Community discussions

 
misko
just joined
Topic Author
Posts: 2
Joined: Mon Oct 28, 2013 12:42 pm
Location: Serbia

Send notification mail on new VPN connection

Mon Oct 28, 2013 12:51 pm

Hello everybody :)

I am new to mtik scripting so in advance I`m sorry for my newbie questions.

I made a script that checks the active connections in PPP, and when it detects a connection it sends an email.
foreach i in=[ppp active find ] do={
local name [ppp active get value-name=name $i];
local ipaddr [ppp active get value-name=caller $i];
:log info "Active PPTP connection with username: $name, IP Address of caller: $ipaddr";
/tool e-mail send to="example@gmail.com" tls=yes body="Active PPTP connection with username: $name, IP Address of caller: $ipaddr" subject="PPTP connection";
}
Now my goal is to run this script ONLY when a new connection appears, and it sends one email only.

I thought of scheduling the script to run every minute or so, but then it will send an email everytime with the active connections... which is no good for me.

So I would like to ask for some help on an idea for this, and most likely a bit of coding too.

Thank you again
 
User avatar
jspool
Member
Member
Posts: 372
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: Send notification mail on new VPN connection

Mon Nov 04, 2013 7:57 pm

Hello,

One way to accomplish this is to use system logging.

/system logging action
add email-start-tls=yes email-to=myemail@mydomain.com name=email target=email

/system logging
add action=email topics=ppp,info,account,!debug

setup your email server in /tool email if you have not already. (and if you don't use tls then you can change that to no)

this will fire off an email on user connect & disconnect and in the subject line it will show username and the IP they connected from.


Regards,
Josh
 
nurmia
newbie
Posts: 28
Joined: Thu Oct 03, 2013 4:34 pm

Re: Send notification mail on new VPN connection

Sun Nov 10, 2013 10:53 am

very helpful post.i am pleased your post.
 
misko
just joined
Topic Author
Posts: 2
Joined: Mon Oct 28, 2013 12:42 pm
Location: Serbia

Re: Send notification mail on new VPN connection

Wed Nov 13, 2013 4:49 pm

Thank you very much, it works like a charm. :)

Now we got a new request that they want to get a mail when someone tries to connect.

On an unsuccessfull connection to fire off a mail. I managed do do that, but I get three mails instead because of the three log inserts:

<pptp-0>: waiting for call...
<pptp-0>: terminating... - user test.attack authentication failed
<pptp-0>: disconnected

Is there a way to filter out only the middle part (<pptp-0>: terminating... - user test.attack authentication failed) and send it in mail?
My current added setting is

/system logging
add action=email topics=ppp,info,account

Thank you again,

Best regards
 
nurmia
newbie
Posts: 28
Joined: Thu Oct 03, 2013 4:34 pm

Re: Send notification mail on new VPN connection

Sat Nov 16, 2013 2:26 pm

very fine news i wish your success.thank you.
 
bl00dy
just joined
Posts: 1
Joined: Fri Nov 04, 2016 8:00 pm

Re: Send notification mail on new VPN connection

Fri Nov 04, 2016 8:03 pm

Hello,

I have little bit advanced question. I use CAPsMAN. And I wan to receive email when my mobile MAC address is connected to one of my AP's... (just ti get status, than I am at home). But I don't want to receive emails when I switch between AP's.

Additional question, is there any possibility to send API request from my home automation system, to check if now MAC is visible as connected in CAPsMAN?

Ed
 
CuoreSportivo
just joined
Posts: 8
Joined: Sat Jun 17, 2017 1:56 pm

Re: Send notification mail on new VPN connection

Tue Oct 10, 2017 1:13 pm

this will fire off an email on user connect & disconnect and in the subject line it will show username and the IP they connected from.
Hello all,

I just set this up so that I receive emails when a user (dis)connects. Many thanks to Josh since his post was simple and crystal clear!
Even though the action works fine, for some reason the IP I get is not the desired one. To be more specific, once a user logs in, I receive an email with the local IP that was assigned to this connection (192.168.x.x - which is of no use), and when a user disconnects I get a weird query of numbers (eg 451 xxxxxxx xxxxxxx xxxx 5197 - where "x" random numbers) that has nothing to do with the user's public IP.

Is the above behavior normal?
 
User avatar
jspool
Member
Member
Posts: 372
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: Send notification mail on new VPN connection

Wed Oct 11, 2017 5:11 am

Try removing "account" from the log rule topics and see if that gives you the desired data. It may result in more notifications however it should contain the true IP when they connect.
 
CuoreSportivo
just joined
Posts: 8
Joined: Sat Jun 17, 2017 1:56 pm

Re: Send notification mail on new VPN connection

Wed Oct 11, 2017 11:44 am

Thank you @jspool!
I did as you said, but unfortunately it didn't work.
 
User avatar
jspool
Member
Member
Posts: 372
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: Send notification mail on new VPN connection

Wed Oct 11, 2017 11:58 am

Have you tried using "pptp" and "info" for topics? Assuming your using PPTP.
 
CuoreSportivo
just joined
Posts: 8
Joined: Sat Jun 17, 2017 1:56 pm

Re: Send notification mail on new VPN connection

Wed Oct 11, 2017 12:23 pm

I's using L2TP, so added this ("l2tp") entry too but it's still the same. When connecting I get the local IP, and when disconnecting I get this weird number sequence.
 
User avatar
jspool
Member
Member
Posts: 372
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: Send notification mail on new VPN connection

Wed Oct 11, 2017 7:31 pm

Hello
So here is an option:

In "ppp profile scripts on the profile your L2TP server is set to use" place the following into the "On Up":
:local FromEmail "myfromaddress@mydomain.com"
:local ToEmail "mytoaddress@mydomain.com"

:foreach i in=[/ppp active find where uptime <1m] do={
:local Addr [/ppp active get $i caller-id]
/tool e-mail send user="$FromEmail" from="$FromEmail" to="$ToEmail" subject="$[/system identity get name] - New L2TP Connection" body="New L2TP connection from $Addr at $[/system clock get time] $[/system clock get date]";
}
If your tool email is setup you will get an email similar to this when there is a new connection: New L2TP connection from x.x.x.x at 09:28:58 oct/11/2017
 
CuoreSportivo
just joined
Posts: 8
Joined: Sat Jun 17, 2017 1:56 pm

Re: Send notification mail on new VPN connection

Thu Oct 12, 2017 2:57 pm

It works just great! Thanks jspool! Any similar script for when interface goes down?
 
User avatar
Jotne
Member
Member
Posts: 441
Joined: Sat Dec 24, 2016 11:17 am

Re: Send notification mail on new VPN connection

Fri Oct 13, 2017 9:24 am

Why do you need an email when someone use VPN?
I just send the log using syslog to Splunk and get nice graphs showing when user connects.

Here is an example of me testing VPN and logging. I do see when, who, what type and where he comes from in one view.
Splunk VPN.jpg
More info on Splunk and Mikrotik here:
viewtopic.php?t=117509
You do not have the required permissions to view the files attached to this post.
 
CuoreSportivo
just joined
Posts: 8
Joined: Sat Jun 17, 2017 1:56 pm

Re: Send notification mail on new VPN connection

Fri Oct 13, 2017 11:30 am

There are only three VPN users who rarely connect on VPN, so a simple email notification will do the job.

Who is online

Users browsing this forum: No registered users and 10 guests