VPN interface for strongSwan



Hi,

I'm a dev of the strongSwan project (an IPsec solution,
www.strongswan.org). I'm trying to write an interface for our IKEv2
keying daemon to NetworkManager.
I've chosen a somewhat different approach than the existing plugins, as
I want to integrate the DBUS interface directly into the daemon.

I've read the source and studied the existing plugins, but it's not all
clear to me yet.
As I've understood so far, there are two things to handle at the
in-daemon DBUS connection:

- handle startConnection(), stopConnection() methods
- send notifications to NM (LoginFailed, IP4Config, StateChange, ...)

The prototype is almost working so far. I'm currently doing the
following:

a. Set state to STOPPED (after daemon startup)
b. Wait for StartConnection()
c. Set state to STARTING, establish IPsec tunnel
d. Send IP4Config signal
e. Set state to STARTED
f. Wait for StopConnection()
g. Set state to STOPPING, tear down tunnel
h. Set state to STOPPED

Ok, now I have some questions:

1. Does the above look correct? Have I missed something important?

2. What are signalConfigError() and signalIP4Config() methods used for?
   Are they used at all?

3. It's currently unclear to me how to handle multiple connections at 
   the same time. Is it possible at all to have two active connections?

Any feedback or some pointers to docs are welcome. Thanks...


Best regards
Martin Willi




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]