add an option to openvpn to update client ip's on a dns server on connection

[AngusMcGyver]

Important notices

Before you submit a pull request, we ask you kindly to acknowledge the following:

• I have read the contributing guidelines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I opened an issue first for non-trivial changes and linked it below.
• AI tools were used to create at least part of the code submitted herewith.

If AI was used, please disclose:

• Model used: claude-sonnet-4-5
• Extent of AI involvement:
• helped to create the base of the python update script
• manual work after that

---

Describe the problem

I’m using OPNsense as my firewall/router and want remote OpenVPN clients to have their dynamic assigned IP addresses automatically registered in my internal DNS server, so i can access them via name. For example to run backup from server side.

---

Describe the proposed solution

Hook a script into the OpenVPN 'learn-address' and 'client-disconnect' functions to update a DNS server with hostname and IP address of a client.
The hostname is used from a X509 client certificate field.
The update message is signed with a tsig key.
Additional options like server port, entry TTL, reverse zone names, an additional pre/suffix for hoastname and so on are configurable via OpenVPN instance menu.

---

Related issue

#10228

[AdSchellevis]

not sustainable, see also (#10228 (comment)). Also likely breaks existing functionality.