Re: [Openvpn-devel] Windows, OpenVPN-GUI, disconnect
On win7 with baloontips disabled you can connect but can't disconnect via the gui. Maybe that's your problem? Am 18.03.2010 14:17, schrieb Gert Doering: Hi, On Thu, Mar 18, 2010 at 01:14:22PM +0100, Jan Just Keijser wrote: took me a while to figure this one out: the openvpn gui codes sets an 'exit event' (using a win32 API call CreateEvent) before starting the actual openvpn process; when the user chooses 'disconnect' this 'exit event' is triggered, which causes the process to be terminated (using the appropriate win32 signal). Huh, scary stuff. How would that win32 signal be delivered to the openvpn.exe process? Will it just receive a unix-like signal "SIGTERM"? Or does it have to poll some sort of Windows event queue? BTW: I just discovered that this is not limited to the openvpn.exe I built *on* windows, but that my linux-mingw crosscompiled openvpn.exe does this as well now, and so does the original OpenVPN-provided 2.1.1 binary(!). "Something weird happened to this machine", and I don't understand what it is. The question now becomes: what does openvpn do when it receives a terminate signal? actually, is there a signal being sent to the server to say "client X is disconnecting" ? Nothing whatsoever visible in the logs. The last entry in the log (verb 5) is after successful startup: "Initialization Sequence Complete" ... and then when pressing, nothing whatsoever happens. The OpenVPN connection stays alive and healthy(!), packets continue to get forwarded, just the signal delivery fails. (If I increase the log verbosity to "verb 9", lots of stuff is going on, but nothing in there that gives any indication of signals being received) gert
Re: [Openvpn-devel] Windows, OpenVPN-GUI, disconnect
Hi, On Thu, Mar 18, 2010 at 01:14:22PM +0100, Jan Just Keijser wrote: > took me a while to figure this one out: > the openvpn gui codes sets an 'exit event' (using a win32 API call > CreateEvent) before starting the actual openvpn process; when the user > chooses 'disconnect' this 'exit event' is triggered, which causes the > process to be terminated (using the appropriate win32 signal). Huh, scary stuff. How would that win32 signal be delivered to the openvpn.exe process? Will it just receive a unix-like signal "SIGTERM"? Or does it have to poll some sort of Windows event queue? BTW: I just discovered that this is not limited to the openvpn.exe I built *on* windows, but that my linux-mingw crosscompiled openvpn.exe does this as well now, and so does the original OpenVPN-provided 2.1.1 binary(!). "Something weird happened to this machine", and I don't understand what it is. > The question now becomes: what does openvpn do when it receives a > terminate signal? actually, is there a signal being sent to the server > to say "client X is disconnecting" ? Nothing whatsoever visible in the logs. The last entry in the log (verb 5) is after successful startup: "Initialization Sequence Complete" ... and then when pressing , nothing whatsoever happens. The OpenVPN connection stays alive and healthy(!), packets continue to get forwarded, just the signal delivery fails. (If I increase the log verbosity to "verb 9", lots of stuff is going on, but nothing in there that gives any indication of signals being received) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de
Re: [Openvpn-devel] Windows, OpenVPN-GUI, disconnect
Hi Gert, Gert Doering wrote: Hi, can one of you tell me what happens "under the hood" if I click the "disconnect" button of the openvpn-gui under Windows XP? Why am I asking? I managed to get my windows build environment working well enough that I can now build a complete installer package with the IPv6 patches, and with the adapted tun/tap driver - but it breaks in funny ways. - Installation works fine - running the openvpn-gui (precompiled) works fine - (client) connection to a TUN server works fine [initiated by pressing the "connect..." button of the GUI in the windowsstatus bar] - IPv4 and IPv6 connectivity works - pressing the "disconnection" button of the GUI doesn't seem to do anything. Well, the status window says "disconnecting..." and the button is greyed out - but no update in the log file or the status window, no nothing. I assume that "something is miscompiled" or "a newer version of mingw has some surprising side effects" - but to know where to start looking, it would be helpful to understand what signalling is used openvpn-gui --> openvpn.exe to signal disconnect. (Since I didn't touch any of the signal handling stuff, I'm fairly sure that it wasn't one of my changes, but I still want to have a working Windows bundle to get people to test it) took me a while to figure this one out: the openvpn gui codes sets an 'exit event' (using a win32 API call CreateEvent) before starting the actual openvpn process; when the user chooses 'disconnect' this 'exit event' is triggered, which causes the process to be terminated (using the appropriate win32 signal). The question now becomes: what does openvpn do when it receives a terminate signal? actually, is there a signal being sent to the server to say "client X is disconnecting" ? cheers, JJK
Re: [Openvpn-devel] Tomorrow's meeting (18th March)
Hi, 2010/3/17 Samuli Seppänen: > >> On Wed, Mar 17, 2010 at 10:42:26AM +0200, Samuli Seppänen wrote: >> >>> Hi all, >>> >>> As usual, tomorrow's (18th March) meeting will be at #openvpn-discussion >>> (irc.freenode.net) at 18:00 UTC. Preliminary meeting topics are >>> available here: >>> >>> http://www.secure-computing.net/wiki/index.php/OpenVPN/IRC_meetings/Topics-2010-03-18 >>> >>> David (dazo) won't be able to attend, unfortunately. >>> >>> >> >> Hi, >> >> I won't be able to attend either. I will next week, hopefully with news >> on Debian packages build daily/weekly. >> > Too bad you're not able attend, Alberto. However, Jan will be present, > so I think we're going to be focus on the two bugs/issues he has > noticed, see "Possible bugs/issues" on this page: > > http://www.secure-computing.net/wiki/index.php/OpenVPN/IRC_meetings/Topics-2010-03-18 Unfortunately I can't attend either (regular meetings clash). BTW I've added this bug (forwarded by Alberto, tnx): +## [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574164 Assertion fails in socket.c:429 in p2p mode due to Debian ipv6 patch] Cheers, > > -- > Samuli Seppänen > Community Manager > OpenVPN Technologies, Inc > > irc freenode net: mattock > > > -- > Download Intel Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > ___ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > -- --JuanJo ; echo j...@gomosglep.com | sed 's/[SPAM]//g'
Re: [Openvpn-devel] Bytecount Reporting
Or you can user the radiusplugin from Ralf (http://www.nongnu.org/radiusplugin/) use a radius server and set an accounting interval. Regards, Eike Am 17.03.2010 23:38, schrieb Davide Brini: On Wednesday 17 March 2010, open...@rkmorris.us wrote: I am trying to write an application that monitors traffic over an OpenVPN link - by using bytecount information from the management interface. However, after I telnet in, and enter "bytecount 1" (for 1 second updates), I find that the real-time bytecount updates are not really every second. They seem to be initially, but soon slow down (to an update every 5-10 seconds). Sorry for avoiding a direct answer to the question (David has already addressed that quite well), but I just wanted to tell you that you can get byte counts from OpenVPN's status file, ie the one you specify with "-- status". I used that in the past to monitor clients and traffic (it was actually a Munin plugin that read the file and collected the data). That said, it might not suit your requirements, but I thought I mentioned that just in case.
Re: [Openvpn-devel] Bytecount Reporting
On Wednesday 17 March 2010, open...@rkmorris.us wrote: > Hi Davide, > > > > Yes, that makes sense - and I was going to do that originally, but I > figured the real-time bytecount would result in less traffic (and text > parsing). One question though ... you say "status file". Do you really > mean a file? I can execute the status command over the Management > Interface, but it's really a telnet type response, not in a file. Yes, it's a real file. For example, you say status /var/run/openvpn.status 10 and here's an example of what you get there (updated every 10 seconds, as per the above directive): # cat /var/run/openvpn.status OpenVPN CLIENT LIST Updated,Wed Mar 17 22:56:47 2010 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since CLIENT2,78.X.X.X:37298,742906,512337,Wed Mar 17 18:11:44 2010 DHOME,81.X.X.X:52424,3746,4900,Wed Mar 17 22:56:29 2010 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.180.0.4,CLIENT2,78.X.X.X:37298,Wed Mar 17 18:11:45 2010 10.180.0.9,DHOME,81.X.X.X:52424,Wed Mar 17 22:56:30 2010 GLOBAL STATS Max bcast/mcast queue length,0 END Easily parsable with sed/awk/perl/whatever you like. You can even choose among three different formats (all easily parsable) by using the "--status-version [n]" option (the above is format 1). See the man for the details. -- D.