Hi everyone.
I am trying to detect if OpenVPN connection is established on the client side and notify other application that is running on the same machine.
I checked several posts on this forum and found that using --up option may be a good approach.
According to the reference (https://openvpn.net/community-resources ... envpn-2-4/),
--up options is used to "Run command cmd after successful TUN/TAP device open".
Does successful TUN/TAP device open mean end-to-end connection over openvpn is established?
Or might it be the case that it does not necessarily mean the connection is not established?
Can "up" option be used for detecting e2e connection establishment?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Mar 30, 2022 12:46 am
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Can "up" option be used for detecting e2e connection establishment?
In this case, the VPN itself is not ready to pass data but everything else is ready.
Once the --up script completes then, for security reasons, the VPN will pass data.
Some people claim they can get data over the VPN before the --up completes ..
Once the --up script completes then, for security reasons, the VPN will pass data.
Some people claim they can get data over the VPN before the --up completes ..
-
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Mar 30, 2022 12:46 am
Re: Can "up" option be used for detecting e2e connection establishment?
Thank you for your reply.
> In this case, the VPN itself is not ready to pass data but everything else is ready.
So do you mean when --up script is run, it does not guarantee that data can be passed over the VPN?
If so, what about --up-delay? The reference says it delays "--up script execution until after TCP/UDP connection establishment with peer".
> In this case, the VPN itself is not ready to pass data but everything else is ready.
So do you mean when --up script is run, it does not guarantee that data can be passed over the VPN?
If so, what about --up-delay? The reference says it delays "--up script execution until after TCP/UDP connection establishment with peer".
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Can "up" option be used for detecting e2e connection establishment?
I am told that the VPN will not pass data until all scripts complete, as it says in the manual.
Some people believe they can get around it ..
Try it for yourself.
Some people believe they can get around it ..
Try it for yourself.
-
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Mar 30, 2022 12:46 am
Re: Can "up" option be used for detecting e2e connection establishment?
I confirmed that I cannot pass data inside --up script nor inside --route-up script.
But I think the fact that "the VPN itself is not ready to pass data but everything else is ready" when --up script is run is already enough for my usecase.
Thank you so much for your help.
But I think the fact that "the VPN itself is not ready to pass data but everything else is ready" when --up script is run is already enough for my usecase.
Thank you so much for your help.