Suppose the VPN client has the following IP settings:
IP eth0: 192.168.1.100
Default gateway: 192.168.1.1
So, all non-local traffic will go out through 192.168.1.1. If there's traffic to another host on the LAN, it'll just go to that host.
OpenVPN starts up, the client gets a new interface tun0, and then we see something like:
IP eth0: 192.168.1.100
IP tun0: 10.8.0.13
Default gateway: 192.168.1.1
VPN routing: 10.8.0.1 for the network 10.8.0.0/24
This assumes that the OpenVPN server is not pushing any additional routes. So, a network packet going to, say, 8.8.8.8, will still go across the LAN's default gateway, 192.168.1.1. A packet going to, say, 10.8.0.204, will go across the OpenVPN tunnel, to the OpenVPN server at 10.8.0.1 for further routing.
If the OpenVPN server pushes a route for it's LAN, say, 172.16.0.0/24, then the VPN routing above may look like:
VPN routing: 10.8.0.1 for the network 10.8.0.0/24
10.8.0.1 for the network 172.16.0.0/24
So, similarly, a packet for 172.16.0.24 will go to 10.8.0.1 for further routing.
If the OpenVPN server is also pushing the setting "redirect-gateway def1"
, then the default gateway is different on the VPN clients. You'll see something like:
IP eth0: 192.168.1.100
IP tun0: 10.8.0.13
Default gateway: 10.8.0.1
(other gateway with lower priority): 192.168.1.1
Static route: 94.xx.yy.zz uses 192.168.1.1
Where 94.xx.yy.zz is the public IP address of your OpenVPN server.
In this case, traffic directly for your OpenVPN server will go through the LAN default gateway 192.168.1.1. Traffic that's local to 192.168.1.0/24 will just go to hosts as expected. Any other traffic will use 10.8.0.1; non-local traffic that's not directly to the public IP of the OpenVPN server will go across the VPN tunnel, and emerge from 94.xx.yy.254.
You may see another default route in the routing table that retains 192.168.1.1 as the gateway, but it will have a lesser priority than 10.8.0.1. This is, I think, more of a placeholder by the OpenVPN client, so that it knows what to set the default route back to, once the VPN shuts down. Don't worry about that entry.
Best Answer
Yes, you can combine it.
First says explicitely that it is using generic network traffic tool only logging information about the session - it is stored with the openvpn hook storing information about the session with the disconnection event...
Second one is focused on setting static IP / specific configuration to the clients.
Together you can set up fixed IP to the clients and set up necessary statistics based on the IP for the IPs you are interested in.
You have one interface but you can configure if the clients can communicate between each other or if there is possible more connections for the same client (uid). For this purpose (fixed IP) only one connection per uid would be good idea ;-).
If you want to have extra interface per user you should run instance of openvpn for each user which I suppose is not what you are interested in...
There is not much information what exactly you are interested in but once there is utilized fixed IPs you can focus on tun adapter related to openvpn server and make statistics / dumps "normal way" using tun adapter and known IP of the client.