I guess it's OT, again.. but I need it quite quickly...
... I need to capture and decrypt esp packets to see, what's in ...
anybody an idea ?
I already have downloaded and installed the latest libcrypt ( openssl ),
the latestet tcpdump ( I had to change the "configure" file to get
"des_cbc_encrypt" implemented ) and the latest libpcap ...
Now, I tried following :
tcpdump -i eth0 -w dump.cap -n -vv -E des-cbc:shared-secret ip proto 50 or
ip proto 51 or udp port 500 or udp port 4500
I see all the ESP packets but I can't see, if it's just a ping, or
I also tried :
tcpdump -i eth0 -w dump-cap -n -vv -E des-cbc:shared-secret esp host
but didn't work at all...
any ideas ?