[strongSwan-dev] New strongswan plugin (dead-peer-notify)

[Balaev Pavel]

I was rewrite this feature as plugin using your recommendations.

Info about plugin:

After the last retransmit has been sent and the peer is considered dead ( plugin hooks ALERT_RETRANSMIT_SEND_TIMEOUT alert ), plugin sends an email with notification, which contains a name and an ip address of the dead peer, or( and ) executes external command with two arguments: dead peer name and ip address. System administrators may find it useful for configuring email alerts and customizing other actions.?


> For now,
> strongSwan supports some dpd actions such as 'clear', 'hold' and
> 'restart'. The patch implements new dpdaction named 'script'. It means
> that if no activity is detected, strongSwan executes external command
> with the dead peer passed as the argument for the command.

>>  I don't agree with this approach.  The actions are things to do with a
>> particular CHILD_SA/policy not unrelated things like calling a script to
>> email notifications.  Instead, I propose you write a plugin that hooks
>> the ALERT_RETRANSMIT_SEND_TIMEOUT alert to get notified after the last
>> retransmit has been sent and the peer is considered dead.  The plugin is
>> then free to do whatever it likes (e.g. calling a script).

>> Regards,
>> Tobias



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160216/b16749f0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dead-peer-notify-plugin.patch
Type: text/x-patch
Size: 32349 bytes
Desc: dead-peer-notify-plugin.patch
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160216/b16749f0/attachment-0001.bin>