[Openswan Users] Openswan with NETKEY and monitoring data

Paul Wouters paul at xelerance.com
Fri Apr 8 13:17:15 EDT 2011

On Fri, 8 Apr 2011, Mark Dalton wrote:

> I understand that they are telling me to do this.   However again.. Back
> to the question..
> Is there a way I can access the traffic on my side to see the src/dst for
> each packet going to these devices.. or redirect all traffic from them
> over a secondary ethernet and out to the internet?

tcpdump ?

If using netkey you will not see the encrypted outgoing packets. But you see
everything else. With klips, you can tcpdump the ipsec0 interface to see
all plaintext to be crypted and tcpdump eth0 to see the crypted traffic.


More information about the Users mailing list