Thank you for the response, it was very helpful. I'm facing a small problem, i'm using the following code to get the ip and write it to a file : host_t* host = ike_sa->get_other_host(ike_sa); sockaddr_t* address = host->get_sockaddr(host); struct sockaddr_in* their_addr = (struct sockaddr_in*)address; char *ip = inet_ntoa(their_addr->sin_addr);
But the ip is the real ip, i want to know the vpn ip that the strongswan gave the client, i couldn't find it. i tried to use : chunk_t* blabla = host->get_address(host); but i don't understand how to handle "chunk_t" how do i print the ip in blabla ? Thanks in advance. On Sun, Aug 3, 2014 at 10:24 AM, Andreas Steffen < [email protected]> wrote: > Hi, > > you could write your own monitoring plugin along the lines of the > "certexpire" plugin: > > > https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/show/src/libcharon/plugins/certexpire > > where a bus listener collects the certificates used and checks them > for the expiration date. > > In your case you could store the received peer certificates together > with the corresponding IKE identities in a local file or send the > information over a network socket.to a proxy server. > > Best regards > > Andreas > > On 08/02/2014 08:05 PM, The supervisor wrote: > > Hi, > > > > > > I'm new to strongswan and i am trying to achieve something that > > shouldn't be very hard, i have the following setup : > > > > Clients --> Strongswan VPN --> transparent proxy --> Internet. > > > > > > Clients connect to strongswan vpn using client certificate. > > > > > > I'm trying to find the simplest way (minimum code changes) to know which > > client uses which certificate (and then to send this information to my > > transparent proxy, or just print it to a file). > > > > For example, when client with ip 10.1.0.1 connected using certificate X, > > i want to send to my proxy a message about it. > > > > > > I downloaded and compiled the code, but i don't know really where to > > start, If someone could point me to the relevant code modules i would > > very appreciate it, also any general explanation about how to achieve > > my goal would be helpful also. > > > > > > Thanks in advanced, > > > > DN > > > ====================================================================== > Andreas Steffen [email protected] > strongSwan - the Open Source VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== > >
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
