Hi,
I just finished writing a plugin for strongSwan[1], an open source IPsec-based VPN Solution, that will export ESP, IKEv1 and IKEv2 decryption tables in a wireshark compatible format.[2],[3] Now I want to test the plugin. Until now, I run strongSwan with the new plugin loaded, then I make a wireshark capture with ISAKMP and ESP packets and then I check if the packets are decrypted using wireshark gui. Now, is there a way to check if the wireshark decryption table that was generated by the new strongSwan plugin is compatible with wireshark and if it is compatible to check if it decrypts the pakets?... all that without using wireshark gui. Cheers, Codrut. [1]: https://www.strongswan.org/ strongSwan - IPsec VPN for Linux, Android, FreeBSD, Mac OS ...<https://www.strongswan.org/> www.strongswan.org strongSwan is an Open Source IPsec-based VPN solution for Linux and other UNIX based operating systems implementing both the IKEv1 and IKEv2 key exchange protocols. [2]: https://wiki.strongswan.org/issues/1557 Feature #1557: An option to save IKE_SA and CHILD_SA keys for wireshark - strongSwan<https://wiki.strongswan.org/issues/1557> wiki.strongswan.org Redmine [3]: https://github.com/strongswan/strongswan/pull/49 [https://avatars0.githubusercontent.com/u/19309810?v=3&s=400]<https://github.com/strongswan/strongswan/pull/49> An option to save IKE_SA and CHILD_SA keys for wireshark by superCodrut · Pull Request #49 · strongswan/strongswan<https://github.com/strongswan/strongswan/pull/49> github.com This is the first patch series for feature #1557.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
