I need static route when interface is up and delete this route when it goes down, but I have no interface config file to describe shell-command in it.
I have IPSec tunnel created with LibreSwan and tunnel interface vti0 that created by ipsec daemon. Here is the config:
conn dc
authby=secret
auto=start
type=tunnel
esp={{ ipsec_ike_alg }}
ike={{ ipsec_ike_alg }}
ikelifetime={{ ipsec_ikelifetime }}
keylife={{ ipsec_key_lifetime }}
ikev2=insist
rekey=no
fragmentation=yes
narrowing=yes
left={{ ipsec_local_ip }}
leftsubnet={{ ipsec_local_net }}
right={{ ipsec_remote_ip }}
rightsubnet={{ ipsec_remote_net }}
mark=5/0xffffffff
vti-interface=vti0
vti-routing=no
leftvti={{ ipsec_vti_local_ip }}
I need to route traffic to subnets behind this ipsec through vti0 tunnel. I can do it manually and everything will work as planned:
ip route add {{ ipsec_static_route }} dev vti0 src {{ ipsec_source_ip }}
But I want this route appears automatically when vti0 becomes up and disappear when interface down. I tried to do it put my scripts in /etc/network/if-up.d/ and /etc/network/if-down.d/, but it doesn't work:
#!/bin/sh
if [ "$IFACE" = {{ ipsec_vti_interface }} ]; then
route add -net {{ ipsec_static_route }} dev {{ ipsec_vti_interface }}
fi
Maybe there is some native way to create route only for certain networks by LibreSwan? Or I made some mistakes in my scrips?
