Hello community,
I am running two IPFire (2.25/141) and want to immediate execute a shell script once the net2net (OpenVPN) connection got established.
Is there a way to do so? Is there a default script called? Where is/should it be located?
Thank you for any support.
Greetings
Wolfgang
Why don’t you just use cron with a cycle time of a minute or so? Maybe it’s already enough to ping an essential target to figure out if the connection is established or not.
Hi all,
since N2N runs with --script-security 2 --> https://git.ipfire.org/?p=ipfire-2.x.git;a=blob;f=html/cgi-bin/ovpnmain.cgi;h=e76a688fe7dcda0b77bf716eb2538342cd775b00;hb=refs/heads/core141#l930 ( 2 – Allow calling of built-in executables and user-defined scripts.) this should be possible in different connection states --> https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage#lbAS . There is also one example in the wiki for H2N in that case but it describes it like it can also be done for N2N. The wiki can be found in here --> https://wiki.ipfire.org/configuration/services/openvpn/extensions/plugins/down .
Best,
Erik
Sometimes you cannot see the wood for trees.
Thank you Terry with your pragmatic approach for bringing be back into reality. Erik’s reply was exactly what I was looking for a two way approach gives more security (reacting on event and later verifying of things are working).
Best regards
Wolfgang
Thanks Erik,
this was exactly what I was seeking for. Will try it out.
Best regards
Wolfgang
My intention is to setup a redirection gateway on one IPfire in the location by setting up the routes 128.0.0.0 … with a separate script on connect.
I already read the posts in the old forum but since the config files in ovpn/n2nconfig/ are regenerated on each restart of the connection and the manual entry “redirection-gateway def1” gets deleted I found this an adequate way of setting up the routes per case.
Guess Erik has experiences with that also. Am I on the right way?
Hi Wolfgang,
you can start and stop the connection without overwriting the configuration. It will only be set to the defaults if you use the save button in the appropriate connection.
So if you want to extend the config with parameters which are not provided via WUI, you can stop the connection, edit the config and start the connection again. At that point only manual modification of the config should be done.
Best,
Erik
Good to chat with an expert. Thanks for skilling me up!
Have great day.
Wolfgang
Your welcome.
Best,
Erik