======================= openvpn3-service-client ======================= ------------------------------------------ OpenVPN 3 Linux VPN Client backend service ------------------------------------------ :Manual section: 8 :Manual group: OpenVPN 3 Linux SYNOPSIS ======== | ``openvpn3-service-client`` ``[OPTIONS]`` | ``openvpn3-service-client`` ``-h`` | ``--help`` DESCRIPTION =========== The ``openvpn3-service-client`` process is a backend service for OpenVPN 3 Linux, responsible for a single VPN session. This service will be started automatically by the ``openvpn3-service-backendstart`` starts, which is initiated when the ``openvpn3-service-sessionmgr`` is requested to start a new VPN session. It will run one ``openvpn3-service-client`` per active VPN session. This service must be started by the ``openvpn3-service-backendstart`` process, as it gather more information from the session manager before starting the client process with the given arguments. This process must run as the *@OPENVPN_USERNAME@* user and requires no privileges. All privileged operations, like creating and configuring the virtual network adapter, IP addresses, routes and DNS, is handled by a the ``openvpn3-service-netcfg`` service. Beware that running this with another user account than *@OPENVPN_USERNAME@* also requires updating the D-Bus policy as well. OPTIONS ======= -h, --help Print usage and help details to the terminal --version Prints the version of the program and exists --log-level LEVEL Sets the default log verbosity for log events generated by this service. The default is :code:`3`. Valid values are :code:`0` to :code:`6`. Higher log levels results in more verbose logs and log level :code:`6` will contain all debug log events. This setting will be overridden if the configuration file used contains the ``--verb`` option (see the ``openvpn``\(8) man page for details) or the ``log-level`` configuration profile override has been set (see ``openvpn3-config-manage``\(1)). --log-file LOG_DESTINATION By default, logging will go via the ``openvpn3-service-logger`` service. By providing this argument, logging will also be sent to *LOG_DESTINATION*, which can be either a filename or :code:`stdout:` where the latter one sends log data to the console. --colour This will add colours to log events when logging to file or terminal. Log events will be coloured based on the log level of the event. --signal-broadcast Normally, the ``openvpn3-service-client`` will attach a log stream to the ``openvpn3-service-logger`` service. By providing this option, it will instead broadcast all log events to all listeners on the system. This is more useful for debugging when the standard logging does not provide any clues. This is not recommended for production and may leak session sensitive information. --disable-protect-socket The VPN client can protect the socket being used for the UDP/TCP connection to the VPN server from being routed over the VPN itself. This makes the routing table simpler and does not need any specific routing entries if the default gateway is changed. Unfortunately, this does not work on all systems and to get a functional VPN tunnel, this socket protection needs to be disabled. By setting this option, it will not be possible to make use of the ``--set-somark`` feature in ``openvpn3-service-netcfg``. SEE ALSO ======== ``openvpn3``\(1) ``openvpn3-config-manage``\(1) ``openvpn3-service-backendstart``\(8) ``openvpn3-service-netcfg``\(8) ``openvpn``\(8)