[pptp-server] Logging actual remote ip addr

George Vieira georgev at citadelcomputer.com.au
Tue Dec 19 02:52:06 CST 2000


I actually found a way of doing this in a more proper fashion..

If you run PPTPD from the inet services and use TCP wrappers, you can spawn
a script for every connection using the TCP wrappers hosts.allow file.
I have tested this and I hope people archive this somewhere on a site
because I ain't keeping this set up.

/etc/inetd.conf # Please Note, the next line is ONE LINE
pptpctrl stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/pptpctrl 0 1
/etc/pp
p/options.pptp 1 115200 1 10.10.0.1 0 0


/etc/hosts.allow # Spawns the script on every connection
pptpctrl:       ALL :       spawn (/sbin/pptpdlog %n %a %d)


/sbin/pptplog # Logs     IPName    IP   DaemonProc
#!/bin/bash
echo "[`date +\"%D\"`] : $1 $2 $3" >> /var/log/pptpuser.log



I hope this helps somebody out there..

-----Original Message-----
From: George Vieira 
Sent: Tuesday, December 19, 2000 10:48 AM
To: 'Giulio Orsero'; pptp-server at lists.schulte.org
Subject: RE: [pptp-server] Logging actual remote ip addr


Oh sorry, I missed the very last line in your email and I know now what IP
you meant... sorry.

I can't see any other info on that except in /var/log/messages file.

I don't know of any other way except to use the line below in your
ip-up.local .. problem with with it is if you get 2 people connecting to the
PPTPD server at the same time that it could possibly grab the wrong IP for
the wrong client.

grep "CTRL: Client" /var/log/messages | grep started | tail -1 | cut -f 8 -d
" "


-----Original Message-----
From: Giulio Orsero [mailto:giulioo at pobox.com]
Sent: Tuesday, December 19, 2000 9:04 AM
To: pptp-server at lists.schulte.org
Subject: Re: [pptp-server] Logging actual remote ip addr


On Tue, 19 Dec 2000 08:47:48 +1100, you wrote:

>I don't know how that can be... because your PPP shows up as... eg..
>ppp1      Link encap:Point-to-Point Protocol  
>          inet addr:10.0.0.1  P-t-P:10.0.0.68  Mask:255.255.255.255
>          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>          RX packets:231490 errors:0 dropped:0 overruns:0 frame:0
>          TX packets:149905 errors:0 dropped:0 overruns:0 carrier:0
>          collisions:0 txqueuelen:10 
>So how the hell is it reporting the external addresses...
Sorry, I don't understand.
Suppose  I use in pptpd.conf:
localip 10.0.0.1
remoteip 10.0.0.68 (just an example to follow you on the above output)
and suppose a client connects to its ISP and gets ip 212.x.x.x.
that clients connect to my VPN server, say 210.x.x.x.

Then, the variables in ip-up will show 10.0.0.1 and 10.0.0.68, while I
want to know the 212.x.x.x address of the client which I only see in the
pptpd log (through syslog)


>Just add the following line into your /etc/ppp/ip-up.local and watch the
>logs as your bring the link up
>echo "$1 $2 $3 $4 $5 $6 " >> /var/log/pppconnect.log
$4 and $5 would be 10.0.0.1 and 10.0.0.68

As far as I understand pptd<--->pppd interaction, pppd only sees
internal/vpn addresses (the one you specify in pptpd.conf), not the real
internet addresses (the one I want to automatically email to someone).

-- 
giulioo at pobox.com
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
List services provided by www.schulteconsulting.com!



More information about the pptp-server mailing list