Date: Tue, 11 Dec 2001 13:36:44 -0500 (EST) From: cjm2@27in.tv To: <freebsd-questions@freebsd.org> Subject: ipsec & tcpdump Message-ID: <3601.216.153.201.254.1008095804.squirrel@www.27in.tv>
next in thread | raw e-mail | index | archive | help
Hello,
I am running 4.4-STABLE. I have an ipsec/ESP tunnel to another box. I am
trying to find out if there is any way to view the tcp/ip traffic (w/
tcpdump) that is going over that tunnel. Not being able to view this
traffic is making troubleshooting some other issues rather difficult.
My ifconfig reads: (Public ip's have been faked to protect the innocent.)
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
ether 00:c0:f0:4d:f6:9f
media: Ethernet autoselect (100baseTX)
status: active
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 1.2.3.4 netmask 0xfffffc00 broadcast 255.255.255.255
ether 00:00:e8:d7:ef:3c
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
tunnel inet 1.2.3.4 --> 5.6.7.8
inet 10.0.0.1 --> 192.168.0.1 netmask 0xffffff00
My ip is 10.0.0.1 and the remote ip is 192.168.0.1. As a test I setup a
ping to 192.168.0.1
"tcpdump -i ed0 proto 1" shows me the ESP packets
"tcpdump -i dc0 proto 1" shows me nothing.
"tcpdump -i gif0 proto 1" shows me nothing. In addition, no packets ever
seem to pass through gif0 (from a tcpdump point of view).
Any assistance at all would be greatly appreciated.
Thanks,
--Chris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3601.216.153.201.254.1008095804.squirrel>