[strongSwan] remote_ts to catch in 'updown' - how?
lejeczek
peljasz at yahoo.co.uk
Wed Jun 24 16:42:50 CEST 2020
On 24/06/2020 10:29, Tobias Brunner wrote:
> Hi,
>
>> Would you know how to catch the following in updown script
>> variables?
>>
>> remote_ts = "172.16.0.0/12, 10.5.2.10/32"
>>
>> With 'PLUTO_PEER_CLIENT' I get only the latter IP/net.
> If you actually have a CHILD_SA negotiated with both remote subnets,
> then the script will be called multiple times, each time that variable
> contains a different remote subnet (the script is called for each
> combination of local and remote traffic selectors). If you want one
> event per CHILD_SA, then use vici's child-updown event, which receives
> the traffic selectors as lists.
>
> Regards,
> Tobias
I do make my 'updown' spit out and append to log file and I
do not see it.
I see multiple runs, a snippet from my 'updown' for a initiator:
up-client)
...
echo ip route add "${PLUTO_PEER_CLIENT}" dev "${VTI_IF}" >>
${_vtiLog}
...
But I see it appear only once with the latter IP/net.
thanks, L.
More information about the Users
mailing list