Running a custom script when StrongSwan connection is established
You could use leftupdown or rightupdown parameter(s) in connection section. These will run a script specified as a parameter every time a connection changes state:
left|rightupdown = <path>
what updown script to run to adjust routing and/or firewalling when the status
of the connection changes (default ipsec _updown).
There are some environment variables which give you at least the login information for the connection changing state, for example $PLUTO_PEER gives you peer IP. For more about available environment variables, see man 8 pluto (or man 8 ipsec_pluto).
Related videos on Youtube
29 : 45
![What is a VPN and How Does it Work? [Video Explainer]](https://i.ytimg.com/vi/_wQTRMBAvzg/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLAIvwXf8-uhdm-F-lOPSMeb3tTaLg)
04 : 20
01 : 24
12 : 45
13 : 53
dark commet
Updated on September 18, 2022Comments
-
dark commet over 1 year
I have StrongSwan VPN server set up on a Debian host, and would like to run a custom script when a client connects to it. The only thing I have come up with is periodically checking the contents of the log file, but that seems clunky.
Is there any way to specify a script to execute upon connection, preferably with some way to infer the originating IP and login information used for that connection?