[Openswan Users] DynDns UPDOWN script

Tiago Freitas Leal tfl at netcabo.pt
Wed Oct 6 11:50:15 CEST 2004

You can use

janus watcher - Dynamic DNS watcher for FreeS/WAN & forks. Perl script that
watches dynamic DNS hosts and replaces the connection when the IP address


----- Original Message ----- 
From: "Michael Schwartzkopff" <misch at multinet.de>
To: <users at openswan.org>
Sent: Wednesday, October 06, 2004 9:04 AM
Subject: Re: [Openswan Users] DynDns UPDOWN script

Hash: SHA1

Am Mittwoch, 6. Oktober 2004 09:50 schrieb Sebastian Haas:
> Hello ML,
> we have setup a tunnel between 2 VPN gateways with a dynamic dns updated
> periodically via dyndns client.
> We've activated DPD and it works fine but if the IP changed the
> corresponding VPN gateway uses always the old IP.
> I've read i can hook something in UPDOWN script to do a "ipsec auto
> --replace" or similiar.
> What can i do? The Starter program (v0.2) from arkoon didn't work due to
> a parser error while parsing "conn %default" and v0.3 didn't compile.
> best regards,
> Sebastian Haas


I have one static and one dynamic host. The problem is that the dynamic
can only use passwords. So I have to "replace" the connection every time the
client tries to connect with a new IP address. See the script below. I hope
this help a little bit ...

# this script is licensed under the terms of the GNU GPL.

use File::Tail;
use IO::Socket;

%tabelle = (
        "xxx.dyndns.org" => "muc-netgear"

@gateways = keys %tabelle;

$ipsec_log = '/var/log/messages' ;

my $logref=tie(*LOG,"File::Tail",(name=>$ipsec_log,debug=>$debug));

while (<LOG>) {
        if (/NO_PROPOSAL_CHOSEN/) {
                if (/to ([0123456789\.]+)/) {
                        $address = $1;
                        foreach $gateway (@gateways) {
                                $gw_addr = inet_ntoa ((gethostbyname
                                if ($address eq $gw_addr) {
                                        print "Found $gateway
                                        system ("echo $tabelle{$gateway}");
                                        system ("ipsec auto --replace
        } ;
} ;

untie $logref ;

- -- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
85630 Grasbrunn

Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B

Version: GnuPG v1.2.4 (GNU/Linux)

Users mailing list
Users at openswan.org

More information about the Users mailing list