On Friday, 13. September 2002 07:45, tobias.reckhard@secunet.com wrote:
Nonetheless, tcpdump registered lots of traffic during the whole night.
So what does it say and how does that compare to e.g. the
Pluto logs? Have you tried using tcpdump on the FreeS/WAN machine itself?
Pluto says this:
Sep 12 11:01:52 uhura kernel: klips_debug:gettdb: linked entry in tdb table for hash=175 of SA:esp0x41b4818@<gateA> requested. Sep 12 11:01:52 uhura kernel: klips_debug:gettdb: linked entry in tdb table for hash=230 of SA:tun0x1002@<gateB> requested.
That's what KLIPS says, not Pluto. Set plutodebug to 'all' and see what Pluto says.
Sep 13 09:20:48 uhura Pluto[9867]: | *time to handle event Sep 13 09:20:48 uhura Pluto[9867]: | event after this is EVENT_SA_REPLACE in 2670 seconds Sep 13 09:20:48 uhura Pluto[9867]: | inserting event EVENT_SHUNT_SCAN, timeout in 120 seconds Sep 13 09:20:48 uhura Pluto[9867]: | next event EVENT_SHUNT_SCAN in 120 seconds -- CU, Christoph