Hi Martin: Thanks.
A few follow-ups: Is there a way, via configuration, to prevent strongSwan from updating the DNS configuration as a result of the configuration payload exchange? The custom "attribute handlers" look interesting/useful. Is there any documentation or sample code on it? Regards, Stephen >-----Original Message----- >From: Martin Willi [mailto:[email protected]] >Sent: Wednesday, June 20, 2012 3:47 AM >To: Pisano, Stephen G (Stephen) >Cc: [email protected] >Subject: Re: [strongSwan] Acquiring a DNS server address through config >payload > >Hello Stephen, > >> so I wonder how these configurations interact (i.e., ; >> --with-resolve-conf configure directive; vs. >> 'charon.plugins.resolve.file')? > >The "resolve" plugin can handle DNS server installation. Starting with >4.6.3, it will use resolvconf (8), if available. Otherwise it will >directly modify resolv.conf (5). The default file to modify is >${sysconfdir}/resolv.conf, but this default can be changed using the >--with-resolv-conf option. The strongswan.conf >charon.plugins.resolve.file overrides any default option. > >> Also, rather than have the have strongSwan modify the resolv.conf >> file, it would be desireable to have a notification of the returned >> DSN server address via up/down script, and the conveyance of the >> address via a variable (just as PLUTO_MY_SOURCEIP is set in the >> virtual IP case). Is such a behavior currently supported? > >The updown script currently does not know DNS server information. >Registering custom "attribute handlers" is possible, though, using the >attribute_handler_t interface [1]. > >Regards >Martin > >[1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libhydra/attrib >utes/attribute_handler.h > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
