Client ignoring up/down script options

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
elkali
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 25, 2021 11:08 am

Client ignoring up/down script options

Post by elkali » Thu Mar 25, 2021 11:12 am

So my ovpn file has the usual lines:

Code: Select all

script-security 2
up "/etc/openvpn/update-resolv-conf"
down "/etc/openvpn/update-resolv-conf"
The actual /etc/openvpn/update-resolv-conf file is a custom made script I tweaked to manage the resolvconf entries in mac. This script is tested and working fine when I use brew's command line openvpn client.

The script also works fine when I use Tunnelblick

However, OpenVPN Connect clients (tested both v2 and v3) completely ignore the up/down entries in the config file. Nada. I look in the connection logs, there is nothing suggesting that the scripts are executed. I added a logging line in the script to dump into a /tmp/ file info about the time of call and env received, in case there was some issue like that, yet nothing. It seems simply as if the script is completely bypassed.

I have been completely unable to find information regarding this issue, with all the leads taking me to dead ends.

Any help would be highly appreciated.

(edited to fix bbcode block)

elkali
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 25, 2021 11:08 am

Re: Client ignoring up/down script options

Post by elkali » Thu Mar 25, 2021 11:55 am

In the log, I find the following:

Code: Select all

30 [script-security] [2] 
31 [up] [/etc/openvpn/update-resolv-conf] 
32 [down] [/etc/openvpn/update-resolv-conf] 
So the options are parsed. It still somehow does not get executed.

elkali
OpenVpn Newbie
Posts: 3
Joined: Thu Mar 25, 2021 11:08 am

Re: Client ignoring up/down script options

Post by elkali » Thu Mar 25, 2021 1:19 pm

Ok I just realised that the above come under a

Code: Select all

UNUSED OPTIONS
block...

At least that explains why are they ignored. I would like to see why this client ignores such options

chunkySpecial
OpenVpn Newbie
Posts: 1
Joined: Thu Sep 17, 2020 6:56 pm

Re: Client ignoring up/down script options

Post by chunkySpecial » Thu Apr 08, 2021 5:00 pm

I am seeing this "unused options" with DHCP options pushed down from my server as well (DNS server addresses, specifically). It would be nice to at least have up/down scripts as a way to workaround that, but... those are also unused options.

It would be great if the OpenVPN client application supported standard OpenVPN options.

Post Reply