Running a custom script when StrongSwan connection is established
You could use leftupdown
or rightupdown
parameter(s) in connection section. These will run a script specified as a parameter every time a connection changes state:
left|rightupdown = <path>
what updown script to run to adjust routing and/or firewalling when the status
of the connection changes (default ipsec _updown).
There are some environment variables which give you at least the login information for the connection changing state, for example $PLUTO_PEER
gives you peer IP. For more about available environment variables, see man 8 pluto
(or man 8 ipsec_pluto
).
Related videos on Youtube
dark commet
Updated on September 18, 2022Comments
-
dark commet over 1 year
I have StrongSwan VPN server set up on a Debian host, and would like to run a custom script when a client connects to it. The only thing I have come up with is periodically checking the contents of the log file, but that seems clunky.
Is there any way to specify a script to execute upon connection, preferably with some way to infer the originating IP and login information used for that connection?