Project

General

Profile

Actions

Feature #11935

open

Log external IP address of OpenVPN clients on connect and disconnect

Added by Michael Novotny 5 months ago. Updated 2 months ago.

Status:
Feedback
Priority:
Low
Assignee:
Category:
OpenVPN
Target version:
Start date:
05/19/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
21.09
Release Notes:
Default

Description

Would it be possible to add the IP address of the user when they are authenticated? This would assist with doing graylog email alerts when users connect in as this particular syslog entry does not include where the user is connecting from. I attached a mocked up example.

openvpn PID user 'USERNAME' authenticated from aaa.bb.c.ddd


Files

OpenVPN ip address.png (84.9 KB) OpenVPN ip address.png Mockup example Michael Novotny, 05/19/2021 07:39 AM
graylog email alert.png (98.8 KB) graylog email alert.png email from graylog Michael Novotny, 05/19/2021 07:48 AM
vpn.png (5.18 KB) vpn.png Alhusein Zawi, 07/03/2021 01:49 PM
Actions #1

Updated by Michael Novotny 5 months ago

Attached is what the syslog entry from graylog.

Actions #2

Updated by Jim Pingle 5 months ago

  • Category changed from Logging to OpenVPN
  • Priority changed from Normal to Low
  • Target version set to Future

In theory it should be possible, but would need validation to ensure it works as desired.

The data should be available from OpenVPN in the environment via untrusted_ip/untrusted_ip6 but would need passed through the various auth scripts like is done for the user/pass/cn.

Actions #3

Updated by Michael Novotny 5 months ago

The syslog entries are called on /etc/inc/openvpn.auth-user.php around lines 120 & 163 ("could not authenticate" & "authenticated"); the user's connected from IP address entry would go there.

I'm not a daily programming guru... but at quick glance, I'm not seeing OpenVPN env vars being passed, so I leave this with the experts.

Actions #5

Updated by Jim Pingle 5 months ago

  • Status changed from New to Pull Request Review
  • Assignee set to Viktor Gurov
  • Target version changed from Future to 2.6.0
  • Plus Target Version set to 21.09
Actions #6

Updated by Renato Botelho 4 months ago

  • Status changed from Pull Request Review to Feedback

PR has been merged. Thanks!

Actions #7

Updated by Viktor Gurov 4 months ago

  • % Done changed from 0 to 100
Actions #8

Updated by Alhusein Zawi 4 months ago

IP address is not added to openvpn log yet

Actions #9

Updated by Jim Pingle 4 months ago

Alhusein Zawi wrote:

IP address is not added to openvpn log yet

Where did you test that? It would only be in 2.6.0 snapshots currently.

Actions #10

Updated by Viktor Gurov 3 months ago

Jim Pingle wrote in #note-9:

Alhusein Zawi wrote:

IP address is not added to openvpn log yet

Where did you test that? It would only be in 2.6.0 snapshots currently.

may be related to #12238

Actions #11

Updated by Jim Pingle 2 months ago

  • Subject changed from Add IP address to OpenVPN logging to Log external IP address of OpenVPN clients on connect and disconnect

Updating subject for release notes.

Actions

Also available in: Atom PDF