[Falkirk] Pptpd connection logging

Mike Quin mike at elite.uk.com
Mon Mar 26 11:54:02 UTC 2012


On Thu, Mar 22, 2012 at 02:01:07PM +0000, Paul Mcclung wrote:

> I have a small server running ubuntu 11.04 and acting as a vpn server. I
> would like to be able to log who is connected when and what ip they are
> allocated but I cannot seem to find any info on this. Any help would be
> much appreciated.

PPTP logging is a big ugly due to the design of the service, which
means that the various bits of pertinent information are spread across
various lines of the log file, some being logged by the pptp daemon
managing the connection, and some by the pppd daemon which is launched
to do the packet-shuffling part.

What I do is use a couple of shell scripts, run when the PPP interface
comes up or goes down to collate the useful parts and spit them out as
a single syslog line. We comma separate these for later processing but
you could easily change them for readability if you prefer.

/etc/ppp/ip-up.d/vpn-ifup:

#!/bin/sh
# IFUP,Proccess ID,Endpoint Address,Authenticated Username,Tunnel Address,Interface Name,Pseudo Terminal
logger -t VPN "IFUP,$PPPD_PID,$PPP_IPPARAM,$PEERNAME,$PPP_REMOTE,$IFNAME,$PPP_TTY"

/etc/ppp/ip-down.d/vpn-ifdown:

#!/bin/sh
# IFDOWN,Process ID,Endpoint Address,Authenticated Username,Seconds Connected,Bytes Received,Bytes Sent
logger -t VPN "IFDOWN,$PPPD_PID,$PPP_IPPARAM,$PEERNAME,$CONNECT_TIME,$BYTES_RCVD,$BYTES_SENT"

Our PPTP servers run on Debian but I would not expect Ubuntu to be
signifcantly different.

-- 
Mike Quin <mike at elite.uk.com> 



More information about the Falkirk mailing list