tcpdump will not compile with ability to decrypt ESP encapsulated packets.

Dr Otacon otacon at
Tue Dec 2 09:29:04 PST 2003

I'm trying to tcpdump ESP encapsulated packets with tcpdump using:

    tcpdump -w tcpdump.log -E blowfish-cbc:secret esp host safehost

...but `tcpshow < tcpdump.log' has this message repeated at the end of every 

    <*** No decode support for encapsulated protocol ***>

I have both /usr/lib/ (base) and /usr/local/lib/ 
(port) installed, which I think may be causing some kind of a conflict. IPSec 
is working fine between the two computers. Here's the output of the nm 
command on the crypto libraries...

# nm /usr/local/lib/libcrypto.* | grep BF_cbc_encrypt
00000840 T BF_cbc_encrypt
         U BF_cbc_encrypt
00049830 T BF_cbc_encrypt
00049830 T BF_cbc_encrypt
[root at octo]-[/var/log]# nm /usr/lib/libcrypto.* | grep BF_cbc_encrypt
         U BF_cbc_encrypt
00000868 T BF_cbc_encrypt

And another command....

# ldd `which tcpdump`
/usr/sbin/tcpdump: => /usr/lib/ (0x280a9000) => /usr/lib/ (0x280c5000)

Any help is appreciated. TIA

More information about the freebsd-stable mailing list