\u63a5\u7d9a\u30fb\u5207\u65ad\u6642\u306b\u51e6\u7406\u3092\u5b9f\u884c\u3059\u308b<\/h2>\n
OpenVPN \u306e\u30b5\u30fc\u30d0\u30fc\u306e\u8a2d\u5b9a\u9805\u76ee\u306b –client-connect cmd –client-disconnect cmd \u307e\u305f, OpenVPN \u306b\u306f\u5b9f\u884c\u53ef\u80fd\u306a\u5916\u90e8\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u3084\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u6307\u5b9a\u3059\u308b –script-security level Slack \u3078\u306e\u901a\u77e5\u306f Slack \u306e incoming webhook<\/a> \u3092 curl \u3067\u53e9\u304f\u3053\u3068\u3067\u5b9f\u73fe\u3067\u304d\u307e\u3059. \u307e\u305a\u3053\u3061\u3089<\/a>\u304b\u3089 Integration \u3092\u4f5c\u6210\u3057\u3066 Webhook URL \u3092\u53d6\u5f97\u3057\u3066\u304a\u304d\u307e\u3059.<\/p>\n \u6b21\u306b, \u63a5\u7d9a\u6642\u306b\u5b9f\u884c\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u3068, \u5207\u65ad\u6642\u306b\u5b9f\u884c\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u305d\u308c\u305e\u308c connected.sh:<\/p>\n disconnected.sh:<\/p>\n \u3053\u308c\u3089\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u306b \u30b9\u30af\u30ea\u30d7\u30c8\u306e\u4e2d\u3067\u306f\u74b0\u5883\u5909\u6570\u304b\u3089\u60c5\u5831\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u51fa\u6765\u307e\u3059. \u4f8b\u3048\u3070 \u6b21\u306b OpenVPN \u306e\u30b5\u30fc\u30d0\u30fc\u306e\u8a2d\u5b9a\u306b\u4ee5\u4e0b\u3092\u8ffd\u8a18\u3057, \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u63a5\u7d9a\u30fb\u5207\u65ad\u6642\u306b\u5148\u307b\u3069\u4f5c\u6210\u3057\u305f\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u5b9f\u884c\u3059\u308b\u3088\u3046\u306b\u3057\u307e\u3059.<\/p>\n OpenVPN \u30b5\u30fc\u30d0\u30fc\u3092\u518d\u8d77\u52d5\u3057\u3066, \u6b63\u3057\u304f\u52d5\u4f5c\u3059\u308b\u304b\u30c6\u30b9\u30c8\u3057\u307e\u3059. \u6b63\u3057\u304f\u52d5\u4f5c\u3059\u308b\u3068\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u306a\u308a\u307e\u3059.<\/p>\n--client-connect<\/code> \u3068 --client-disconnected<\/code> \u304c\u3042\u308a, \u305d\u308c\u305e\u308c\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u30b5\u30fc\u30d0\u30fc\u306b\u63a5\u7d9a\u30fb\u5207\u65ad\u3057\u305f\u969b\u306b\u5b9f\u884c\u3059\u308b\u30b3\u30de\u30f3\u30c9\u3092\u6307\u5b9a\u3059\u308b\u3053\u3068\u304c\u51fa\u6765\u307e\u3059. \u8a73\u7d30\u306a\u8aac\u660e\u306f man page<\/a> \u306b\u66f8\u304b\u308c\u3066\u3044\u307e\u3059:<\/p>\n
\nRun command cmd on client connection.
\ncmd consists of a path to script (or executable program), optionally followed by arguments. The path and arguments may be single- or double-quoted and\/or escaped using a backslash, and should be separated by one or more spaces.<\/p><\/blockquote>\n
\nLike –client-connect but called on client instance shutdown. Will not be called unless the –client-connect script and plugins (if defined) were previously called on this instance with successful (0) status returns.<\/p><\/blockquote>\n--script-security<\/code> \u3068\u3044\u3046\u8a2d\u5b9a\u9805\u76ee\u304c\u3042\u308b\u305f\u3081, \u3053\u308c\u3082\u9069\u5207\u306b\u8a2d\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059. curl \u306a\u3069\u306e\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u5b9f\u884c\u3059\u308b\u306b\u306f, \u30c7\u30d5\u30a9\u30eb\u30c8\u306e 1<\/code> \u304b\u3089 2<\/code> \u306b\u5909\u66f4\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059. \u4ee5\u4e0b\u3082 man page \u304b\u3089\u306e\u5f15\u7528\u3067\u3059:<\/p>\n
\nThis directive offers policy-level control over OpenVPN’s usage of external programs and scripts. Lower level values are more restrictive, higher values are more permissive. Settings for level:
\n0 — Strictly no calling of external programs.
\n1 — (Default) Only call built-in executables such as ifconfig, ip, route, or netsh.
\n2 — Allow calling of built-in executables and user-defined scripts.
\n3 — Allow passwords to be passed to scripts via environmental variables (potentially unsafe).<\/p><\/blockquote>\nSlack \u306b\u901a\u77e5\u3059\u308b<\/h2>\n
connected.sh<\/code> \u3068 disconnected.sh<\/code> \u3068\u3057\u3066\u4f5c\u6210\u3057\u3066\u304a\u304d\u307e\u3059. (Webhook URL \u306f\u9069\u5b9c\u8a2d\u5b9a\u3057\u3066\u4e0b\u3055\u3044.)<\/p>\n#!\/bin\/bash\r\ncurl -X POST --silent --data-urlencode \"payload={\\\"channel\\\": \\\"#openvpn\\\", \\\"username\\\": \\\"OpenVPN (Connected)\\\", \\\"text\\\": \\\"Connected\\nName: $common_name\\nGlobal IP: $untrusted_ip\\nLocal IP: $ifconfig_pool_remote_ip\\\", \\\"icon_emoji\\\": \\\":airplane_departure:\\\"}\" https:\/\/hooks.slack.com\/services\/......\r\n<\/code><\/pre>\n#!\/bin\/bash\r\ncurl -X POST --silent --data-urlencode \"payload={\\\"channel\\\": \\\"#openvpn\\\", \\\"username\\\": \\\"OpenVPN (Disconnected)\\\", \\\"text\\\": \\\"Disconnected\\nName: $common_name\\nGlobal IP: $untrusted_ip\\nLocal IP: $ifconfig_pool_remote_ip\\\", \\\"icon_emoji\\\": \\\":airplane_arriving:\\\"}\" https:\/\/hooks.slack.com\/services\/......\r\n<\/code><\/pre>\n$\u00a0sudo chmod +x connected.sh disconnected.sh<\/code> \u306a\u3069\u3068\u3057\u3066\u5b9f\u884c\u6a29\u9650\u3092\u4e0e\u3048\u3066\u304a\u304d\u307e\u3059.<\/p>\n$common_name<\/code> \u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u8a3c\u660e\u66f8\u306e Common Name, $untrusted_ip<\/code> \u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e IP \u30a2\u30c9\u30ec\u30b9, $ifconfig_pool_remote_ip<\/code> \u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e VPN \u3067\u306e IP \u30a2\u30c9\u30ec\u30b9\u304c\u53d6\u5f97\u3067\u304d\u307e\u3059. \u305d\u306e\u4ed6\u306e\u74b0\u5883\u5909\u6570\u306b\u3064\u3044\u3066\u306f\u00a0man page<\/a>\u00a0\u3092\u53c2\u7167\u3057\u3066\u4e0b\u3055\u3044.<\/p>\nscript-security 2\r\nclient-connect connected.sh\r\nclient-disconnect disconnected.sh<\/code><\/pre>\n
![\"OpenVPN](\"https:\/\/blog.ymyzk.com\/wp-content\/uploads\/2016\/10\/openvpn-slack.png\")
<\/a><\/p>\n