connect/disconnect scripts?

Post Reply
OpenVpn Newbie
Posts: 1
Joined: Wed Jan 15, 2020 8:47 am

connect/disconnect scripts?

Post by kevincody » Wed Jan 15, 2020 8:51 am

I want to run custom scripts on connect/disconnect, to apply custom firewall rules.

This is so that LDAP groups can control, via iptables, which server-side subnets any given VPN user can talk to.

I've managed to figure out that I can add server-side directives under Configuration / Advanced VPN but it seems that "-chroot" isn't respected. My scripts would have to somehow magically get copied into /run/openvpn_as after each server startup, along with bash, iptables, ldapsearch, and a bunch of libraries.

Is there a supported way to do this, or some way to turn off running it in a chroot?

Or does this use case actually require the community edition?

Post Reply