OpenVPN | enable revocation – revoke a key

Add the following line to your servers conf: crl-verify /etc/openvpn/crl.pem Use the easyrsa ‘revoke-full ‘ command to revoke the key. Copy (NOT MOVE!) the crl.pem file from directory ‘keys’ to /etc/openvpn Restart the server Notice I: The next revocations will be added to the crl.pem file. There is no need to restart the server for […]

shell | scripting ping

Theres a little problem using ping as a connection checker inside of scripts. In example: If you send a bulk of three pings and one of them fail, the ping coommand returns 1. Here is a workaround: function ping_wrapper() { C_IP=”$1″ C_CNT=”$2″ C_TIMEOUT=”$3″ CNT=0 while true; do ping -q -c 1 -w $C_TIMEOUT $C_IP > […]

OpenVPN | log connection status

First method: Add the following lines to servers conf: status /var/log/status.log 5 status-version 2 Second method: Add the following lines to servers conf: client-connect /path/to/your/ client-disconnect /path/to/your/ Start your server with ‘–script-security 2’ The scripts must be owned by the same user running the server. If your scripts are writing log files, check the log […]