[Openswan Users] DynDns UPDOWN script

Tiago Freitas Leal tfl at netcabo.pt
Wed Oct 6 11:50:15 CEST 2004


You can use

janus watcher - Dynamic DNS watcher for FreeS/WAN & forks. Perl script that
watches dynamic DNS hosts and replaces the connection when the IP address
changes.

http://sourceforge.net/projects/janus-watcher/

----- Original Message ----- 
From: "Michael Schwartzkopff" <misch at multinet.de>
To: <users at openswan.org>
Sent: Wednesday, October 06, 2004 9:04 AM
Subject: Re: [Openswan Users] DynDns UPDOWN script


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am Mittwoch, 6. Oktober 2004 09:50 schrieb Sebastian Haas:
> Hello ML,
>
> we have setup a tunnel between 2 VPN gateways with a dynamic dns updated
> periodically via dyndns client.
>
> We've activated DPD and it works fine but if the IP changed the
> corresponding VPN gateway uses always the old IP.
>
> I've read i can hook something in UPDOWN script to do a "ipsec auto
> --replace" or similiar.
>
> What can i do? The Starter program (v0.2) from arkoon didn't work due to
> a parser error while parsing "conn %default" and v0.3 didn't compile.
>
> best regards,
> Sebastian Haas

Hi,

I have one static and one dynamic host. The problem is that the dynamic
client
can only use passwords. So I have to "replace" the connection every time the
client tries to connect with a new IP address. See the script below. I hope
this help a little bit ...

#!/usr/bin/perl
# this script is licensed under the terms of the GNU GPL.

use File::Tail;
use IO::Socket;

%tabelle = (
        "xxx.dyndns.org" => "muc-netgear"
);

@gateways = keys %tabelle;

$ipsec_log = '/var/log/messages' ;

my $logref=tie(*LOG,"File::Tail",(name=>$ipsec_log,debug=>$debug));

while (<LOG>) {
        if (/NO_PROPOSAL_CHOSEN/) {
                if (/to ([0123456789\.]+)/) {
                        $address = $1;
                        foreach $gateway (@gateways) {
                                $gw_addr = inet_ntoa ((gethostbyname
($gateway))[4]);
                                if ($address eq $gw_addr) {
                                        print "Found $gateway
$tabelle{$gateway}\n";
                                        system ("echo $tabelle{$gateway}");
                                        system ("ipsec auto --replace
$tabelle{$gateway}");
                                }
                        }
                };
        } ;
} ;

untie $logref ;



- -- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
85630 Grasbrunn

Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBY6cEqndXpO3Yl5sRApBRAKCDvDjrz+rpT97A/uzg4B9S2ZTshACfTXmq
x1DK2ii5NhE58H+2Aa32kGg=
=WXBx
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users



More information about the Users mailing list