diff options
author | Dmitry Zelenkovsky | 2022-10-06 22:37:31 +0200 |
---|---|---|
committer | Gert Doering | 2022-10-07 18:08:13 +0200 |
commit | f96290ff901f62717fdb4c1adef72142f359e992 (patch) | |
tree | 8323445ac65e05ff26e89e4cf7edb6d6c90702ba /doc/man-sections | |
parent | 0b980fa4e5761d6544ccf96b89fc2186ce23e144 (diff) | |
download | openvpn-f96290ff901f62717fdb4c1adef72142f359e992.zip openvpn-f96290ff901f62717fdb4c1adef72142f359e992.tar.gz |
implement --session-timeout
Disconnect clients after session-timeout expires.
session-timeout can be defined in ccd files in order to limit
per-user connection time.
Signed-off-by: Dmitry Zelenkovsky <dmitry@zelenkovsky.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221006203731.13529-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25352.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'doc/man-sections')
-rw-r--r-- | doc/man-sections/link-options.rst | 11 | ||||
-rw-r--r-- | doc/man-sections/server-options.rst | 2 |
2 files changed, 12 insertions, 1 deletions
diff --git a/doc/man-sections/link-options.rst b/doc/man-sections/link-options.rst index 373193a..eb098a0 100644 --- a/doc/man-sections/link-options.rst +++ b/doc/man-sections/link-options.rst @@ -427,6 +427,17 @@ the local and the remote host. default) and you are using either ``--secret`` (shared-secret key mode) or TLS mode with ``--tls-auth``. +--session-timeout n + Raises :code:`SIGTERM` for the client instance after ``n`` seconds since + the beginning of the session, forcing OpenVPN to disconnect. + In client mode, OpenVPN will disconnect and exit, while in server mode + all client sessions are terminated. + + This option can also be specified in a client instance config file + using ``--client-config-dir`` or dynamically generated using a + ``--client-connect`` script. In these cases, only the related client + session is terminated. + --socket-flags flags Apply the given flags to the OpenVPN transport socket. Currently, only :code:`TCP_NODELAY` is supported. diff --git a/doc/man-sections/server-options.rst b/doc/man-sections/server-options.rst index 54ea8b6..9d0c73b 100644 --- a/doc/man-sections/server-options.rst +++ b/doc/man-sections/server-options.rst @@ -426,7 +426,7 @@ fast hardware. SSL/TLS authentication must be used in this mode. ``--inactive``, ``--ping``, ``--ping-exit``, ``--ping-restart``, ``--setenv``, ``--auth-token``, ``--persist-key``, ``--persist-tun``, ``--echo``, ``--comp-lzo``, ``--socket-flags``, ``--sndbuf``, - ``--rcvbuf`` + ``--rcvbuf``, ``--session-timeout`` --push-remove opt Selectively remove all ``--push`` options matching "opt" from the option |