How can I record in a log when users connect and disconnect, and rotate the log every 24 hours.

How to customize and extend your OpenVPN installation.
Post Reply
xivexell
OpenVpn Newbie
Posts: 1
Joined: Mon Jan 17, 2022 5:39 pm

How can I record in a log when users connect and disconnect, and rotate the log every 24 hours.

Post by xivexell » Mon Jan 17, 2022 6:44 pm

I want to monitor when a user connects or disconnects to my VPN, I tried to use --up and --client-connect, but it doesn´t work, Could someone help me, please? I'm already stuck for 2 weeks

my server.conf
server

management localhost 5555
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh none
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 213.169.0.0 255.255.248.0"
push "route 192.168.112.0 255.255.255.0"
push "dhcp-option DNS 213.169.1.105"
keepalive 10 120
tls-crypt ta.key
cipher AES-256-GCM
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
script-security 3
up /etc/openvpn/scripts/clientconnect.sh
log-append /var/log/openvpn/openvpn.log
verb 4
explicit-exit-notify 1


my oepnvpn-server@.service
server

[Unit]
Description=OpenVPN service for %I
After=network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/w ... n24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
Type=notify
PrivateTmp=false
WorkingDirectory=/etc/openvpn/server
ExecStart=/usr/sbin/openvpn --script-security 3 --up /etc/openvpn/scripts/clientconnect.sh --status %t/openvpn-server/status-%i.log --status-version 2 --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
#ProtectSystem=true
#ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure

[Install]
WantedBy=multi-user.target


my script clientconnect.sh
server
#!/bin/bash
NOW=`(date '+%H:%M:%S - %d-%m-%Y')`
echo $NOW, $common_name $trusted_ip, $trusted_port >> /var/log/openvpn/usuarios.txt
exit 0

my usuarios.txt only has this:
server
12:29:41 - 17-01-2022, ,
12:33:25 - 17-01-2022, ,
13:52:20 - 17-01-2022, ,
13:53:05 - 17-01-2022, ,
13:54:57 - 17-01-2022, ,
13:55:23 - 17-01-2022, ,
13:55:23 - 17-01-2022, ,
13:58:18 - 17-01-2022, ,
14:03:08 - 17-01-2022, ,
14:04:58 - 17-01-2022, ,
14:32:43 - 17-01-2022, ,

User avatar
TinCanTech
Forum Team
Posts: 10820
Joined: Fri Jun 03, 2016 1:17 pm

Re: How can I record in a log when users connect and disconnect, and rotate the log every 24 hours.

Post by TinCanTech » Mon Jan 17, 2022 8:10 pm

xivexell wrote:
Mon Jan 17, 2022 6:44 pm
I want to monitor when a user connects or disconnects to my VPN
Try this: https://github.com/TinCanTech/easy-tls

and rotate the log every 24 hours.

Remove this:

Code: Select all

log-append /var/log/openvpn/openvpn.log
Let systemd take care of it.

Post Reply