How to get remote variable from client to server?

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
jojocague
OpenVpn Newbie
Posts: 2
Joined: Fri Jan 19, 2018 7:53 pm

How to get remote variable from client to server?

Post by jojocague » Fri Jan 19, 2018 8:13 pm

Hello everyone!
I need to get a variable remote (public server ip from which client connect to openvpn server) from client conf.file to server side in order to use this
one in bash script. I tried push-peer-info - doesn't work for me.. Variables are empty in bash scriptfile. One more option is parcing server.log file with line that contain : Peer Connection Initiated with [AF_INET]87.123.xxx.104:6686 (via [AF_INET]46.36.xxx.110%venet0) and last ip is that I need but this option doesn't fit for me.

How i can make it ?

Openvpn version 2.3.10 ubuntu \ windows 11.9.0.0
Client - Win 10 \ Server - Ubuntu 16.x

my openvpn server.conf :
mode server
port 1194
proto udp
dev tun
multihome
ca ca.crt
cert myservername.crt
key myservername.key
dh dh2048.pem
cipher AES-256-CBC
server 10.9.0.0 255.255.255.0
keepalive 10 120
ifconfig-pool-persist ipp.log
persist-key
persist-tun
client-config-dir /etc/openvpn/easy-rsa/keys
status server-status.log
log /var/log/server.log
script-security 2
client-connect /etc/openvpn/up.sh
comp-lzo
sndbuf 0
rcvbuf 0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
myclient conf:
client
dev tun
proto udp
remote 46.36.221.*** 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert pp1.crt
key pp1.key
cipher AES-256-CBC
ns-cert-type server
comp-lzo
log pp1.log
sndbuf 0
rcvbuf 0
iptables rules:
:INPUT DROP [5:286]
:FORWARD ACCEPT [564:288911]
:OUTPUT ACCEPT [337:255768]
-A INPUT -p tcp --dport 22 -j LOG --log-prefix " ALERT " --log-level=warning
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p udp -m udp --dport 1194 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.9.0.0/24 -j ACCEPT
-A FORWARD -j REJECT


:PREROUTING ACCEPT [46:20142]
:POSTROUTING ACCEPT [1:67]
:OUTPUT ACCEPT [1:67]
-A POSTROUTING -s 10.9.0.0/24 -j SNAT --to-source 5.45.124.***
And one more problem...
I dont know why but logging in iptables doesn't work... Wo know why?

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: How to get remote variable from client to server?

Post by Pippin » Fri Jan 19, 2018 9:05 pm

I think you want to look at:
https://community.openvpn.net/openvpn/w ... n24ManPage
Environmental Variables -> trusted_ip (or trusted_ip6) / untrusted_ip (or untrusted_ip6)

jojocague
OpenVpn Newbie
Posts: 2
Joined: Fri Jan 19, 2018 7:53 pm

Re: How to get remote variable from client to server?

Post by jojocague » Sat Jan 20, 2018 2:07 pm

Pippin wrote:
Fri Jan 19, 2018 9:05 pm
I think you want to look at:
https://community.openvpn.net/openvpn/w ... n24ManPage
Environmental Variables -> trusted_ip (or trusted_ip6) / untrusted_ip (or untrusted_ip6)
Thank you very much for this answer!
This variable return actual client ip adress but I need public server adress with the help of client connect to my VPN. I have multiple Public IP's on my server and I must to return in bash script through which public IP client have connected to my server. In client config this directive call REMOTE.
I didn't found variable which return this directive from client. That's why I open this thread.. Have anybody conceptions how I can get this var?
I see 2 ways :
First option is parcing server.log file and get back this value from. (Bad way due to write ugly regexb ...)
Second option is push-peer-info directive which doesn't work on my server side because all vars become empty..
I read that this problem due to my openvpn server 2.3.10 and I don't know how fix this guy..
Have any one another ways ??

taybinakh
OpenVpn Newbie
Posts: 3
Joined: Fri Jun 28, 2019 1:48 pm

Re: How to get remote variable from client to server?

Post by taybinakh » Sun Jun 30, 2019 7:58 pm

i think the only way is to parse logfile

if you wirte in script (client-connect /etc/openvpn/up.sh) you get the ip Adress of connected client ?

Post Reply