[Openswan Users] Questions from a beginner ;)

Paul Wouters paul at xelerance.com
Fri Aug 20 16:52:01 CEST 2004

On Fri, 20 Aug 2004, Toby Corkindale wrote:

> Note that you can still categorise the traffic from a firewall point of view
> on 2.6, but that you can't use tcpdump to view both.
> ie. on 2.4 you can do
> tcpdump -i ppp0	# views encrypted traffic
> and
> tcpdump -i ipsec0 # views unencrypted traffic

> but on 2.6, you can only do
> tcpdump -i ppp0	# views encrypted traffic

And incoming decrypted traffic, but not outgoing before-crypting traffic.
So this makes firewalling very difficult.


More information about the Users mailing list