OpenVPN Connection Email Notifications
-
Hello
I have very little experience with php and packages in pfsense. In the past, I have used OpenVPN on an ubuntu host and ssmtp to send email notifications on connect and disconnect. I have seen a couple of posts about this sort of thing, but when trying to run the email commands manually, nothing comes through. I currently have the normal smtp settings setup and working within the pfsense notifications settings. Can anyone provide in depth instructions on what I need to configure and where to get email notifications on connect and disconnect?
Thanks.
-
Hi !
Experience isn't an issue here.
I have close to none, and worked something out in a couple of minutes.Google will bring you very quickly to something like this : https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully - see the last reply.
It's states :# nano /etc/openvpn/server.conf .... script-security 2 client-connect /etc/openvpn/up.sh ....
( I have to admit that I have a copy of the OpenVPN server 'manual' - you can't use OpenVPN without it anyway - and it was mentioned in there ).
For pfSense, this would be :
Now, all you need is this notify.sh file.
I needed to figure out how a mail is send from pfSense.
That was far more easy as one might think.
All is here : /etc/inc/notify.incI wrote this file :
#!/usr/local/bin/php -q <?php require_once("/etc/inc/notices.inc"); notify_all_remote("VPN Connected"); ?>
I put it in /root/ called it notify.sh and gave it exe rights.
chmod +x /root/notify.sh
I connected to my pfSense OpenVPN .... and received a mail.
Before you ask : yes, I guess it's possible to know what IP, what user etc is connecting. This means : diving into the OpenVPN manual again, etc.
-
I was able to get it working from your instructions. Thank you.
-
Hi,
What you wrote, is a nice example. The principle of using the built-in notify is great. General messaging, with fixed content, works fine. But I can't put variables in the message. Please tell me how I can insert the values of $ {common_name} or ${untrusted_ip} into the message.
Thanks
-
in other words the way it was written down here
-
This link is very helpful, thank you!