> On Friday, February 16th, 2024 at 2:10 PM, Bo Berglund > <bo.bergl...@gmail.com> wrote:
> On Wed, 14 Feb 2024 08:34:38 +0100, Bo Berglund bo.bergl...@gmail.com wrote: > > > I also want to log server side client connect/disconnect events on my > > server. > > > > And I have tried to read the documentation here: > > https://openvpn.net/community-resources/reference-manual-for-openvpn-2-5/ > > > > I can find a lot of entries for the client-connect client-disconnect > > details, > > including how it can be configured with call arguments. > > But what I don't find is any working example of such a script... > > > > I have also googled for it but that too fails because noone I have found > > seems > > to want to show an actually working setup including: > > > > - What needs to be entered in the server.conf file, like permissions > > - Where the script could reside to be usable > > - What the script file properties should be > > - How the script can get the information to write to the log > > - How it can actually reach a log location and write a file there > > > > A working example, which logs client connect and disconnect events with a > > readable timestamp and some user data into a log file located in say the > > /etc/openvpn/log directory would be very useful in my opinion. > > > > Is there such an example somewhere? > > > SOLUTION > > Just to follow up on my question > --------------------------------- > I have done the following and it seems to work: > > /etc/openvpn/server/serverlocal.conf: > > #Add logging of client connect/disconnect events: > script-security 2 > client-connect /etc/openvpn/scripts/serverlocal-events.sh > client-disconnect /etc/openvpn/scripts/serverlocal-events.sh > > /etc/openvpn/scripts/serverlocal-events.sh: > > #!/bin/bash > # Executed on the server side for client connect and disconnect events. > # Log file path > LOG_FILE="/etc/openvpn/log/serverlocal-events.log" > # Log timestamp > LOG_TIMESTAMP=$(date "+%Y-%m-%d %H:%M:%S") > # Log client connect or disconnect event with IP address > if [ "$script_type" == "client-connect" ]; then > echo "$LOG_TIMESTAMP - $common_name connected with IP $trusted_ip" >> > > "$LOG_FILE" > elif [ "$script_type" == "client-disconnect" ]; then > echo "$LOG_TIMESTAMP - $common_name disconnected with IP $trusted_ip" >> > > "$LOG_FILE" > fi > > > And when I test this with a connect - disconnect cycle this is what I get: > > 2024-02-16 11:34:26 - BosseUbu connected with IP 217.213.74.168 > 2024-02-16 11:34:32 - BosseUbu disconnected with IP 217.213.74.168 > > So it seems to work as expected... > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users Hi, Thank you so much for your great reply. What should script permission be? I got the following error: --client-connect script fails with '/etc/openvpn/scripts/script.sh': Permission denied (errno=13) _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
