<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Look for _updown in /usr/libexec/ipsec. These are the deafult
scripts. Also look at "man ipsec__updown". I think you'll need to
add to these scripts rather than add a local script which runs
afterwards.<br>
<br>
You can specify your own updown script in ipsec.conf, but you will
need to copy a lot of the built-in script to maintain functionality.<br>
<br>
Nick<br>
<br>
<div class="moz-cite-prefix">On 03/10/2014 17:01, Luca Arzeni wrote:<br>
</div>
<blockquote
cite="mid:trinity-261ea326-78e9-4108-8ca2-43a23c24ff06-1412352065922@3capp-mailcom-lxa03"
type="cite">
<pre wrap="">
Hi,
after a that an ipsec connection has been successfully established, I need to run some iptables command to setup some routes needed to use the connection from my app.
Ideally, I would also like to remove these routes after the connection is closed.
I managed to put them in a shell command, that wraps up my ipsec invocation, but I was wandering if there is a better/reccommended way to run these script.
Is there any post connection hook in openswan?
Are there any best practise to run these commands?
Thanks,
Luca
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
<br>
</body>
</html>