[eduVPN-deploy] Fixed IP - ccd

Frank Weis Frank.Weis at cgie.lu
Wed Jul 27 14:48:57 CEST 2022 

Hi François,

the firewall open/close code is yet to be done, but most of the required parts exist. There will be a DB that connects users to resources as well as current state info that can be used to see what needs to be done when (user, IP) disconnects.


Regards,

On 27.07.22 11:24, François Kooman wrote:

ⓘ This message was sent from external user !
Please do not click links or open attachments unless you recognise the source of this email and know the content is safe.

________________________________

On 26.07.22 18:40, Frank Weis wrote:
Hi,

Hi Frank,

it would be preferable to have the IP on disconnect too. Otherwise, if a
user connects with several devices, I'd have to drop all the IPs
associated with the user from the tables. On disconnects, having just
the IP(s) (not the userID) would probably be fine, but I'm sure that
doesn't help at all.

I'll have a look at it, this is at least a bit of a challenge to do that
cleanly in the server ;-)

I could work around this by setting maxActiveConfigurations to 1, I guess.

Sure.

The firewall has states, so I will need to remove IPs from tables AND
kill states on disconnects.

I meant state as in that it for example has an "ID" for a firewall
modification "event" that you can use later in the next request
(/disconnect) to "undo" the change.

Regards,
François

--

Frank Weis
Conseiller informaticien

LE GOUVERNEMENT DU GRAND-DUCHÉ DE LUXEMBOURG
Ministère de l’Éducation nationale, de l’Enfance et de la Jeunesse
Centre de gestion informatique de l’éducation

eduPôle - Walferdange
Route de Diekirch, L-7220 Walferdange
Adresse postale : B.P. 98, L-7201 Bereldange

Tél. Helpdesk: (+352) 247-85999 . Tél. Secrétariat: (+352) 247-85970 .Fax : (+352) 247-85174
E-mail : Frank.Weis at cgie.lu<mailto:Frank.Weis at cgie.lu>
www.cgie.lu<http://www.cgie.lu/>
www.men.lu<http://www.men.lu/>
www.gouvernement.lu<http://www.gouvernement.lu>
[cid:part1.xyQ8X3sA.jWH0fe6z at cgie.lu]
Ce message et toutes pièces jointes sont établis à l'intention exclusive de ses destinataires. Ils peuvent contenir des informations confidentielles. Si vous recevez ce message par erreur, merci de le détruire et d'en avertir immédiatement l'expéditeur. Toute utilisation de ce message non conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. Ce message a fait l'objet d'un traitement anti-virus.

Le contenu de ce message et des pièces jointes ne pourrait engager la responsabilité du ministère que s'il a été émis par une personne dûment habilitée agissant dans le strict cadre des fonctions auxquelles elle est employée et à des fins non étrangères à ses attributions.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.surfnet.nl/pipermail/eduvpn-deploy/attachments/20220727/6c51aabf/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: e9igcXQsxgLE0Thn.png
Type: image/png
Size: 48587 bytes
Desc: e9igcXQsxgLE0Thn.png
URL: <https://list.surfnet.nl/pipermail/eduvpn-deploy/attachments/20220727/6c51aabf/attachment-0001.png>

More information about the eduVPN-deploy mailing list