[strongSwan] Acquiring a DNS server address through config payload
Martin Willi
martin at strongswan.org
Wed Jun 20 09:46:52 CEST 2012
Hello Stephen,
> so I wonder how these configurations interact (i.e., ;
> --with-resolve-conf configure directive; vs.
> ‘charon.plugins.resolve.file’)?
The "resolve" plugin can handle DNS server installation. Starting with
4.6.3, it will use resolvconf (8), if available. Otherwise it will
directly modify resolv.conf (5). The default file to modify is
${sysconfdir}/resolv.conf, but this default can be changed using the
--with-resolv-conf option. The strongswan.conf
charon.plugins.resolve.file overrides any default option.
> Also, rather than have the have strongSwan modify the resolv.conf
> file, it would be desireable to have a notification of the returned
> DSN server address via up/down script, and the conveyance of the
> address via a variable (just as PLUTO_MY_SOURCEIP is set in the
> virtual IP case). Is such a behavior currently supported?
The updown script currently does not know DNS server information.
Registering custom "attribute handlers" is possible, though, using the
attribute_handler_t interface [1].
Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libhydra/attributes/attribute_handler.h
More information about the Users
mailing list