[strongSwan] remote_ts to catch in 'updown' - how?
Tobias Brunner
tobias at strongswan.org
Wed Jun 24 11:29:41 CEST 2020
Hi,
> Would you know how to catch the following in updown script
> variables?
>
> remote_ts = "172.16.0.0/12, 10.5.2.10/32"
>
> With 'PLUTO_PEER_CLIENT' I get only the latter IP/net.
If you actually have a CHILD_SA negotiated with both remote subnets,
then the script will be called multiple times, each time that variable
contains a different remote subnet (the script is called for each
combination of local and remote traffic selectors). If you want one
event per CHILD_SA, then use vici's child-updown event, which receives
the traffic selectors as lists.
Regards,
Tobias
More information about the Users
mailing list