Hosting Provided By

[Users] [PATCH] Dynamic left IP without %defaultroute

From: Ludwig Nussel <ludwig.nussel(at)suse.de>
Date: Fri Feb 27 2004 - 09:30:54 EST

Hi,

Sometimes you want to start IPsec connections on interfaces that have a dynamic IP address but no defaultroute or the defaultroute is not yet available when pluto starts. The attached patch (on top of FreeS/WAN 2.04+X509 1.5.0) allows to specify left=%dynamic which means you have to specify the local IP Address using ipec auto --left <ip> when adding a connection. This is especially useful in combination with scripts that automatically run after an interface got an IP address (post-up scripts).

To be really useful it would also be necessary to split the ipsec init script into two parts. The first script needs to start pluto without adding connections. It must be run before network interfaces are activated so that the post-up scripts can add connections. The second script then needs to run after network initialization and can add 'classic' connections.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   SUSE LINUX AG, Development
 V_/_  
http://www.suse.de/

_______________________________________________ FreeS/WAN Users mailing list users@lists.freeswan.org https://mj2.freeswan.org/cgi-bin/mj_wwwusr

text/plain attachment: freeswan-2.04-autoleft.diff

Received on Fri Feb 27 09:37:11 2004

This message: [ Message body ]
Next message: Paul Wouters: "Re: [Users] wlan-freeswan /ipsec.conf /ipsec.secrets"
Previous message: Roy Hills: "[Users] New version of ike-scan (IPsec IKE scanner) available - v1.6"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:02:36 EDT