user connected log username to container logs

hwdsl2 / docker-ipsec-vpn-server

Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

https://hub.docker.com/r/hwdsl2/ipsec-vpn-server

Other

6.37k stars 1.38k forks source link

user connected log username to container logs #366

Closed sinawic closed 1 year ago

sinawic commented 1 year ago

Checklist

[x] I searched existing Issues, and did not find a similar enhancement request
[x] This enhancement request is about the IPsec VPN server Docker image, and not IPsec VPN itself
[x] I read the README
[x] I read the Important notes
[x] I followed instructions to configure VPN clients
[x] I checked IKEv1 troubleshooting, IKEv2 troubleshooting, enabled logs and checked VPN status

Describe the enhancement request Hey, thanks for the best documentation ever. there is just this requirement I have, I want when a user connect to the vpn (for me using l2tp) the output log of the container also include the username next to the ip address of the user that has made a successful connection. right now there is only the IP address of the user logged to container.

output that I get: Connection established to x.x.x.x, 50396. Local: 33476, Remote: 12333 (ref=0/0). LNS session is 'default' I have defined VPN_ADDL_USERS also in the .env file.

sinawic commented 1 year ago

example output I need: Connection established to username:x.x.x.x, 50396. Local: 33476, Remote: 12333 (ref=0/0). LNS session is 'default'

hwdsl2 commented 1 year ago

@sinawic Hello! For your use case, you can enable debug logging for xl2tpd. First open a bash shell inside the Docker container. Then edit /opt/src/run.sh and add a line debug to the /etc/ppp/options.xl2tpd section. The relevant code is here. For example:

# Set xl2tpd options
cat > /etc/ppp/options.xl2tpd <<EOF
+mschap-v2
debug
ipcp-accept-local
ipcp-accept-remote
noccp
auth
mtu 1280
mru 1280
proxyarp
lcp-echo-failure 4
lcp-echo-interval 30
connect-delay 5000
ms-dns $DNS_SRV1
EOF

Save the file and exit the Docker container. Then run docker restart ipsec-vpn-server.

With this change, you should see usernames in the logs when an IPsec/L2TP client connects, although the logs will become more verbose. I am not aware of a method to log the username without enabling debug logs.

sinawic commented 1 year ago

Thanks for a very fast response! I'll give a try I'm sure it'll work.

extra logs are fine for me. I'm actually creating a nodejs script that listens to the logs of the container and notifies whenever a user makes a connection. A need of company where I'm working at. but it might be a need of other companies too!

sinawic commented 1 year ago

sorry I did exactly the same also checked the /etc/ppp/options.xl2tpd file after restart. it contains debug as you told but still I don't see any changes in the output logs

@hwdsl2

hwdsl2 commented 1 year ago

@sinawic I looked into it and you need the following *additional* steps:

Note: These steps will allow you to see debug logs in file /var/log/messages inside the Docker container. I didn't find a way to send these logs to the Docker container logs.

Enable rsyslog using these instructions.
Open a bash shell inside the container. Install nano: apk add -U nano.

Edit /etc/rsyslog.conf inside the container. Find the line

*.info;authpriv.none;cron.none;kern.none;mail.none     -/var/log/messages

and replace it with:

*.debug;authpriv.none;cron.none;kern.none;mail.none     -/var/log/messages

Save the file and exit the container. Then run docker restart ipsec-vpn-server.

After connecting using an IPsec/L2TP VPN client, check the logs using:

docker exec -it ipsec-vpn-server cat /var/log/messages

sinawic commented 1 year ago

thank you very much for the time :+1: