[Bug 234008] New: Package Capture doesn't capture packages sent thru IPSec tunnel.
https://bugzilla.novell.com/show_bug.cgi?id=234008 Summary: Package Capture doesn't capture packages sent thru IPSec tunnel. Product: openSUSE 10.2 Version: RC 5 Platform: i686 OS/Version: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Kernel AssignedTo: kernel-maintainers@forge.provo.novell.com ReportedBy: eich@novell.com QAContact: qa@suse.de [This may not be a bug but it is sure annoying and complicates debugging network problems] Package capture (using tcpdump, wireshark (used to be ethereal)) doesn't capture packages when sent from the machine where IPSec tunnel is running before they are encrypted. Only the decrypted packages sent from the remote side are captured. For example a ping to shannon.suse.de prints only the 'echo reply' not the 'echo request': 12:45:31.162494 IP wlan-hermes.ipsec-nat-t > 195.135.221.4.ipsec-nat-t: UDP-enca p: ESP(spi=0xfe06d7a7,seq=0x59), length 132 12:45:31.220697 IP 195.135.221.4.ipsec-nat-t > wlan-hermes.ipsec-nat-t: UDP-enca p: ESP(spi=0xedd83a00,seq=0x5c), length 132 12:45:31.220697 IP 10.10.0.79 > 10.204.0.41: ICMP echo reply, id 16988, seq 50, length 64 12:45:32.162546 IP wlan-hermes.ipsec-nat-t > 195.135.221.4.ipsec-nat-t: UDP-enca p: ESP(spi=0xfe06d7a7,seq=0x5a), length 132 12:45:32.219746 IP 195.135.221.4.ipsec-nat-t > wlan-hermes.ipsec-nat-t: UDP-enca p: ESP(spi=0xedd83a00,seq=0x5d), length 132 12:45:32.219746 IP 10.10.0.79 > 10.204.0.41: ICMP echo reply, id 16988, seq 51, length 64 ... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=234008 gregkh@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kernel- |perex@novell.com |maintainers@forge.provo.nove| |ll.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=234008 perex@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Enhancement ------- Comment #1 from perex@novell.com 2007-01-23 07:05 MST ------- See http://www.tcpdump.org/lists/workers/2004/10/msg00008.html or http://www.xelerance.com/talks/linuxtag2004/IPseconLinux.pdf . It's 2.6 kernel "design" bug. I just tried to setup a manual keyed communication with with two SL10.2 virtual machines (using xen) - 2.6.18.2-34 kernel. Only encrypted packets are visible using the pcap interface as expected: 14:52:26.968620 IP 192.168.222.1 > 192.168.222.2: AH(spi=0x00000200,seq=0x34c): ESP(spi=0x00000201,seq=0x34c), length 88 14:52:27.007593 IP 192.168.222.2 > 192.168.222.1: AH(spi=0x00000300,seq=0x2ee): ESP(spi=0x00000301,seq=0x2ee), length 88 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=234008 sndirsch@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mhopf@novell.com, sndirsch@novell.com ------- Comment #2 from sndirsch@novell.com 2007-05-12 04:42 MST ------- JFYI, Matthias. This is a bugreport, which is assigned to Egbert/me or with Egbert/me in CC or reported by Egbert/me. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=234008
Jiri Kosina
https://bugzilla.novell.com/show_bug.cgi?id=234008
User jbohac@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=234008#c4
Jiri Bohac
participants (1)
-
bugzilla_noreply@novell.com