Re: [Openvpn-users] Client history

Sun, 18 Feb 2024 06:30:05 -0800 

On Sun, 18 Feb 2024 09:44:14 +0000, Peter Davis via Openvpn-users
<openvpn-users@lists.sourceforge.net> wrote:

>Hi,
>Mine is:
>
># ls -l scripts/script-events.sh 
>-rwxr-xr-x 1 root root 543 Feb 18 10:11 scripts/script-events.sh
>
>And Server.conf is:
>...
>script-security 2
>client-connect /etc/openvpn/scripts/script-events.sh
>client-disconnect /etc/openvpn/scripts/script-events.sh
>
>I have three questions:
>
>1- Your script has an error:
>
># sh scripts/script-events.sh 
>scripts/script-events.sh: 10: Syntax error: newline unexpected

As I stated above:

>> My two scripts differ only by the name of the log file so one could use only 
>> a
>> single script provided that the call from the two conf files are modified to
>> supply the log file name as a argument #1 like this (note that my newsreader
>> inserts line breaks on long lines...:

So you have copied the text *without* observing that my single line was split by
the newsreader...

>
>2- Should both "client-connect" and "client-disconnect" be the same?

I have two scripts, one for my full openvpn server and one for the local-only
access openvpn server. But that is not needed as I wrote above if the LOGFILE
setting is entered as argument #1 on the commend line.

>
>3- Should both "client-connect" and "client-disconnect" be defined?
>Is it not possible to use script only for "client-connect"?

Yes, that makes sense unless you are doing very different things inside the
script of course. What its call is made from is checked inside the script via
environment var script_type set by openvpn.

So in my case the same script is called for *both* connect and disconnect.
The difference is checked in the script via the environment variable script_type
like this

# Log client connect or disconnect event with IP address
if [ "$script_type" == "client-connect" ]; then
    echo "$LOG_TIMESTAMP - $common_name connected with IP $trusted_ip" >>
"$LOG_FILE"
elif [ "$script_type" == "client-disconnect" ]; then
    echo "$LOG_TIMESTAMP - $common_name disconnected with IP $trusted_ip" >>
"$LOG_FILE"
fi

And again, my newsreader wraps text....


-- 
Bo Berglund
Developer in Sweden



_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to