[Openswan Users] Questions from a beginner ;)
Paul Wouters
paul at xelerance.com
Fri Aug 20 16:52:01 CEST 2004
On Fri, 20 Aug 2004, Toby Corkindale wrote:
> Note that you can still categorise the traffic from a firewall point of view
> on 2.6, but that you can't use tcpdump to view both.
> ie. on 2.4 you can do
> tcpdump -i ppp0 # views encrypted traffic
> and
> tcpdump -i ipsec0 # views unencrypted traffic
right.
> but on 2.6, you can only do
> tcpdump -i ppp0 # views encrypted traffic
And incoming decrypted traffic, but not outgoing before-crypting traffic.
So this makes firewalling very difficult.
Paul
More information about the Users
mailing list