Hi there,<div><br></div><div> My usage scenario is (Using 2.6.38) :</div><div><br></div><div> 1) I want to start pluto first, by ' ipsec setup start '</div><div> 2) output some Tunnel connections and install the policies to pluto</div>
<div><br></div><div> To make it automatically do 2) step, I found 'postpluto'</div><div><br></div><div> By the man ipsec.conf, I write below ipsec.conf and make ' ipsec setup start ' command happened.</div>
<div> As my understanding, shouldn't /usr/bin/postpluto ( a sefl-written program, not script ) be invoked once upon pluto is ready ?</div><div><br></div><div> /usr/bin/postpluto is a program to generate some configs in /etc/ipsec.d/</div>
<div><br></div><div><br></div><div> When I traced into programs/_plutoload which is invoked by program/_plutorun, the $postpluto variable is assigned but never used ?</div><div> Is this by design or bug ?</div><div>
<br></div><div><br></div><div><div>version 2.0 # conforms to second version of ipsec.conf specification</div><div># basic configuration</div><div>config setup</div><div> interfaces=%none</div><div> plutodebug=none</div>
<div> nat_traversal=yes</div><div> nhelpers=0</div><div> plutowait=yes</div><div> plutostderrlog=/dev/null</div><div> protostack=netkey</div><div> postpluto=/usr/bin/postpluto</div>
<div> virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12">10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</a></div><div><br></div><div>include /tmp/etc/ipsec.d/*.conf</div><div><br>
</div>-- <br>Sincerely,<div>minhong</div>
</div>