[Cialug] List users connected to a VPN

[Zachary Kotlarek]

On Jan 17, 2015, at 3:15 PM, Matthew Nuzum <newz at bearfruit.org> wrote:

> I’ve set up a VPN server using l2tp / IPSec. I’m using the simple version where you specify user credentials in /etc/ppp/chap-secrets. I’m not opposed to using system accounts, but was planning to keep it simple.
> 
> My hope is that I can easily see a list of connected users. I can currently see a list of network connections, including ip addresses, and when I look for these connections in my /var/log/auth or /var/log/syslog file I see the connections, but it always shows that PPP was started by me. (see below for log output)
> 
> When I run `last` I see many connections, all have my name on them. The list doesn’t seem to change when I connect or disconnect, so I’m not sure this command is helpful.
> 
> My ultimate goal is to create a little web page (probably static html auto-generated once a minute or something) that lists IP addresses and who is connected so that my son and his friends can play games together and lookup the others’ addresses easily.


If you want to use the system auth tools and logs you need to use system auth. Otherwise you’re limited to what is provided internally by PPP, as the system only sees the user running the pppd program and isn’t involved in any kind of auth.

pppd can be configured to call scripts at IP connect and disconnect (and some other events — search for “script” in the man page) and PEERNAME is one of the bits of data available to those scripts. You should be able to use that to build a database of currently connected users; you could likely use it to directly generate your static HTML.

	Zach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2749 bytes
Desc: not available
URL: <http://cialug.org/pipermail/cialug/attachments/20150117/1fc27676/attachment.bin>