|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re[2]: IPSec debug
From: Nikolay Petrov (mailinglists
hq.panda.bg)
Date: Sat Apr 10 2004 - 08:20:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Bjoern,
Saturday, April 10, 2004, 3:32:36 PM, you wrote:
BAZ> On Sat, 10 Apr 2004, Nikolay Petrov wrote:
BAZ> Hi,
>> I have FreeBSD box with network interface having y.y.y.y ip address.
>> On same box i configure next ipsec ploicys to process trafic from
>> hardware ipsec enabled device.
>>
>> spdadd 0.0.0.0/0 x.x.x.x/24 any -P out ipsec
>> esp/tunnel/y.y.y.y-z.z.z.z/require;
>> spdadd x.x.x.x/24 0.0.0.0/0 any -P in ipsec
>> esp/tunnel/z.z.z.z-y.y.y.y/require;
>>
>> Is it possible to see decrypted incoming packets, and outgoing packets
>> before are they encrypted
BAZ> IMHO no. I think OpenBSD has if_enc(4) for this.
Have this some relation to KAME project, because enc(4) interface is only
available in OpenBSD. NetBSD also have same limitation.
--
Best regards,
Nikolay mailinglistshq.panda.bg
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]