[strongSwan] executing updown script when IKE is created and deleted
Tobias Brunner
tobias at strongswan.org
Fri Aug 18 10:40:19 CEST 2017
Hi,
> Is there anything way to execute external script when IKE is created and
> deleted ?
The updown script is/was intended to install firewall rules that go with
the IPsec SAs so the script is tied to the lifecycle of CHILD_SAs (but
is not called when CHILD_SAs are rekeyed as the original information
usually doesn't change).
For more options, have a look at the events exposed via VICI [1] (look
for "Server-issued events" in README.md), or write a custom plugin.
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/Vici
More information about the Users
mailing list