[Openswan Users] How to see the outgoing decrypted packets with kernel 2.6 ?

Paul Wouters paul at xelerance.com
Mon Jun 27 22:40:35 CEST 2005


On Mon, 27 Jun 2005, Jacques Valot wrote:

> The tunnel is operationnal and I can see ESP packets in both directions with 
> a tcpdump command. With this same tcpdump command I can see the incoming 
> decrypted IP packet BUT THE PROBLEM is that I don't see the outgoing 
> decrypted packets.

> I have the same problem with ethereal tool.
>
> After many searchs, I think this problem is due to the kernel 2.6 (26sec), 
> but I have no solution.

That is correct.

> I try to load the klips module compiled with the Openswan 2.3.1 sources 
> before to run the ipsec service but in this case I can't ping the remote host 
> and no decryted packets appears in the result of tcpdump. But I can see the 2 
> ESP packets :
> # tcpdump -n |grep 129.181.113.152

You need to run tcpdump on the ipsec0 interface, not the ethX interface, that
I assume tcpdump uses when no interface is specified.

Paul


More information about the Users mailing list