Hi, you could write your own monitoring plugin along the lines of the "certexpire" plugin:
https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/show/src/libcharon/plugins/certexpire where a bus listener collects the certificates used and checks them for the expiration date. In your case you could store the received peer certificates together with the corresponding IKE identities in a local file or send the information over a network socket.to a proxy server. Best regards Andreas On 08/02/2014 08:05 PM, The supervisor wrote: > Hi, > > > I'm new to strongswan and i am trying to achieve something that > shouldn't be very hard, i have the following setup : > > Clients --> Strongswan VPN --> transparent proxy --> Internet. > > > Clients connect to strongswan vpn using client certificate. > > > I'm trying to find the simplest way (minimum code changes) to know which > client uses which certificate (and then to send this information to my > transparent proxy, or just print it to a file). > > For example, when client with ip 10.1.0.1 connected using certificate X, > i want to send to my proxy a message about it. > > > I downloaded and compiled the code, but i don't know really where to > start, If someone could point me to the relevant code modules i would > very appreciate it, also any general explanation about how to achieve > my goal would be helpful also. > > > Thanks in advanced, > > DN > ====================================================================== Andreas Steffen [email protected] strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
