[Openswan Users] How to see the outgoing decrypted packets with
kernel 2.6 ?
Paul Wouters
paul at xelerance.com
Mon Jun 27 22:40:35 CEST 2005
On Mon, 27 Jun 2005, Jacques Valot wrote:
> The tunnel is operationnal and I can see ESP packets in both directions with
> a tcpdump command. With this same tcpdump command I can see the incoming
> decrypted IP packet BUT THE PROBLEM is that I don't see the outgoing
> decrypted packets.
> I have the same problem with ethereal tool.
>
> After many searchs, I think this problem is due to the kernel 2.6 (26sec),
> but I have no solution.
That is correct.
> I try to load the klips module compiled with the Openswan 2.3.1 sources
> before to run the ipsec service but in this case I can't ping the remote host
> and no decryted packets appears in the result of tcpdump. But I can see the 2
> ESP packets :
> # tcpdump -n |grep 129.181.113.152
You need to run tcpdump on the ipsec0 interface, not the ethX interface, that
I assume tcpdump uses when no interface is specified.
Paul
More information about the Users
mailing list