The interface does not change, so how can I see in netfilter if a packet came in encrypted and got decrypted, or if it came in unencrypted? with freeswan ipsec the packet had an incoming interfaces "ipsec0" that could be matched for this purpose. Also packets seem to be processed: - transport mode: 2 times by INCOMING, both with proto=AH, different length - tunnel mode: 2 times INCOMING (first proto=AH then proto=ESP) and then INCOMING or FORWARD with the tcp/udp/icmp packet. However the other way I see packets only once, in OUTGOING or FORWARD without any encryption. Is it meant to be that way? Regards, Andreas - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
