From owner-freebsd-net@FreeBSD.ORG Sun Dec 15 21:31:04 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 69651E4 for ; Sun, 15 Dec 2013 21:31:04 +0000 (UTC) Received: from olgeni.olgeni.com (host-156-246-171-31.cloudsigma.com [31.171.246.156]) by mx1.freebsd.org (Postfix) with ESMTP id 2DAED133C for ; Sun, 15 Dec 2013 21:31:03 +0000 (UTC) Received: from olgeni.olgeni (unknown [82.84.68.101]) by olgeni.olgeni.com (Postfix) with ESMTPSA id C0A17174491; Sun, 15 Dec 2013 22:24:16 +0100 (CET) Date: Sun, 15 Dec 2013 22:24:16 +0100 (CET) From: Jimmy Olgeni X-X-Sender: olgeni@olgeni.olgeni To: Eugene Perevyazko Subject: Re: ipsec packets apparently not getting to destination In-Reply-To: <20131204122115.GA46835@traktor.dnepro.net> Message-ID: References: <20131204122115.GA46835@traktor.dnepro.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Dec 2013 21:31:04 -0000 Hi, On Wed, 4 Dec 2013, Eugene Perevyazko wrote: > mpd uses netgraph for most if not all processing. Could it be that > ipsec-processed packets do not enter corresponding netgraph node? You can > look at the netgraph tree to see where mpd expects to see incoming > packets. Opening an UDP listening port with socat(1) does not show any traffic, which (unfortunately) excludes weird paths inside netgraph. It just doesn't get through... -- jimmy