I recently bought myself a Raspberry Pi B+ (picture semi-related). I had no initial plans on what I was going to with it, but I ended up installing Raspbian and setting up a PPTP VPN in my home’s DMZ (There are plenty of guides online if you are looking to do this). The reason I went with PPTP over IPSEC or L2TP is because PPTP is so easy to set up. It took about 15 minutes to get it up and running. Even though PPTP is no longer considered a “secure” VPN, I wanted to be able to have an encrypted connection anytime I was on a public WiFi.
Taking into account all of the flaws with PPTP, I needed a way to be notified anytime there was a new VPN connection to my server. I also wanted to get notified of the IP address that was connecting, and a location of where the connection was being established from. That’s when I came across the /etc/ppp/ip-up file. The ip-up file (and its twin, the ip-down file) execute a series of commands whenever a new VPN connection is established or removed. Since I only care about new connections, the ip-up file is where I will be making all of my changes.
When you first open the file, you will see several variables already declared.
I will be using some of these in my final script. The one variable that caught my attention was PPP_REMOTE. I first thought this would give me the remote IP address that made the connection, but instead it gives the remote IP address assigned to the new connection. The actual public IP address was being stored in the /var/log/messages file. Here is a snipped of what a new PPTP connection looks like from the /var/log/messages file:
Since the public IP address comes after the words “peer from calling number”, The first line of my script parses though that file and pulls out just the IP address:
Now that I have the IP address stored in the variable ipaddress, I can run a cURL against the ipinfo.io API to pull back location information for that IP address. Here is what the return looks like for Google:
The rest of my script is just some formatting and a time/date stamp. Note that this whole script is located right in the ip-up file. You essentially could call an external script from the ip-up file, but putting your code inside it has the same effect. Here is my final script:
It simply builds out the email body in a /tmp/ppp.log file, then the last line sends me that file in an email. One thing to note is that I already have MailUtils installed on the server –which handles the actual emailing part.
Here is what the email notification looks like anytime the VPN server establishes a new connection:
Hope this helps! Let me know if you run into any problems in the comments.