Script to display OpenVPN status

September 27, 2007 at 9:24 pm (Technology) (, , , , )

Well, I won’t claim it’s pretty or the most efficiently written script ever made….

However, I had a problem. OpenVPN, when it is run in daemon mode, do not give you any easy was to check who is currently logged into the VPN or what the internal routes are, etc. I learned from reading the man page, that you can cause the daemon to output status if you send a SIGUSR2 to the process. Now, if OpenVPN is not running as a daemon, it will send the status to stdout; if it IS running as a daemon, it is sent to syslog.

So, you can tail your /var/log/messages and read the stats. But that’s kinda clunky and certainly not easy for people with weak shell skills. Some people who help admin my OpenVPN server are not shell savvy, so I wanted to make a utility you could use to easy display the current stats.

Essentially, this utility sends the SIGUSR2 signal to the OpenVPN process. When it does that, it notes what time it is. Then it uses some clever regular expression magic to parse the status information out of the messages file and attempt to display it nicely. I really couldn’t find a easy way to have it auto pad the columns, etc. I was thinking of using ncurses, but thought that was over kill. If you have any ideas how to do this in Python, then please let me know.

Note in the code, that I have parsed all the fields out. So, it would be easy to extend this code to a web page/interface, or anything else that need might arise for. Yes, I know I should have added comments, but I was in a hurry when I wrote this, so save your tisking. One final note: this script does need to be run as root or suid, because it needs to send a signal and because it needs to access /var/log/messages for reading.

If you find this script useful, let me know. Enjoy…

Update: I was not able to get WordPress to display Python code correctly.  Therefore, I have published the script to my web site.  Please go here to download it.

Advertisements

32 Comments

  1. me said,

    Good luck with this.. seems you need to turn off the markup tagging on this script so people can actually download and use it. Maybe provide a link to an unmarked-up text file.

  2. teknux said,

    good job, but in this post it lacks indentation, can you provide some external file with indented code?

    thanks,
    tek

  3. teknux said,

    ok, I’ve modified and debugged the code, now it works well and it’s indented 🙂

    Things added:
    – some check to prevent errors in the case openvpn it’s not active
    – manual setting for pidof and /var/log/messages paths (they may differ from a distro to another)
    – fixed some char encoding

    you can view the new code to http://teknux.googlepages.com/openvpn-status.py.txt (the .txt extension permits to view it inside browser)

    feel free to contact me at my home page (even if it’s in italian lang, search for python tag :P), or drop a mail to *mynickname*@gmail.com (my nickname is exposed in this comment field)

    cheers,
    tek

  4. axelilly said,

    Thanks guys for the comments.

    I didn’t realize that WordPress eats white space until now. I have created a new website where you can download this script from: http://axelilly.googlepages.com
    You can go to that website and download the original script. Or, you can go to http://teknux.googlepages.com/openvpn-status.py.txt and download his version with some more features.

  5. Antani said,

    I got this error:

    Traceback (most recent call last):
    File “./checkOpenvpn”, line 115, in ?
    parsebuffer(searchfile(message_file))
    File “./checkOpenvpn”, line 43, in searchfile
    cleanpid = string.atoi(str(dirtypid[0]).strip(‘[]’).replace(‘\n’, ”))
    File “/usr/lib/python2.3/string.py”, line 220, in atoi
    return _int(s, base)
    ValueError: invalid literal for int():

    Any hints on how to make this stuff working?

  6. axelilly said,

    Antani:

    I no longer support this script because this functionality is built into OpenVPN now. OpenVPN can be configured to write it’s current status out to a file at a certain time interval. By default, OpenVPN will overwrite the status file with new contents every one minute.

    The status file is configured in the OpenVPN config file with this line:
    status file-to-write-status-to.txt

    Generally, I will keep an eye on this file using the watch command like this:
    watch -n 50 /etc/openvpn/openvon-status.txt

    This file could easily be parsed by another tool such as a web app, etc.

    Good luck!

  7. Ben said,

    also,

    nc 127.0.0.1 1195
    status

    shows the connected users

  8. Erik said,

    You could just modify the multi.c, line 707 (in v2.1 RC 15), to output the data to whatever file or stdX you want.

  9. jose mendoza said,

    hi guys someone help me im building VPN GUI using openvpn command in VB 6.0

    this my code for connect

    Shell App.Path & “\openvpn sample2.ovpn”, vbhide

    it connect to my VPN server i want to happen while connecting
    display to textbox the connection..

    Pls help me to code..
    mail: jinkazama_jdp@ymail.com

  10. http://mensengagementrings.ca said,

    hi!,I really like your writing very so much! share we be in contact more approximately your post on AOL? I need a specialist in this house to resolve my problem. Maybe that’s you! Having a look ahead to see you.

  11. here said,

    After I start your Rss feed it appears to be a ton of junk, is the problem on my part?

  12. vpn said,

    Have you ever considered about adding a little bit more than just your articles?
    I mean, what you say is valuable and all. Nevertheless imagine if you
    added some great photos or video clips to give your posts more,
    “pop”! Your content is excellent but with pics and video clips, this blog could definitely be one of the most beneficial in its niche. Superb blog!

  13. Lloyd Irvin said,

    Do you have a spam problem on this site; I also am a blogger, and I was curious about your situation; many of us have created some nice practices and we are looking to trade methods with other folks, please shoot
    me an e-mail if interested.

  14. Bo Jackson said,

    I enjoy, result in I found exactly what I was taking a look for.
    You’ve ended my four day long hunt! God Bless you man. Have a great day. Bye

  15. Equinox said,

    Thank you for some other informative web site. Where else may I get that type of information written in such a perfect method?

    I’ve a undertaking that I’m simply now running on, and I have been at
    the glance out for such info.

  16. Muscle Rev Xtreme said,

    A person essentially assist to make critically articles I would state.
    This is the very first time I frequented your web page and thus far?
    I surprised with the analysis you made to make
    this actual publish extraordinary. Magnificent activity!

  17. grice meaning übersetzung said,

    Good post. I learn something new and challenging on websites
    I stumbleupon every day. It’s always useful to read through articles from other authors and practice a little something from their sites.

  18. Garcinia Cambogia Review said,

    Hey there! This is kind of off topic but I need some advice from an established
    blog. Is it hard to set up your own blog? I’m not very techincal but I can figure things out pretty fast. I’m thinking about creating my own but I’m not sure where to start. Do you have any tips or suggestions? Appreciate it

  19. Lowell said,

    You’ve made some good points there. I looked on the web for additional information about the issue and found most individuals will go along
    with your views on this website.

  20. rovine barcelo maya palace resort said,

    I absolutely love your website.. Great colors &
    theme. Did you develop this site yourself? Please reply back as I’m
    attempting to create my own personal website and would love to learn
    where you got this from or exactly what the theme
    is called. Kudos!

  21. diet pills over the counter said,

    Great work! This is the type of information that should be shared around the web.

    Disgrace on Google for not positioning this put up higher!
    Come on over and discuss with my web site . Thanks =)

  22. christian hudson girlfriend said,

    Attractive section of content. I just stumbled upon your weblog and in accession capital to
    assert that I acquire in fact enjoyed account your blog posts.
    Anyway I’ll be subscribing to your augment and even I achievement you access consistently
    quickly.

  23. Cisco Packet Tracer 6.1 said,

    If you wish for to take a good deal from this article then you have to apply these
    strategies to your won blog.

  24. gf pictures said,

    An impressive share! I’ve just forwarded this onto
    a coworker who has been doing a little homework on this.

    And he in fact bought me breakfast simply because I
    stumbled upon it for him… lol. So allow me to reword this….
    Thanks for the meal!! But yeah, thanks for spending time to discuss this matter here on your web page.

  25. monitor wallpapers said,

    Thanks in support of sharing such a nice opinion, post is fastidious,
    thats why i have read it entirely

  26. phyto sc said,

    Very good post! We will be linking to this great article on our site.
    Keep up the good writing.

  27. ขายส่งเครื่องสำอาง said,

    I really like your blog.. very nice colors & theme.
    Did you make this website yourself or did you hire someone to
    do it for you? Plz answer back as I’m looking to
    construct my own blog and would like to know where u got this from.
    appreciate it

  28. สถานพักฟื้น said,

    Thank you for the good writeup. It in reality
    was once a amusement account it. Look complex to far added agreeable from you!
    However, how can we keep up a correspondence?

  29. دانلود سریال said,

    very good

  30. credit theft monitor said,

    It’s remarkable in favor of me to have a site, which is useful
    in support of my know-how. thanks admin

  31. shadow fight 2 weapons guide said,

    There are few methods to put in shadow struggle
    2 recreation on Windows laptop however, just one or two are working completely.

  32. earn online said,

    Hi there to every one, the contents present at this web page are really amazing for people
    knowledge, well, keep up the good work fellows.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: