[strongSwan] Strongswan 4.5.1 sqlite database passthrough
CETIAD - Fabrice Barconnière
fabrice.barconniere at ac-dijon.fr
Tue Jun 28 12:14:03 CEST 2011
Thanks for all what you do.
I wait for this.
Le 28/06/2011 11:04, Andreas Steffen a écrit :
> Hello Fabrice,
> probably today I'm going to release a strongSwan snapshot with
> integrated PASS and DROP shunt policies support. These policies
> can be configured either via ipsec.conf or an SQL database.
> So just have a little patience.
> Best regards
> On 06/28/2011 09:41 AM, CETIAD - Fabrice Barconnière wrote:
>> Le 27/06/2011 10:20, Martin Willi a écrit :
>>>> Is it possible to modify it and add/delete routes with iptables rules in
>>>> up-client:) and down-client:) section ?
>>> Yes, you can freely modify the updown script. Or you can define a
>>> completely different script with the leftupdown ipsec.conf keyword.
>> I've modified strongswan.conf with install_routes = no.
>> I've modified ipsec_updown script. Routes are up but $PLUTO_MY_SOURCEIP
>> has no value.
>> I suppose it takes leftsourceip value from ipsec.conf in file mode.
>> I've directly set a value in ipsec_updown and it works like i want.
>> With IKEv2 on sqlite database, can we configure this variable and does
>> it take effect in ipsec_updown script ?
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
More information about the Users