[strongSwan] per-connection attributes
Andreas Steffen
andreas.steffen at strongswan.org
Tue Sep 15 11:26:33 CEST 2015
Hi Марк,
the attr_sql allows to store attributes for a given user identity
in an SQLite or MySQL database. I don't know if this helps with
your requirements for per connection attribute definitions.
For details see the ipsec pool command:
ipsec pool --addattr <type> [--pool <name> [--identity <id>]]
--addr|--mask|--server|--subnet|--string|--hex <value>
Add a new attribute to the database. Attributes can be bundled by using
the --pool and --identity options. If a bundle matches a peer the
contained attributes are sent to that peer instead of the global ones.
type: a keyword from --showattr or a number from the range 1..32767
name: the name of the pool this attribute is added to
id: identity of the peer this attribute is bound to
addr: IPv4 or IPv6 address
mask: IPv4 or IPv6 netmask (synonym for --addr)
server: IPv4 or IPv6 address of a server (synonym for --addr)
subnet: IPv4 subnet[s] given by network/mask[,network/mask,...]
string: value of a string-type attribute
hex: hex value of any attribute
Best regards
Andreas
On 15.09.2015 10:32, Марк Коренберг wrote:
> Ok, is any technical reason for that? or maybe someone (like me) should
> just create patch ?
>
> 2015-09-15 13:17 GMT+05:00 Tobias Brunner <tobias at strongswan.org
> <mailto:tobias at strongswan.org>>:
>
> Hi,
>
> > Is any way to provide different attribute values on different
> > connections (different sections in ipsec.conf) ?
>
> No, that's currently not possible.
>
> Regards,
> Tobias
>
>
>
>
> --
> Segmentation fault
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150915/00733f35/attachment.bin>
More information about the Users
mailing list