[strongSwan] Strongswan 4.5.1 sqlite database passthrough

Andreas Steffen andreas.steffen at strongswan.org
Tue Jun 28 11:04:35 CEST 2011

Hello Fabrice,

probably today I'm going to release a strongSwan snapshot with
integrated PASS and DROP shunt policies support. These policies
can be configured either via ipsec.conf or an SQL database.
So just have a little patience.

Best regards


On 06/28/2011 09:41 AM, CETIAD - Fabrice Barconnière wrote:
> Le 27/06/2011 10:20, Martin Willi a écrit :
>>> Is it possible to modify it and add/delete routes with iptables rules in
>>> up-client:) and down-client:) section ?
>> Yes, you can freely modify the updown script. Or you can define a
>> completely different script with the leftupdown ipsec.conf keyword.
> I've modified strongswan.conf with install_routes = no.
> I've modified ipsec_updown script. Routes are up but $PLUTO_MY_SOURCEIP 
> has no value.
> I suppose it takes leftsourceip value from ipsec.conf in file mode.
> I've directly set a value in ipsec_updown and it works like i want.
> With IKEv2 on sqlite database, can we configure this variable and does 
> it take effect in ipsec_updown script ?
>> Regards
>> Martin
> Regards
> Fabrice

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list