[Openswan dev] Problems with openswan and bridging

Mon Jun 4 20:44:02 EDT 2007

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Rene" == Rene Mayrhofer <rene.mayrhofer at gibraltar.at> writes:
    Rene> On Montag, 4. Juni 2007 21:37, Michael Richardson wrote:
    >> KLIPS should be making the packet arrive on the ipsec0 interface.

    Rene> I'd think so too.

    >> Can you enable rcv + verbose debugging in KLIPS?
    >> I haven't run much code on a 2.4 kernel base lately either.

    Rene> Which plutodebug and klipsdebug options would help? I should
    Rene> be able to get  
    Rene> traces of that case by tomorrow (the machines are currently
    Rene> offline).

  klipsdebug="rcv verbose"

  It will produce some significant output, so I wouldn't do it that way.
Instead do:
	dmesg -c >/dev/null
	ipsec klipsdebug --set rcv; ipsec klipsdebug --set verbose
	sleep 60	 # send traffic 
	ipsec klipsdebug --clear rcv; ipsec klipsdebug --clear verbose
	dmesg >somefile.txt

- -- 
]            Bear: "Me, I'm just the shape of a bear."          |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRmSxzICLcPvd0N1lAQLh/Qf/arqMXpPOyESZFwZVQJSBnTNged1b8mu4
OpZ/r8PFj039+0rZvw7XnNFiJlr7Hr8vl+DQc2AHWoJVKetr2UPpvqeXx7fwZv8o
aV06FckCYcYk7xUCpVFiZPCsXyv9EHCyOU37dRORkxMm+VeBeXmYgDBUGenRR+nv
aAsBv+KUtpIutrZsClpFRJsKNoPT11x7Zl1K40RT1EackrNuT2Hzy05qut6PJB+N
WisgVyk/cCZJp5HSNyGv8j1u4yUQQthG5XZYaJCCxRfwlVWsahJmjO4WpN+0eZoU
BvY5HZrT/R+0cnLZqfY9zrMWQtOHZJiitnjGAXQigbn3Z6nQ3iKgLw==
=OBaX
-----END PGP SIGNATURE-----