[Openswan Users] How to see the outgoing decrypted packets with
kernel 2.6 ?
jacquesvalot at hotmail.com
Wed Jun 29 10:24:52 CEST 2005
>From: Paul Wouters <paul at xelerance.com>
>To: Jacques Valot <jacquesvalot at hotmail.com>
>CC: users at openswan.org
>Subject: Re: [Openswan Users] How to see the outgoing decrypted packets
>with kernel 2.6 ?
>Date: Mon, 27 Jun 2005 21:40:35 +0200 (CEST)
>On Mon, 27 Jun 2005, Jacques Valot wrote:
>>The tunnel is operationnal and I can see ESP packets in both directions
>>with a tcpdump command. With this same tcpdump command I can see the
>>incoming decrypted IP packet BUT THE PROBLEM is that I don't see the
>>outgoing decrypted packets.
>>I have the same problem with ethereal tool.
>>After many searchs, I think this problem is due to the kernel 2.6 (26sec),
>>but I have no solution.
>That is correct.
>>I try to load the klips module compiled with the Openswan 2.3.1 sources
>>before to run the ipsec service but in this case I can't ping the remote
>>host and no decryted packets appears in the result of tcpdump. But I can
>>see the 2 ESP packets :
>># tcpdump -n |grep 188.8.131.52
>You need to run tcpdump on the ipsec0 interface, not the ethX interface,
>I assume tcpdump uses when no interface is specified.
You have right.
But, if I run the tcpdump command on the ipsec0 interface, I only see the
icmp echo request packets.
without the KLIPS kernel module loaded :
- On eth0 interface, I see both ESP packets (incoming and outgoing) and
incoming decrypted packets.
- no ipsec interface
- The ping is OK.
with the KLIPS kernel module loaded before run ipsec :
- On eth0 interface, I see both ESP packets (incoming and outgoing)
- On ipsec0 interface, I see outgoing decrypted packets.
- The ping doesn't worked.
MSN Search : des réponses à tous vos besoins !
More information about the Users