[eduVPN-deploy] Fixed IP - ccd
François Kooman
fkooman at tuxed.net
Thu Jul 28 08:25:02 CEST 2022
Hi Frank,
In the end it was not _that_ complicated to make this work. Wrote an API
callback class that logs the IP addresses on connect and disconnect. So,
if we allow this callback to call a HTTP service or run a (shell)script
we should be good :)
Jul 28 06:22:54 vpn-next.tuxed.net vpn-user-portal[730]: C fkooman
[10.89.165.2,fcda:8264:a469:e3c::2]
Jul 28 06:22:59 vpn-next.tuxed.net vpn-user-portal[731]: D fkooman
[10.89.165.2,fcda:8264:a469:e3c::2]
Regards,
François
On 27.07.22 11:24, François Kooman via eduVPN-deploy wrote:
> On 26.07.22 18:40, Frank Weis wrote:
>> Hi,
>
> Hi Frank,
>
>> it would be preferable to have the IP on disconnect too. Otherwise, if a
>> user connects with several devices, I'd have to drop all the IPs
>> associated with the user from the tables. On disconnects, having just
>> the IP(s) (not the userID) would probably be fine, but I'm sure that
>> doesn't help at all.
>
> I'll have a look at it, this is at least a bit of a challenge to do that
> cleanly in the server ;-)
>
>> I could work around this by setting maxActiveConfigurations to 1, I guess.
>
> Sure.
>
>> The firewall has states, so I will need to remove IPs from tables AND
>> kill states on disconnects.
>
> I meant state as in that it for example has an "ID" for a firewall
> modification "event" that you can use later in the next request
> (/disconnect) to "undo" the change.
>
> Regards,
> François
>
> _______________________________________________
> eduVPN-deploy mailing list
> eduVPN-deploy at list.surfnet.nl
> https://list.surfnet.nl/mailman/listinfo/eduvpn-deploy
More information about the eduVPN-deploy
mailing list