Date: Sat, 10 Apr 2004 12:32:36 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Nikolay Petrov <mailinglists@hq.panda.bg> Cc: freebsd-security@freebsd.org Subject: Re: IPSec debug Message-ID: <Pine.BSF.4.53.0404101229070.78075@e0-0.zab2.int.zabbadoz.net> In-Reply-To: <1185611253.20040410151233@hq.panda.bg> References: <1185611253.20040410151233@hq.panda.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Apr 2004, Nikolay Petrov wrote: Hi, > I have FreeBSD box with network interface having y.y.y.y ip address. > On same box i configure next ipsec ploicys to process trafic from > hardware ipsec enabled device. > > spdadd 0.0.0.0/0 x.x.x.x/24 any -P out ipsec esp/tunnel/y.y.y.y-z.z.z.z/require; > spdadd x.x.x.x/24 0.0.0.0/0 any -P in ipsec esp/tunnel/z.z.z.z-y.y.y.y/require; > > Is it possible to see decrypted incoming packets, and outgoing packets > before are they encrypted IMHO no. I think OpenBSD has if_enc(4) for this. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0404101229070.78075>