[Openswan Users] ipsec look on 2.6

Marco Berizzi pupilla at hotmail.com
Thu Dec 1 11:42:11 CET 2005


Herbert Xu wrote:

> Well issues such as seeing decrypted packets in tcpdump is orthogonal
> to having ipsecX interfaces.  In fact, as soon as the current
netfilter
> IPsec patches are merged, it will be quite easy to add the necessary
> hooks so that tcpdump sees the plain-text packets on both inbound and
> outbound in addition to the encrypted ones.

After Patrick McHardy patches merge (2.6.16?),
will be there a way to tcpdump only the clear
text traffic that is going to be encrypted/
decrypted? Actually with KLIPS this is easy:
tcpdump -i ipsec0



More information about the Users mailing list