connect-script double call

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Apr 12 03:46:13 PDT 2014


On Sat, 2014-04-12 at 17:11 +0800, Steve wrote:
> > That's correct, and I couldn't avoid it. I've documented it as:
> > "Note that a "disconnect" call will not contain the IP information
> > of the client, if the client has reconnected with a cookie (and thus
> > re-used its IP addresses)."
> > and since I documented it, it is no longer a bug :) Seriously now, I
> > couldn't figure a better behavior. Sending the IP back would have been
> > wrong, as it is being used by another session.
> This may cause some problem like double the iptables rules in system :)
> >> BTW, is it possible to send user's traffic bytes info in disconnect?
> > You could use ifconfig on the device of the user. The stats of the tun
> > device are the stats of the user. This is how occtl reports the traffic
> > bytes.
> Yes, but the device gone before the disconnect script, so error would
> be: "vpns1: error fetching interface information: Device not found"

Correct. I've made the main process keep an fd to the tun device open
up until the disconnect script is called. That should keep the tun
device open.

regards,
Nikos





More information about the openconnect-devel mailing list