Opened 4 years ago

Last modified 3 years ago

#795 new Feature Wish

Add --port-share logging

Reported by: wliang Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

Currently, port-share has the optional parameter dir to store the source IP:port of the client connection and the source IP:port of the connection to the proxy receiver. However, it's not persistent. Can we also have the option to send these mappings to a log file? One use case is web server log can work with this log file to find all the original client IP and port.

Change History (4)

comment:1 Changed 4 years ago by Gert Döring

Version: 2.3.13git master branch

Should not be too hard to add a log entry there. You're sure it's not already logging, if --verb is high enough?

Won't happen in 2.3.x or 2.4.x though, unless the change is totally trivial.

comment:2 Changed 4 years ago by wliang

I have tried as high as verb 4, and I don't see the mapping logged. The problem with using high verb is it's quite voluminous. I think a separate log file is more appropriate.

comment:3 Changed 4 years ago by Gert Döring

--verb 4 is not exactly high :-)

But indeed, there does not seem to be a log showing these IP adress/port combinations.

Adding a msg() call to ps.c / proxy_entry_new() isn't hard but will intermix it with the main log.

Adding a log file dedicated to it would be a bit of a nuisance - add a new config option, and pass that option down the full chain (port_share_open(), port_share_proxy(), control_message_from_parent(), proxy_entry_new(), ...)

comment:4 Changed 3 years ago by wliang

If adding msg() to existing functions is a lot easier, I think it's an acceptable solution. We can always filter them out later on.

Note: See TracTickets for help on using tickets.