Add cn-filter.sh script for OpenVPN server
This commit is contained in:
parent
0c55b0f285
commit
3df0ca945b
26
cn-filter.sh
Normal file
26
cn-filter.sh
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# cn-filter.sh is a client-connect script for OpenVPN server
|
||||
# It allow clients to connect only if their CN is in $AUTH_FILE
|
||||
#
|
||||
# You need this parameters in your's server config :
|
||||
#
|
||||
# script-security 3
|
||||
# client-connect <path-to-cn-filter>/cn-filter.sh
|
||||
#
|
||||
|
||||
set -eu
|
||||
|
||||
DATE="$(date +'%b %d %H:%M:%S')"
|
||||
LOG_FILE="/var/log/openvpn/auth.log"
|
||||
AUTH_FILE="/etc/openvpn/authorized_cns"
|
||||
|
||||
grep -qE "^${common_name}$" "${AUTH_FILE}"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
echo "${DATE} - Accepted login for ${common_name} from ${trusted_ip} port ${trusted_port}" >> "${LOG_FILE}"
|
||||
exit 0
|
||||
else
|
||||
echo "${DATE} - Failed login for ${common_name} from ${trusted_ip} port ${trusted_port}" >> "${LOG_FILE}"
|
||||
fi
|
||||
|
||||
exit 1
|
||||
Loading…
Reference in a new issue