Re: IPSEC

[Michael Mueller <m.mueller99 () kay-mueller de>]

You can use tcpdump -E to decrypt ESP headers. (The tcpdump man page is 
also kind of cryptic at this point though. Contact me if you have 
trouble.) For *-cbc (3des-cbc for example) encryption algorithms you 
will need the patch I just sent to this list. See "tcpdump -E doesn't 
work for 3des-cbc/hmac-md5".

I haven't tried AH headers. Maybe someone else can tell if they are 
parsed properly.

Michael

Narayanan S RAMABHADRAN wrote:
> Hi
>
>    Is there a version of tcpdump that can parse IPsec headers ?
>
>    Thanks,
>    Sriram
>
>    Narayanan Sriram Ramabhadran
>    Graduate student
>    Dept. of Computer Science & Engg.
>    University of California San Diego
>
> -
> This is the tcpdump-workers list.
> Visit https://lists.sandelman.ca/ to unsubscribe.

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.