connect/disconnect scripts?

Post Reply
kevincody
OpenVpn Newbie
Posts: 1
Joined: Wed Jan 15, 2020 8:47 am

connect/disconnect scripts?

Post by kevincody » Wed Jan 15, 2020 8:51 am

I want to run custom scripts on connect/disconnect, to apply custom firewall rules.

This is so that LDAP groups can control, via iptables, which server-side subnets any given VPN user can talk to.

I've managed to figure out that I can add server-side directives under Configuration / Advanced VPN but it seems that "-chroot" isn't respected. My scripts would have to somehow magically get copied into /run/openvpn_as after each server startup, along with bash, iptables, ldapsearch, and a bunch of libraries.

Is there a supported way to do this, or some way to turn off running it in a chroot?

Or does this use case actually require the community edition?

pdavisfmnh
OpenVpn Newbie
Posts: 1
Joined: Fri Sep 04, 2020 5:48 pm

Re: connect/disconnect scripts?

Post by pdavisfmnh » Fri Sep 04, 2020 5:50 pm

I'm also looking for this information. The only thing that is limiting me from switching from our current VPN solution is rate limiting. I can't let everyone connect at full strength.

The ease of use for end users with the access server is HUGE and would simplify our helpdesks lives greatly. But if I can't rate limit its a hard no go.

Post Reply