Jump to content
Sign in to follow this  

OpenVPN disconnect signal via Telnet

Recommended Posts

Hi, guys, I want to share my findings and hard work with the community.

I wanted to disconnect an OpenVPN connection. There're two options. Option 1: kill process openvpn.exe. Option 2: send 'signal SIGTERM' (graceful exit).
Let's work option 2. I need to start openvpn.exe with '--management IP port' option to enable the management interface.
Because I want my script to interact and know all the status messages, I need to access stdin/stdout streams.

My first idea was to use Windows Telnet client. (You have to install it via Control Panel > Windows Features). AutoIt manages correctly the I/O streams with Run(), $STDIN_CHILD + $STDOUT_CHILD options, and StdoutRead, StdinWrite functions. I can start a console with Run(@ComSpec & " /k telnet") and interact till the Telnet> prompt, but after sending the 'open localhost 7505' command, the stream stops responding.
After hours trying, I learned that Windows Telnet can't redirect (pipe output) stdin/stdout. Here's an explanation: http://comp.terminals.narkive.com/oHwvdYmf/hang-crash-in-plink-with-windows-telnet-server

I delved into this forum looking for telnet info. First suggestion was to use an alternative program called 'Console Telnet' http://consoletelnet.sourceforge.net/, and use the script by 'Chimp' Also '?do=embed' frameborder='0' data-embedContent>>
I tried ConsoleTelnet directly (standalone exe) but, after connecting to OpenVPN, the console stops the keyboard input. (I don't know what strange configuration I'm missing.)
Then I tried the script. It connects, but then no more data can be sent.
Update: I tested the ConsoleTelnet + script with a public telnet server and it worked. Finally, I found out that the problem was with the termination characters! Keep in mind that some servers (localhost Windows) require @CRLF. If you just send a @CR, it will hang. So the correction is: StdinWrite(pid, "cmd" & @CRLF).
Remember to edit config file 'telnet.ini' and enable option Telnet_Redir=1.

Desperated, I opted for the quick-and-dirty workaround of reading the console by copying to the clipboard. Send("!{SPACE}ES") Send("{ENTER}").
But I wasn't willing to give up, and continued my research. I tried third-party consoles dtelnet.sourceforge and console.sourceforge, but cannot redirect stdin/stdout. Finally I stumbled upon plink.exe (a command-line interface to the PuTTY back end). http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
plink -raw -P 7505 localhost
But it happened as with ConsoleTelnet: keyboard input stucks after connection to OpenVPN. I even tried with netcat. It works as standalone (netcat localhost 7505) but there's a problem with I/O stream piping with AutoIt.

After an exhausting day, I finally decided to give TCP a try. And it worked! with just a few lines of code.
Here is the minimalistic version. You should add more code to watch for errors.

$Socket = TCPConnect("", 7505)
;ConsoleWrite(TCPRecv($Socket, 500))
TCPSend($Socket, "signal SIGTERM" & @CRLF)
;ConsoleWrite(TCPRecv($Socket, 500))

Here is the connection snippet.

$cmd = 'openvpn --config "C:\Program Files (x86)\OpenVPN\config\myconfig.ovpn" --remote 443 --management localhost 7505'
$pid = Run(@ComSpec & " /c " & $cmd, "", @SW_HIDE, $STDOUT_CHILD)
Local $line
While 1
    $line = StdoutRead($pid)
    If @error Then ExitLoop
    If StringInStr($line, "Initialization Sequence Completed") Then ExitLoop
If ProcessExists($pid) Then
    ProcessWaitClose($pid, 5)

I hope this info will be useful for someone, somewhere, sometime.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Create New...