[Openswan Users] Tunnel status
Radek Antoniuk
r.antoniuk at pixel.com.pl
Fri Jan 20 22:33:15 CET 2006
Paul Wouters wrote:
> On Thu, 19 Jan 2006, Radek Antoniuk wrote:
>>Is there a way to get a tunnel status using ipsec utility? Or the only
>>way is grepping ipsec auto --status?
>>I mean some similar thing to ipsec setup --status which gives
>>"X tunnels up".
>>But i'm interested in which are, and which are not.
>
>
> With KLIPS, you can do 'ipsec eroute' though it will not list the connection
> names.
> This is a much wanted item that is on our todo list, and we would gladly
> accept a patch :)
>
Well, I don't know if eroute.c is worth touching, but if You still want
it I can make a patch;-)
But in the meantime I've used a simple perl script(however, I don't know
about the tunnel codes, I've made some assumptions to the tunnel
codename structure). Maybe somebody will find it useful:
#!/usr/bin/perl
use strict;
my @a = qx{cat /proc/net/ipsec/eroute/all 2>/dev/null};
foreach my $e (@a){
my $name;
if ($e =~ /tun0x(.+)\@.+/){
my $ret = qx{ipsec auto --status | grep "tun.$1"};
if ($ret =~ /\"(.+)\"/){ $name = $1; } else { $name =
"($1)unknown "; }
print "$name is up\n";
}
}
--
Cheers,
Radek
More information about the Users
mailing list