tcpdump will not compile with ability to decrypt ESP encapsulated
packets.
Dr Otacon
otacon at octo.sytes.net
Tue Dec 2 09:29:04 PST 2003
I'm trying to tcpdump ESP encapsulated packets with tcpdump using:
tcpdump -w tcpdump.log -E blowfish-cbc:secret esp host safehost
...but `tcpshow < tcpdump.log' has this message repeated at the end of every
packet:
<*** No decode support for encapsulated protocol ***>
I have both /usr/lib/libcrypto.so (base) and /usr/local/lib/libcrypto.so
(port) installed, which I think may be causing some kind of a conflict. IPSec
is working fine between the two computers. Here's the output of the nm
command on the crypto libraries...
# nm /usr/local/lib/libcrypto.* | grep BF_cbc_encrypt
00000840 T BF_cbc_encrypt
U BF_cbc_encrypt
00049830 T BF_cbc_encrypt
00049830 T BF_cbc_encrypt
[root at octo]-[/var/log]# nm /usr/lib/libcrypto.* | grep BF_cbc_encrypt
U BF_cbc_encrypt
00000868 T BF_cbc_encrypt
And another command....
# ldd `which tcpdump`
/usr/sbin/tcpdump:
libpcap.so.2 => /usr/lib/libpcap.so.2 (0x280a9000)
libc.so.4 => /usr/lib/libc.so.4 (0x280c5000)
Any help is appreciated. TIA
More information about the freebsd-stable
mailing list