[Openswan Users] Decrypt ESP packets with wireshark for tunnel mode (Openswan)
Willie Gillespie
wgillespie+openswan at es2eng.com
Tue Nov 16 21:51:39 EST 2010
Paul Wouters wrote:
> The other way around :) Outoging you cannot see the encrypted packets.
> Incoming
> you see both encrypted and decrypted, and they both appear to come from
> the same "source" mightilly confusing rp_filter so you're forced to do
> nasty
> MARKing.
Paul is right about the incoming/outgoing. I would disagree that you
are forced to do any MARKing though -- I don't have to use any MARKs.
Policy matching in iptables is your friend here.
Willie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6456 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20101116/f08ab012/attachment.bin
More information about the Users
mailing list