Scripting OpenVPN—An Overview
Another striking option of OpenVPN is its scripting capabilities. We can create our own scripts and have them called on changes of the connection state. This makes it easy to execute a special (e.g. Firewall) script any time a client connects or on similar occasions. There's almost no limit; I leave it up to you to imagine the possibilities.
The following table gives an overview over the possible interfaces where OpenVPN can be forced to execute arbitrary scripts:
|
Option |
Occurrence |
|
|
When the IP of a VPN partner changes |
|
|
When the IP of the server has changed |
|
|
When a client connects |
|
|
When a client disconnects |
|
|
After configuration (up = starting, down = stopping) of the TUN/TAP device |
|
|
Before shutting down the TUN/TAP device |
|
|
When tunnels are restarted, up/down scripts are also executed... |
