[Openswan Users] How to make postpluto work?

[Ming-Hong Wu]

Hi there,

    My usage scenario is (Using 2.6.38) :

         1) I want to start pluto first, by ' ipsec setup start '
         2) output some Tunnel connections and install the policies to pluto

    To make it automatically do 2) step, I found 'postpluto'

    By the man ipsec.conf, I write below ipsec.conf and make ' ipsec setup
start ' command happened.
    As my understanding, shouldn't /usr/bin/postpluto ( a sefl-written
program, not script ) be invoked once upon pluto is ready ?

    /usr/bin/postpluto is a program to generate some configs in
/etc/ipsec.d/


    When I traced into programs/_plutoload which is invoked by
program/_plutorun, the $postpluto variable is assigned but never used ?
    Is this by design or bug ?


version 2.0     # conforms to second version of ipsec.conf specification
# basic configuration
config setup
        interfaces=%none
        plutodebug=none
        nat_traversal=yes
        nhelpers=0
        plutowait=yes
        plutostderrlog=/dev/null
        protostack=netkey
        postpluto=/usr/bin/postpluto
        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12

include /tmp/etc/ipsec.d/*.conf

-- 
Sincerely,
minhong
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130118/9b7296f3/attachment.html>