tcpdump and ipsec
- From: "Eric W. Bates" <ericx_lists@xxxxxxxxxxxx>
- Date: Fri, 31 Mar 2006 15:18:32 -0500
This seems like a dumb question; but I wonder if one can use tcpdump to
view the decrypted out flow from and esp tunnel?
I have an established tunnel on machine 'firewall'.
The tunnel is a route between net 10.128.10.0/24 and 192.168.10.0/24.
'firewall' has 192.168.10.1 as the ip on its internal interface.
When I ping 10.128.10.1 using 192.168.10.1 as the source address, I can
use tcpdump to view the esp packets via the external interface.
Is there a way to use tcpdump to view the packets as they traverse from
the tunnel to 192.168.10.1? I had no luck attaching tcpdump to the
internal interface.
By the same token, can I hook any of the traffic with ipfw?
I suspect that if any of this traffic were leaving the machine, I would
see it; but maybe not if 'firewall' itself is the destination?
Thanks for your time.
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Prev by Date: news day
- Previous by thread: bsnmp with vlan, no speed values are set
- Index(es):
Relevant Pages
|
|
