...
| Code Block | ||
|---|---|---|
| ||
iptables -t raw -I PREROUTING -p esp -j NFLOG --nflog-group 5 iptables -t raw -I PREROUTING -p ah -j NFLOG --nflog-group 5 iptables -t raw -I PREROUTING -p udp -m multiport --dports 500,4500 -j NFLOG --nflog-group 5 iptables -t raw -I OUTPUT -p esp -j NFLOG --nflog-group 5 iptables -t raw -I OUTPUT -p ah -j NFLOG --nflog-group 5 iptables -t raw -I OUTPUT -p udp -m multiport --dports 500,4500 -j NFLOG --nflog-group 5 iptables -t mangle -I PREROUTING -m policy --pol ipsec --dir in -j NFLOG --nflog-group 5 iptables -t mangle -I POSTROUTING -m policy --pol ipsec --dir out -j NFLOG --nflog-group 5 ...iptables -t filter -I INPUT -m addrtype --dst-type LOCAL -m policy --pol ipsec --dir in -j NFLOG --nflog-group 5 iptables -t filter -I FORWARD -m addrtype ! --dst-type LOCAL -m policy --pol ipsec --dir in -j NFLOG --nflog-group 5 iptables -t filter -I OUTPUT -m policy --pol ipsec --dir out -j NFLOG --nflog-group 5 tcpdump -vU -n -i nflog:5 -w /tmp/dump.pcap |
...