search

travisghansen / hass-pfsense

pfSense integration with Home Assistant
187 stars 27 forks source link

Sensor to get OpenVPN client public IP address possible? #64

Open reklame33 opened 2 years ago

reklame33 commented 2 years ago

Thanks for work with this great integration!

I have a feature request. When you run a OpenVPN server on your pfsense and a client connect to it, pfsense will show the client public ip address in the dashboard. Also the time connection was established show on the dashboard and would be nice to be an entity in HA. I would like a sensor to monitor this ip address. The purpose is to send me a notification if this address changes (ie if the client switch to connect to OpenVPN server using a failover connection).

Have tried using SNMP, but did not find it possible because the oid is the client ipaddress itself and if it changes it is unknow for me. oid 1.3.6.1.2.1.6.13.1.4.x.x.x.x.portx.y.y.y.y.porty = "y.y.y.y" i.e: 1.3.6.1.2.1.6.13.1.4.10.11.12.13.1142.63.64.65.66.42000 = "63.64.65.66"

x.x.x.x is local wan address. y.y.y.y is client public ip address.

So I was looking for a way to detect this address as an entity in HA and send me a notification if changes is detected.

I am unknown to xmlrpc so can not really tell if this is possible.

travisghansen commented 2 years ago

Have a peek over here, seems similar: https://github.com/travisghansen/hass-pfsense/issues/55

yabbah commented 2 years ago

+1

Also want the IP of the connected OpenVPN client/s. Dont think #55 is the same?

travisghansen commented 2 years ago

You want a new entity per client?

reklame33 commented 2 years ago

I only have one Client connecting to the server, and would like to detect ip changes on this.

so maybe not easy to detect if Client change ip address and integration thinks this is a new Client and create a new entity?

travisghansen commented 2 years ago

I've researched the pfSense openvpn configuration options a bit and they don't leave many options for this unfortunately. I really don't think the integration is the best place to handle this sort of thing but rather I would run some sort of 'daemon' on the pfSense server to send a notice to hass or node-red or similar and then automate from there.

After looking at the different options the only non-intrusive way to handle this is to 'tail' the openvpn log file on the pfSense machine and parse out relevant entries and trigger notices to a webhook or whatever.