[strongSwan-dev] scripted tunnel creation
Martin Willi
martin at strongswan.org
Thu May 2 15:45:18 CEST 2013
Hi Zachery,
> Is there a graceful way to shell script the creation of tunnels with
> strongswan?
Unfortunately, no.
> It looks like not so many options are supported with the stroke
> command.
The stroke command is very limited, because starter directly talks the
"stroke protocol" to the stroke plugin of charon to configure it.
But even that "stroke protocol" itself is not very flexible; it is not
really designed to automate tasks, as it lacks a return channel beyond
log forwarding.
If you have some resources to put into this project, I'd recommend to
directly talk to the in-daemon API using a plugin. But of course this is
not that trivial to get started.
We have some ideas how to bring a more powerful and versatile IPC
solution to strongSwan, including a client side library to talk over
this interface. Unfortunately this is currently not more than an idea.
Regards
Martin
More information about the Dev
mailing list