[Openswan Users] Openswan with NETKEY and monitoring data
Paul Wouters
paul at xelerance.com
Fri Apr 8 13:17:15 EDT 2011
On Fri, 8 Apr 2011, Mark Dalton wrote:
> I understand that they are telling me to do this. However again.. Back
> to the question..
>
> Is there a way I can access the traffic on my side to see the src/dst for
> each packet going to these devices.. or redirect all traffic from them
> over a secondary ethernet and out to the internet?
tcpdump ?
If using netkey you will not see the encrypted outgoing packets. But you see
everything else. With klips, you can tcpdump the ipsec0 interface to see
all plaintext to be crypted and tcpdump eth0 to see the crypted traffic.
Paul
More information about the Users
mailing list