[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Stalled connections [LONG]
Petr Ruzicka pÃÅe v Ät 30. 09. 2004 v 16:09 +0200:
> Martin Lexa [[email protected]] wrote:
> > Side question, how can I filter on enc0?
> > tcpdump -i enc0 icmp, for example, isn't working. Probably with
> > -E option... ?
> tcpdump -i enc0 proto 1 ( works for me on xl0 interface so I hope
> it will work on enc0 as well).
Well, it didn't work. What I need is to filter on enc0 or decrypt data
on wi0 interface... and then filter on them. For example, something
tcpdump -i enc0 host 10.109.131.193 and port ssh
I tried -E option, but no luck.
tcpdump -i wi0 -E aes128-hmac96:16bitkey 'ip[20:4] = spi'
16bitkey was taken from ipsecadm show (key_encrypt: bits128:).
spi was taken from ipsecadm show (sa: spi ...)
And ipsecadm show that I have 'auth hmac-sha1 enc aes'.
What I'm doing wrong? Probably this is too more OpenBSD specific...
sorry if this is kind of off-topic here.
> Petr R.