Hi Pavel, > For now, > strongSwan supports some dpd actions such as 'clear', 'hold' and > 'restart'. The patch implements new dpdaction named 'script'. It means > that if no activity is detected, strongSwan executes external command > with the dead peer passed as the argument for the command.
I don't agree with this approach. The actions are things to do with a particular CHILD_SA/policy not unrelated things like calling a script to email notifications. Instead, I propose you write a plugin that hooks the ALERT_RETRANSMIT_SEND_TIMEOUT alert to get notified after the last retransmit has been sent and the peer is considered dead. The plugin is then free to do whatever it likes (e.g. calling a script). Regards, Tobias _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
