Date: Tue, 2 Dec 2003 10:28:52 -0700 From: Dr Otacon <otacon@octo.sytes.net> To: freebsd-ipfw@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: tcpdump will not compile with ability to decrypt ESP encapsulated packets. Message-ID: <200312021028.52517.otacon@octo.sytes.net>
next in thread | raw e-mail | index | archive | help
I'm trying to tcpdump ESP encapsulated packets with tcpdump using:
tcpdump -w tcpdump.log -E blowfish-cbc:secret esp host safehost
...but `tcpshow < tcpdump.log' has this message repeated at the end of every
packet:
<*** No decode support for encapsulated protocol ***>
I have both /usr/lib/libcrypto.so (base) and /usr/local/lib/libcrypto.so
(port) installed, which I think may be causing some kind of a conflict. IPSec
is working fine between the two computers. Here's the output of the nm
command on the crypto libraries...
# nm /usr/local/lib/libcrypto.* | grep BF_cbc_encrypt
00000840 T BF_cbc_encrypt
U BF_cbc_encrypt
00049830 T BF_cbc_encrypt
00049830 T BF_cbc_encrypt
[root@octo]-[/var/log]# nm /usr/lib/libcrypto.* | grep BF_cbc_encrypt
U BF_cbc_encrypt
00000868 T BF_cbc_encrypt
And another command....
# ldd `which tcpdump`
/usr/sbin/tcpdump:
libpcap.so.2 => /usr/lib/libpcap.so.2 (0x280a9000)
libc.so.4 => /usr/lib/libc.so.4 (0x280c5000)
Any help is appreciated. TIA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312021028.52517.otacon>