RE: gif(4) and bpf(4)

2005-01-26 Thread Nickolay Kritsky
Hi Jeremie. Please tell me more about your problem: is it that tcpdump cannot attach to device, or it shows no packets when you are sure there is traffic on the gif(4) interface, or something else? If there is some error report - send it here. Please check that you have free bpf device :-) . Wh

RE: gif(4) and bpf(4)

2005-01-26 Thread Nickolay Kritsky
Original Message- From: Jeremie Le Hen [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 25, 2005 7:09 PM To: Jeremie Le Hen; freebsd-net@freebsd.org Subject: Re: gif(4) and bpf(4) > Interesting. It seems gif isn't passing anything back at all. Can you verify > that the routes for t

enc(4) (was: Re: gif(4) and bpf(4))

2005-01-26 Thread Simon L. Nielsen
On 2005.01.26 02:33:54 +, Bruce M Simpson wrote: > On Tue, Jan 25, 2005 at 06:38:42PM +0100, Jeremie Le Hen wrote: > > Are you thinking about the enc(4) interface [1] [2] provided with OpenBSD ? > > Somewhat, although whilst enc(4) provides some of this functionality, its > role as far as I ca

Re: gif(4) and bpf(4)

2005-01-25 Thread Bruce M Simpson
On Tue, Jan 25, 2005 at 06:38:42PM +0100, Jeremie Le Hen wrote: > Are you thinking about the enc(4) interface [1] [2] provided with OpenBSD ? Somewhat, although whilst enc(4) provides some of this functionality, its role as far as I can see is mainly to provide a 'tapping point' for filtering pack

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> I forgot to say in my original reply that I was using IPSEC transport > mode. When I was discussing this with Bill Fenner he pointed out that > there was no such thing as IPSEC 'interface mode', though there had > been some discussion during the standards process about the need for > such a thing

Re: gif(4) and bpf(4)

2005-01-25 Thread Bruce M Simpson
On Tue, Jan 25, 2005 at 06:11:20PM +0100, Jeremie Le Hen wrote: [...] > thus consuming too much bandwidth. In fact it appeared that my gif(4) > interface is totally useless in my setup. I'm going to switch to > transport mode ASAP and tell my friend he owes me and you all a beer. I forgot to say

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> Please do the following: > > ping -r -S 192.168.1.1 192.168.4.13 >/dev/null 2>&1 & > netstat -I gif0 -w 1 > and see if any packets are counted. Weirdly, although I get the ICMP echo-reply, the gif0 interface are not updated. %%% yoda:sys# ping -qc 1 -r -S 192.168.1.1 192.168.4.13 PING 192

Re: gif(4) and bpf(4)

2005-01-25 Thread Alex
Hello, Since we see ESP traffic directly on the ep0 interface, packets are not going through gif0 as stated in the routing table. IPsec SPD is overriding the routing table, can you check (provide us) with setkey -DP and setkey -D if no SPD is present from your net to 192.168.4.0/24 ? Regards,

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> Interesting. It seems gif isn't passing anything back at all. Can you verify > that the routes for the addresses you're pinging traverse gif0? I'd > probably also try csjp@'s bpfstat tool to get a closer look at what's > going on in bpf. Yes they are (network on the other side of the tunnel is 1

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> Please tell me more about your problem: is it that tcpdump cannot > attach to device, or it shows no packets when you are sure there is > traffic on the gif(4) interface, or something else? If there is some > error report - send it here. Please check that you have free bpf > device :-) . What ver

Re: gif(4) and bpf(4)

2005-01-25 Thread Bruce M Simpson
On Tue, Jan 25, 2005 at 04:02:55PM +0100, Jeremie Le Hen wrote: > Does any one have other ideas ? It seems the code was partly written > by sam@, brooks@ and [EMAIL PROTECTED] Interesting. It seems gif isn't passing anything back at all. Can you verify that the routes for the addresses you're pin

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> Try tcpdump -L -i gif0 on the affected system and post what you get. You > might need to install the port if the base system tcpdump doesn't > have the -L option. > > If you get a list of encapsulations back, try using them with the -y > option,,e.g.: > tcpdump -y null -i gif0 I need inde

Re: gif(4) and bpf(4)

2005-01-25 Thread Bruce M Simpson
On Tue, Jan 25, 2005 at 03:33:27PM +0100, Jeremie Le Hen wrote: > Well this is a start. But I would really like to make it work on > RELENG_4. In fact, if bpf.h was not included in if_gif.c, I would not > mind. But although I'm not (yet ;p) a kernel hacker, I read quickly > bpf(9) manpage and I

Re: gif(4) and bpf(4)

2005-01-25 Thread Jeremie Le Hen
> In a previous existence, I was able to tcpdump on a gif(4) interface; > the tunnel was being used so that I could IPSEC-encapsulate multicast > traffic which was necessary to get past some ISP filters (IPIP was > being dropped at the border). > > This was in 5.2.1-RELEASE on a sparc64. > > Hope

Re: gif(4) and bpf(4)

2005-01-24 Thread Bruce M Simpson
On Mon, Jan 24, 2005 at 10:20:11PM +0100, Jeremie Le Hen wrote: > Is it supposed to work or not ? If not, does it work on RELENG_5 ? > My very -CURRENT laptop succeeds in opening bpf(4) on a gif(4) interface. In a previous existence, I was able to tcpdump on a gif(4) interface; the tunnel was bei