-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Mon, 2025-09-29 at 21:51 +0000, Luigi Baldoni wrote: > Since then, strongswan has deprecated the old ipsec.conf format in favour > of swanctl.conf. The systemd scripts launch the daemon first and then invoke > swanctl to load the new-style configuration, but the existing > /etc/init.d/ipsec > does not. > > Other non-systemd distributions (e.g. openwrt and alpine) use separate > launchers > to leave users the choice, upstream systemd seems to do it the new way only, > but I haven't delved too much into it.
Hi Luigi, I'm not sure I understand your problem. If you want to use the "legacy" ipsec.conf, use strongswan-charon and strongswan-starter. If you want to use the "new" swanctl.conf, use strongswan-swanctl and charon- systemd (and yes that means using systemd launcher). The `strongswan` metapackage used to depend on the former set, now on the latter. Regards, - -- Yves-Alexis -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmjbegMACgkQ3rYcyPpX RFuo9wf+IB3A5vR4H7maMvXXrXr8VqG94unn1q3b8wPDTD1lAHiCPUiRGMp668KM zHWWlZwdDeL8l0FGr34/R94HI1WLWaaZzmVrt8uEZdW7XjYL+v14kmZCJImHWZMh GSp05sjVrt3FI9SQuN+LCqWMrWQ+23Lx2ocq0DrLUJtd5bZ2vNy4XzB6BKof/+PB FmfdT67gHyMD4dGjSLUD13F3AsMgtsGbaaKkXLnyDNnMV1uLrRUqw3NHZXMwnQzK BRMnE8AoWjyTbUOrZiAEtq2BZGHzo1eW9WylUScc0pIyzhDD7LTKCaP6+k5iItib fiFRpUDOXewjGbJpPeeELA5Njpp/iw== =e+I+ -----END PGP SIGNATURE-----
