NethServer Version: 7.7.1908
I am “playing” with OpenVPN & c.
Is there a way to:
- limit all or specific road warrior user by time (ie 8-20)?
- have a use report of RW connections? (also a simple output like the standard “last” for logon)
Thanks, P.
NethServer Version: 7.7.1908
I am “playing” with OpenVPN & c.
Is there a way to:
Thanks, P.
I believe in the user list you have the time of the last connection IIRC
So, if I use server’s users I have the connection history.
Never tried. I test it ASAP.
Thanks
There is also the option to define a time table when a user can connect?
Thanks.
I think no
Is there a file that I can manipulate with some script in crontab?
Or a command that can be used from a script to enable/disable a user?
And … where can I find the "connection history screen you posted above?
Thanks, P.
in the list of users, click on the last connection date (blue link)
Probably yes you could disable by a cron command
db vpn show
toto@domain.com=vpn-user
OpenVpnIp=
VPNRemoteNetmask=
VPNRemoteNetwork=
status=enabled
create a script to set the status to disabled an trigger the event nethserver-openvpn-save
in the list of users, click on the last connection date (blue link)
May be I am blind or stupid, but I can’t find it neither in classic panel nor cockpit panel …
For me
db vpn show
toto@domain.com=vpn-user
OpenVpnIp=
VPNRemoteNetmask=
VPNRemoteNetwork=
No status=enabled row.
Command to enable/disable is something like
db vpn set ???
Thanks for your patience
maybe you simply have not created your first user, create it in the panel
to disable
db vpn setprop toto@domain.com status disabled
signal-event nethserver-openvpn-save
you could imagine a loop to parse all users in the databse and enable/disable it following the time
Write a firewall rule for that OpenVPN user or it’s ip address.
ok, definitly I was blind
Found.
Thanks
Thanks.
Tried to disable a user (of 3 created for test but never used until now). I still have no status::
/sbin/e-smith/db dbfile setprop key prop1 val1 [prop2 val2] [prop3 val3] …
tess-vpn=vpn
OpenVpnIp=
VPNRemoteNetmask=
VPNRemoteNetwork=
tess00@tess.com=vpn-user
OpenVpnIp=10.20.1.233
VPNRemoteNetmask=
VPNRemoteNetwork=
tess01@tess.com=vpn-user
OpenVpnIp=
VPNRemoteNetmask=
VPNRemoteNetwork=
Is it safe to play with iptables on NethServer?
You have the firewall interface for play with. Anyway… at any update of the rules into the interface, Shorewall and iptable are waved and reconfigure according to the interface.
Simply create the status prop for the user like I wrote
Sometime do not search to understand, just play
I wanto disable specific rw user outside working hours.
Following your hint I can assign to it a fixed IP (10.20.1.101)
In a cron job insert a line like:
iptables -A INPUT -s 10.20.1.101 -j DROP
and in another cron job I insert:
iptables -D INPUT -s 10.20.1.101 -j DROP
(or shorewall restart)
Is INPUT the right Chain or have I to use another Chain (net2ovpn)?
That was not my suggestion…
Bind a OpenVPN user to an ip address.
Use the firewall rule to define WHEN the user is allowed (use objects) then the following rule that do not allow the user to access to the internal lan.