer in Sweden > > > > > > _______________________________________________ > > > Openvpn-users mailing list > > > Openvpn-users@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > > > Hi, > > Thank you so much for your great reply. > > What should script permission be? I got the following error: > > > > --client-connect script fails with '/etc/openvpn/scripts/script.sh': > > Permission denied (errno=13) > > > This is what I have: > > /etc/openvpn/scripts$ ls -la > -rwxr-xr-x 1 root root 567 2024-02-16 11:47 server-events.sh > -rwxr-xr-x 1 root root 572 2024-02-16 11:34 serverlocal-events.sh > > Created as follows: > > cd /etc/openvpn/scripts > sudo touch server-events.sh > sudo chmod +x server-events.sh > sudo nano server-events.sh > (add the text for the script as shown above) > > Then copy the script to use for the other service: > sudo cp server-events.sh serverlocal-events.sh > sudo nano serverlocal-events.sh > (modify the script LOG_FILE entry to fit the other openvpn service) > > And of course add the call for the script to the conf files for the services: > > #Add logging of client connect/disconnect events: > script-security 2 # This MUST be set in order for the scripts to execute > client-connect /etc/openvpn/scripts/server-events.sh > client-disconnect /etc/openvpn/scripts/server-events.sh > > #Add logging of client connect/disconnect events: > script-security 2 > client-connect /etc/openvpn/scripts/serverlocal-events.sh > client-disconnect /etc/openvpn/scripts/serverlocal-events.sh > > My two scripts differ only by the name of the log file so one could use only a > single script provided that the call from the two conf files are modified to > supply the log file name as a argument #1 like this (note that my newsreader > inserts line breaks on long lines...: > > script-security 2 > > client-connect /etc/openvpn/scripts/server-events.sh > "/etc/openvpn/log/server-events.log" > > client-disconnect /etc/openvpn/scripts/server-events.sh > "/etc/openvpn/log/server-events.log" > > And then use this in the now single script to read the log file name from the > call argument: > > LOG_FILE="$1" > > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users Hi, Mine is: # ls -l scripts/script-events.sh -rwxr-xr-x 1 root root 543 Feb 18 10:11 scripts/script-events.sh And Server.conf is: ... script-security 2 client-connect /etc/openvpn/scripts/script-events.sh client-disconnect /etc/openvpn/scripts/script-events.sh I have three questions: 1- Your script has an error: # sh scripts/script-events.sh scripts/script-events.sh: 10: Syntax error: newline unexpected 2- Should both "client-connect" and "client-disconnect" be the same? 3- Should both "client-connect" and "client-disconnect" be defined? Is it not possible to use script only for "client-connect"? _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
