You may be on to something ... 😊. I'm not running journald though (I don't think ... just checked via ps, not seeing it a least).
I did try something, based on your comments. I created a short script (below), configured OpenVPN up to call it (on client-connect), #!/bin/sh echo "`date` OpenVPN connect ... " >> /root/openvpn.txt logger -t ovpn-conn-change "$script_type - $common_name / $ifconfig_pool_remote_ip" Then, I watched two things, 1) tail -f openvpn.txt => only a single entry here on connect, as expected! 2) tcpdump -nnAs0 -i alc0.5 host (ip addr) and port 514 | grep ovpn-conn-change => shows up twice here! So it seems the call is happening once, but 2x the entries to syslog. Actually, I see that for all (OpenVPN) messages. Hmmm. Will keep digging, thanks! ... Russell -----Original Message----- From: Selva Nair <selva.n...@gmail.com> Sent: Tuesday, May 26, 2020 1:56 PM To: Morris, Russell <rmor...@rkmorris.us> Cc: David Sommerseth <open...@sf.lists.topphemmelig.net>; openvpn users list (openvpn-users@lists.sourceforge.net) <openvpn-users@lists.sourceforge.net> Subject: Re: [Openvpn-users] syslog, drop Port Sharing Messages Hi On Tue, May 26, 2020 at 2:28 PM Morris, Russell <rmor...@rkmorris.us> wrote: > > It's possible, I won't say it's not ... LOL. FYI, all I did was add > this to the server config file (for testing for now), client-connect > "/usr/bin/logger -t openvpn client connect successful" > > And then I monitored network traffic ... tcpdump on the (syslog) sender and > receiver end. I see the double messages both places (I started looking > because of seeing them on the receiver, didn't believe it initially ... LMAO). This could be systemd (I like to blame it :) duplicating the logger message -- do you have journald running? Selva _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
