Menu
▾
▴
Re: [Devil-Linux-discuss] new testing release
|
From: PeterJannesen, V. <P.J...@vi...> - 2007-09-12 10:06:04
|
Hey, I can use de openswan _updown (already has the code to put the routes in a different table and rules) script as a template. Create the file in /etc/ipsec.d/... and I very thing is right it wil work. I will give this a try. -- Peter -----Original Message----- From: dev...@li... [mailto:dev...@li...] On Behalf Of Heiko Zuerker Sent: dinsdag 11 september 2007 13:47 To: dev...@li... Subject: Re: [Devil-Linux-discuss] new testing release Hey, I thought I saw a comment in the script that it is using iproute2, but I could be mistaken. Couldn't you copy the strongswan script into /etc/xxxx and just point to it by using the leftupdown parameter? Since the file would then reside in a writable location you should be able to do the necessary modifications. Heiko On Tue, September 11, 2007 02:54, PeterJannesen, Visiq wrote: > Heiko, > > > The _updown script (located in /usr/lib/ipsec) of openswan includes=20 > /etc/sysconfig/pluto_updown. When you set the variable IPROUTETABLE to > for example "ipsec" All ipsec routes are places in de ipsec route=20 > table and the te correct rules are also generated. > > The _updown script of strongswan don't include=20 > /etc/sysconfig/pluto_updown. So you must edit /usr/lib/ipsec/_updown=20 > directly bot this is implosible because it is stored on CD. > > This is a problem when you need iproute2. > > > -- Peter > > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf=20 > Of Heiko Zuerker > Sent: zondag 9 september 2007 16:06 > To: dev...@li... > Subject: Re: [Devil-Linux-discuss] new testing release > > > Peter, > > > I took a quick look at the Strongswan 4.1 documentation and there's a=20 > parameter you have to set. Here's the extract from the doc: > ------------- > 11.1 Environment variables in the updown script > > > strongSwan makes the following environment variables available in the=20 > updown script indicated by the leftupdown parameter: ------------- > > > I'm not sure about the routes, it's quite a while since I used=20 > xxxxxSWAN > > > Heiko > > > > On Tue, September 4, 2007 01:13, PeterJannesen, Visiq wrote: > >> Hi Heiko, >> >> >> >> I did a small test on the new testing release (from 1.2.14-2007-05-24 >> to 2007-08-23) >> >> >> >> I read earlier that openswan is replaced by strongswan and it seems=20 >> that IPSec is not working anymore. It seams that the tunnels are=20 >> comming up but the routes are not > created. >> >> >> Furher it seems that /usr/lib/ipsec/_updown is not supporting=20 >> /etc/sysconfig/pluto_updown anymore. >> I use pluto_updown to put the route in a different table with rules.=20 >> I >> > >> my first impression is that strongswan is not supporting pluto_updown. > >> This is a problem because you can't change the standard=20 >> /usr/lib/ipsec/_updown script with out creating a custom build. >> >> >> -- Peter >> >> >> >> -----Original Message----- >> From: dev...@li... >> [mailto:dev...@li...] On Behalf=20 >> Of Heiko Zuerker >> Sent: donderdag 23 augustus 2007 16:49 >> To: dev...@li... >> Subject: [Devil-Linux-discuss] new testing release >> >> >> >> Hey everyone, >> >> >> >> I just uploaded a new testing release for 1.2.14=20 >> ftp://ftp.devil-linux.org/pub/devel/testing >> >> >> >> Would be great if some of you could test the latest updates. >> >> >> >> Thx >> >> >> >> -- >> >> >> >> Regards >> Heiko Zuerker >> http://www.devil-linux.org >> >> >> >> >> >> --------------------------------------------------------------------- >> - >> -- >> - >> This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a >> > browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/=20 >> _______________________________________________ >> Devil-linux-discuss mailing list >> Dev...@li... >> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss >> >> >> >> --------------------------------------------------------------------- >> - >> --- This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a >> > browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/=20 >> _______________________________________________ >> Devil-linux-discuss mailing list >> Dev...@li... >> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss >> >> >> > > > -- > > > Regards > Heiko Zuerker > http://www.devil-linux.org > > > > > ---------------------------------------------------------------------- > -- > - > This SF.net email is sponsored by: Microsoft Defy all challenges. > Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > ---------------------------------------------------------------------- > --- This SF.net email is sponsored by: Microsoft Defy all challenges. > Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > --=20 Regards Heiko Zuerker http://www.devil-linux.org ------------------------------------------------------------------------ - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
