[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

isakmpd / tunnel traffic goes default route, not into tunnel



Hi,

sorry for this rather long post. 

I try to setup a basic IPSEC tunnel between two DSL gateways. 
Below you can find some output from isakmpd -d -DA=90 -D1=70, 
netstat -rn, isakmpd.conf and pf.conf. As far as I can tell, the tunnel 
gets established, but packets (tested with tcpdump, ping and ssh) 
to the other side go straight through tun0, so the tunnel see no traffic 
at all. 
I'm sure I'm missing something, but  isakmpd(8) and vpn(8) don't tell 
me what. 

thank you very much, if you gonna look at it.

--knitti


----#### net config ####----

10.0.2/24 
    |
[10.0.2.1 | 217.232.81.29] Peer tbase
    |
(Internet)
    |
[213.54.221.147 | 192.168.0.150] Peer gh
    |
192.168.0/24 

----#### both peers ####----
# cat /etc/isakmpd/isakmpd.policy
Authorizer: "POLICY"


----#### Peer tbase ####----
# netstat -rn -f encap
Routing tables

Encap:
Source             Port  Destination        Port  Proto
SA(Address/Proto/Type/Direction)
192.168.0/24       0     10.0.2/24          0     0     213.54.221.147/50/use/in
10.0.2/24          0     192.168.0/24       0     0    
213.54.221.147/50/require/out
# cat /etc/isakmpd/isakmpd.conf
[Phase 1]
213.54.221.147= peer-gh

[Phase 2]
Connections=            conn-tbase-gh

[peer-gh]
Phase=                  1
Transport=              udp
Address=                213.54.221.147
Configuration=          Default-main-mode
Authentication=         ultratester

[conn-tbase-gh]
Phase=                  2
ISAKMP-peer=            peer-gh
Configuration=          Default-quick-mode
Local-ID=               net-tbase
Remote-ID=              net-gh

[net-tbase]
ID-type=                IPV4_ADDR_SUBNET
Network=                10.0.2.0
Netmask=                255.255.255.0

[net-gh]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.0.0
Netmask=                255.255.255.0

[Default-main-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          ID_PROT
Transforms=             3DES-SHA

[Default-quick-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          QUICK_MODE
Suites=                 QM-ESP-3DES-SHA-PFS-SUITE

# cat /etc/pf.conf

ext0 = "tun0"
int0 = "sis0"

table <int_net> const { 10.0.1.0/24,  10.0.2.0/24 }
table <my_ip> const { 10.0.1.1, 10.0.2.1 }
table <dont_route_ext> const { 127/8 192.168/16 172.16.0.0/12
255.255.255.255/32 }
table <mayssh> persist

set loginterface $ext0
set loginterface $int0
set block-policy drop

scrub in on $ext0 all
scrub out on $ext0 all random-id

altq on $ext0 cbq bandwidth 118Kb queue { interactive bulk defaultq }
queue defaultq bandwidth 30% priority 3 cbq(borrow default)
queue interactive bandwidth 50% priority 5 cbq(borrow) { sessions serving }
queue  sessions bandwidth 80% cbq(borrow)
queue  serving bandwidth 20% cbq(borrow)
queue bulk bandwidth 20% priority 2 cbq(red borrow) { blk blk_pri }
queue  blk bandwidth 50% priority 1 cbq(borrow)
queue  blk_pri bandwidth 50% priority 2 cbq(borrow)

altq on $int0 cbq bandwidth 100Mb queue { default_rl0 bulk_rl0 bulk_4}
queue default_rl0 bandwidth 99Mb priority 4 cbq(default)
queue bulk_rl0 bandwidth 64Kb priority 2 cbq(red) {blk_rl0 blk_rl0_pri}
queue  blk_rl0 bandwidth 70% priority 1 cbq(borrow)
queue  blk_rl0_pri bandwidth 30% priority 2 cbq(borrow)
queue bulk_4 bandwidth 40Kb priority 2 cbq(red) {blk_4 blk_4_pri}
queue  blk_4 bandwidth 70% priority 1 cbq(borrow)
queue  blk_4_pri bandwidth 30% priority 2 cbq(borrow)

nat on $ext0 from <int_net> to any -> $ext0
rdr on $int0 proto tcp from 10.0.1.1 to !10.0.0.0/16 port 21 ->
127.0.0.1 port 8081
rdr on $int0 proto tcp from 10.0.2.1 to !10.0.0.0/16 port 21 ->
127.0.0.1 port 8081

rdr on $ext0 proto tcp from !<int_net> to ($ext0) port 16880:16890 ->
10.0.1.15 port 16880:*

block on $ext0 all
block quick inet6 all
pass quick on lo0 all

block in log quick on $ext0 inet proto tcp from any to any flags FUP/FUP
block in log quick on $ext0 inet proto tcp from any to any flags SF/SFRA
block in log quick on $ext0 inet proto tcp from any to any flags /SFRA

pass quick proto esp
pass quick proto gre
pass in on enc0
pass out on enc0 keep state
pass in on enc0 from 192.168.0.0/24 to 10.0.2.0/24 keep state
pass in on $ext0 inet proto udp from any port 500 to ($ext0) port 500
pass in on $ext0 inet proto udp from any to ($ext0) port 4500

pass in quick on $ext0 inet proto {tcp, udp} from any to 10.0.1.15
port 16880><16890 flags S/SA keep state queue (blk, blk_pri)
pass in quick on sis0 inet from 10.0.1.15 to any flags S/SA modulate
state queue (blk_rl0, blk_rl0_pri)

pass in quick on sis0 inet from 10.0.1.4 to any flags S/SA modulate
state queue (blk_4, blk_4_pri)

pass in quick on $ext0 inet proto tcp from any to any port > 49151
user proxy flags S/SAFR keep state

pass in quick on $ext0 inet proto icmp all icmp-type 8 code 0 keep state

pass in quick on $ext0 inet proto tcp from any to any port 25 flags
S/SAFR keep state queue bulk
pass in quick on $ext0 inet proto tcp from any to any port 10022 flags
S/SAFR keep state queue defaultq
pass in quick on $ext0 inet proto tcp from any to any port 22 flags
S/SAFR keep state queue sessions
pass in quick on $ext0 inet proto tcp from any to any port { 80, 443 }
keep state queue serving

pass out quick on $ext0 inet proto tcp from $ext0 to any port 22
modulate state queue(sessions)

pass out quick on $ext0 inet proto tcp from $ext0 to any port {80,
443, 8080}  modulate state queue sessions

pass out quick on $ext0 inet proto tcp from $ext0 to any port 25
modulate state queue bulk

pass out quick on $ext0 all modulate state

# last output from isakmpd -d -DA=90 -D1=70
...
001130.079527 Sdep 50 pf_key_v2_set_spi: done
001130.080252 Sdep 40 pf_key_v2_convert_id: IPv4 address 213.54.221.147/32
001130.080698 Sdep 40 pf_key_v2_convert_id: IPv4 address 217.232.81.29/32
001130.081231 Sdep 10 pf_key_v2_set_spi: satype 2 dst 217.232.81.29
SPI 0xd750555e
001130.081630 Sdep 80 pf_key_v2_write: iov[0]:
001130.082039 Sdep 80 02020002 32000000 08000000 383d0000
001130.082327 Sdep 80 pf_key_v2_write: iov[1]:
001130.082715 Sdep 80 02000100 d750555e 00010303 04000000
001130.087145 Sdep 80 pf_key_v2_write: iov[2]:
001130.087707 Sdep 80 04000300 00000000 00000000 00000000 b0040000
00000000 00000000 00000000
001130.088010 Sdep 80 pf_key_v2_write: iov[3]:
001130.088526 Sdep 80 04000400 00000000 00000000 00000000 38040000
00000000 00000000 00000000
001130.088828 Sdep 80 pf_key_v2_write: iov[4]:
001130.089275 Sdep 80 03000500 00000000 10020000 d536dd93 00000000 00000000
001130.089570 Sdep 80 pf_key_v2_write: iov[5]:
001130.090118 Sdep 80 03000600 00000000 10020000 d9e8511d 00000000 00000000
001130.090446 Sdep 80 pf_key_v2_write: iov[6]:
001130.090952 Sdep 80 04000800 a0000000 4da119a4 f991f37b ee3da007
52e68450 effefb01 00000000
001130.091255 Sdep 80 pf_key_v2_write: iov[7]:
001130.091753 Sdep 80 04000900 c0000000 a1fa28f9 646241b6 eafbaa56
b78c4e79 ca42c9d8 43eaca5b
001130.092055 Sdep 80 pf_key_v2_write: iov[8]:
001130.092562 Sdep 80 05000a00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001130.092906 Sdep 80 32000000 00000000
001130.093237 Sdep 80 pf_key_v2_write: iov[9]:
001130.103323 Sdep 80 05000b00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001130.103705 Sdep 80 00000000 00000000
001130.103992 Sdep 80 pf_key_v2_write: iov[10]:
001130.104314 Sdep 80 01001400 00010000
001130.104598 Sdep 80 pf_key_v2_write: iov[11]:
001130.104920 Sdep 80 01001300 00000000
001130.105205 Sdep 80 pf_key_v2_write: iov[12]:
001130.105659 Sdep 80 03001600 00000000 10020000 0a000200 00000000 00000000
001130.105956 Sdep 80 pf_key_v2_write: iov[13]:
001130.106405 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001130.110994 Sdep 80 pf_key_v2_write: iov[14]:
001130.111522 Sdep 80 03001500 00000000 10020000 c0a80000 00000000 00000000
001130.111827 Sdep 80 pf_key_v2_write: iov[15]:
001130.112280 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001130.113950 Sdep 80 pf_key_v2_read: msg:
001130.114550 Sdep 80 02020002 2a000000 08000000 383d0000 02000100
d750555e 00010303 04000000
001130.115092 Sdep 80 04000300 00000000 00000000 00000000 b0040000
00000000 00000000 00000000
001130.121905 Sdep 80 04000400 00000000 00000000 00000000 38040000
00000000 00000000 00000000
001130.122486 Sdep 80 03000500 00000000 10020000 d536dd93 00000000
00000000 03000600 00000000
001130.123024 Sdep 80 10020000 d9e8511d 00000000 00000000 05000a00
01000000 00000000 00000000
001130.123550 Sdep 80 3231332e 35342e32 32312e31 34372f33 32000000
00000000 05000b00 01000000
001130.124075 Sdep 80 00000000 00000000 3231372e 3233322e 38312e32
392f3332 00000000 00000000
001130.124658 Sdep 80 03001100 00000000 10020000 ffffff00 00000000
00000000 03001200 00000000
001130.125203 Sdep 80 10020000 ffffff00 00000000 00000000 01001300
00000000 01001400 00010000
001130.125738 Sdep 80 03001500 00000000 10020000 c0a80000 00000000
00000000 03001600 00000000
001130.126146 Sdep 80 10020000 0a000200 00000000 00000000
001130.126612 Sdep 50 pf_key_v2_set_spi: done
001130.127209 Exch 50 ipsec_finalize_exchange: src 10.0.2.0
255.255.255.0 dst 192.168.0.0 255.255.255.0 tproto 0 sport 0 dport 0
001130.135833 Sdep 40 pf_key_v2_convert_id: IPv4 address 213.54.221.147/32
001130.136260 Sdep 40 pf_key_v2_convert_id: IPv4 address 217.232.81.29/32
001130.136976 Sdep 50 pf_key_v2_flow: src 10.0.2.0 255.255.255.0 dst
192.168.0.0 255.255.255.0 proto 0 sport 0 dport 0
001130.137405 Sdep 80 pf_key_v2_write: iov[0]:
001130.137815 Sdep 80 020c0002 1d000000 09000000 383d0000
001130.138105 Sdep 80 pf_key_v2_write: iov[1]:
001130.138612 Sdep 80 05000a00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001130.138958 Sdep 80 00000000 00000000
001130.139242 Sdep 80 pf_key_v2_write: iov[2]:
001130.139747 Sdep 80 05000b00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001130.147751 Sdep 80 32000000 00000000
001130.153303 Sdep 80 pf_key_v2_write: iov[3]:
001130.153708 Sdep 80 01001400 03020000
001130.153993 Sdep 80 pf_key_v2_write: iov[4]:
001130.154447 Sdep 80 03000600 00000000 10020000 d536dd93 00000000 00000000
001130.154744 Sdep 80 pf_key_v2_write: iov[5]:
001130.155201 Sdep 80 03001500 00000000 10020000 0a000200 00000000 00000000
001130.155545 Sdep 80 pf_key_v2_write: iov[6]:
001130.156006 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001130.156304 Sdep 80 pf_key_v2_write: iov[7]:
001130.160512 Sdep 80 03001600 00000000 10020000 c0a80000 00000000 00000000
001130.160885 Sdep 80 pf_key_v2_write: iov[8]:
001130.161340 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001130.161634 Sdep 80 pf_key_v2_write: iov[9]:
001130.161957 Sdep 80 01001300 00000000
001130.162982 Sdep 80 pf_key_v2_read: msg:
001130.163618 Sdep 80 020c0002 1d000000 09000000 383d0000 03000600
00000000 10020000 d536dd93
001130.164159 Sdep 80 00000000 00000000 05000a00 01000000 00000000
00000000 3231372e 3233322e
001130.165068 Sdep 80 38312e32 392f3332 00000000 00000000 05000b00
01000000 00000000 00000000
001130.165618 Sdep 80 3231332e 35342e32 32312e31 34372f33 32000000
00000000 03001100 00000000
001130.166149 Sdep 80 10020000 ffffff00 00000000 00000000 03001200
00000000 10020000 ffffff00
001130.166686 Sdep 80 00000000 00000000 01001300 00000000 01001400
03020000 03001500 00000000
001130.167222 Sdep 80 10020000 0a000200 00000000 00000000 03001600
00000000 10020000 c0a80000
001130.167563 Sdep 80 00000000 00000000
001130.168006 Misc 50 pf_key_v2_flow: ADDFLOW: done
001130.168725 Sdep 50 pf_key_v2_flow: src 192.168.0.0 255.255.255.0
dst 10.0.2.0 255.255.255.0 proto 0 sport 0 dport 0
001130.169153 Sdep 80 pf_key_v2_write: iov[0]:
001130.169561 Sdep 80 020c0002 1d000000 0a000000 383d0000
001130.169848 Sdep 80 pf_key_v2_write: iov[1]:
001130.184118 Sdep 80 05000a00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001130.184540 Sdep 80 00000000 00000000
001130.184827 Sdep 80 pf_key_v2_write: iov[2]:
001130.185333 Sdep 80 05000b00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001130.185680 Sdep 80 32000000 00000000
001130.185960 Sdep 80 pf_key_v2_write: iov[3]:
001130.186283 Sdep 80 01001400 01010000
001130.186608 Sdep 80 pf_key_v2_write: iov[4]:
001130.187072 Sdep 80 03000600 00000000 10020000 d536dd93 00000000 00000000
001130.187366 Sdep 80 pf_key_v2_write: iov[5]:
001130.187818 Sdep 80 03001500 00000000 10020000 c0a80000 00000000 00000000
001130.188114 Sdep 80 pf_key_v2_write: iov[6]:
001130.194236 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001130.194613 Sdep 80 pf_key_v2_write: iov[7]:
001130.195075 Sdep 80 03001600 00000000 10020000 0a000200 00000000 00000000
001130.195371 Sdep 80 pf_key_v2_write: iov[8]:
001130.195824 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001130.196116 Sdep 80 pf_key_v2_write: iov[9]:
001130.196440 Sdep 80 01001300 00000000
001130.197460 Sdep 80 pf_key_v2_read: msg:
001130.198047 Sdep 80 020c0002 1d000000 0a000000 383d0000 03000600
00000000 10020000 d536dd93
001130.198583 Sdep 80 00000000 00000000 05000a00 01000000 00000000
00000000 3231372e 3233322e
001130.210647 Sdep 80 38312e32 392f3332 00000000 00000000 05000b00
01000000 00000000 00000000
001130.211240 Sdep 80 3231332e 35342e32 32312e31 34372f33 32000000
00000000 03001100 00000000
001130.211779 Sdep 80 10020000 ffffff00 00000000 00000000 03001200
00000000 10020000 ffffff00
001130.212320 Sdep 80 00000000 00000000 01001300 00000000 01001400
01010000 03001500 00000000
001130.212861 Sdep 80 10020000 c0a80000 00000000 00000000 03001600
00000000 10020000 0a000200
001130.213206 Sdep 80 00000000 00000000
001130.213652 Misc 50 pf_key_v2_flow: ADDFLOW: done
001130.214004 SA   90 sa_find: return SA 0x3c067c00
001130.214313 SA   60 sa_mark_replaced: SA 0x3c067c00 (conn-tbase-gh)
marked as replaced
001130.214613 SA   90 sa_find: no SA matched query
001130.214944 SA   80 sa_release: SA 0x3c12d700 had 4 references
001130.215262 Timr 10 timer_remove_event: removing event
exchange_free_aux(0x3c12d600)
001130.215575 Exch 80 exchange_free_aux: freeing exchange 0x3c12d600
001130.215863 Mesg 20 message_free: freeing 0x3c06be00
001130.217290 Trpt 70 transport_release: freeing 0x3c06cfc0
001130.217715 SA   80 sa_release: SA 0x3c12d200 had 6 references
001205.520212 Timr 10 timer_handle_expirations: event
connection_checker(0x3c1eac20)
001205.524116 Timr 10 timer_add_event: event
connection_checker(0x3c1eac20) added before
exchange_free_aux(0x3c067a00), expiration in 60s
001205.524534 SA   90 sa_find: return SA 0x3c12d700
001205.524838 Sdep 70 pf_key_v2_connection_check: SA for conn-tbase-gh exists


----#### Peer gh ####----

# netstat -rn -f encap
Routing tables

Encap:
Source             Port  Destination        Port  Proto
SA(Address/Proto/Type/Direction)
10.0.2/24          0     192.168.0/24       0     0     217.232.81.29/50/use/in
192.168.0/24       0     10.0.2/24          0     0    
217.232.81.29/50/require/out
# cat /etc/isakmpd/isakmpd.conf

[Phase 1]
217.232.81.29=  peer-tbase

[Phase 2]
Connections=            conn-tbase-gh

[peer-tbase]
Phase=                  1
Transport=              udp
Address=                217.232.81.29
Configuration=          Default-main-mode
Authentication=         ultratester

[conn-tbase-gh]
Phase=                  2
ISAKMP-peer=            peer-tbase
Configuration=          Default-quick-mode
Local-ID=               net-gh
Remote-ID=              net-tbase

[net-tbase]
ID-type=                IPV4_ADDR_SUBNET
Network=                10.0.2.0
Netmask=                255.255.255.0

[net-gh]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.0.0
Netmask=                255.255.255.0

[Default-main-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          ID_PROT
Transforms=             3DES-SHA

[Default-quick-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          QUICK_MODE
Suites=                 QM-ESP-3DES-SHA-PFS-SUITE

# cat /etc/pf.conf

ext="tun0"
scrub in on $ext

altq on sis0 cbq bandwidth 100Mb queue { zusis1 defaultqsis0 }
queue defaultqsis0 bandwidth 90Mb priority 3 cbq(default)
queue zusis1 bandwidth 128Kb priority 3

altq on sis1 cbq bandwidth 100Mb queue { zusis0 defaultqsis1 }
queue defaultqsis1 bandwidth 90Mb priority 3 cbq(default)
queue zusis0 bandwidth 768Kb priority 3

nat on $ext from !($ext) -> ($ext)

block in
pass out keep state

pass quick on lo
pass quick on sis0 from 192.168.0.0/24 to 10.0.1.0/24 queue zusis1
pass quick on sis0

pass quick on sis1 from 10.0.1.0/24 to 192.168.0.0/24 queue zusis0
pass quick on sis1
antispoof quick for lo
pass in quick proto tcp to port ssh keep state
pass in quick proto gre keep state
pass out proto gre keep state

pass in quick proto esp
pass out quick proto esp
pass in on enc0 proto ipencap all
pass out on enc0
pass in on enc0 from 10.0.2.0/24 to 192.168.0.0/24
pass in on $ext inet proto udp from any port 500 to ($ext) port 500
pass in on $ext inet proto udp from any to ($ext) port 4500

# last output from isakmpd -d -DA=90 -D1=70

001338.075181 Sdep 50 pf_key_v2_set_spi: done
001338.086828 Sdep 40 pf_key_v2_convert_id: IPv4 address 213.54.221.147/32
001338.089650 Sdep 40 pf_key_v2_convert_id: IPv4 address 217.232.81.29/32
001338.090228 Sdep 10 pf_key_v2_set_spi: satype 2 dst 213.54.221.147
SPI 0xfeacc3af
001338.090626 Sdep 80 pf_key_v2_write: iov[0]:
001338.091033 Sdep 80 02020002 32000000 08000000 9b5d0000
001338.091321 Sdep 80 pf_key_v2_write: iov[1]:
001338.091706 Sdep 80 02000100 feacc3af 10010303 04000000
001338.091994 Sdep 80 pf_key_v2_write: iov[2]:
001338.097707 Sdep 80 04000300 00000000 00000000 00000000 b0040000
00000000 00000000 00000000
001338.102956 Sdep 80 pf_key_v2_write: iov[3]:
001338.105623 Sdep 80 04000400 00000000 00000000 00000000 38040000
00000000 00000000 00000000
001338.106009 Sdep 80 pf_key_v2_write: iov[4]:
001338.107021 Sdep 80 03000500 00000000 10020000 d9e8511d 00000000 00000000
001338.107342 Sdep 80 pf_key_v2_write: iov[5]:
001338.107794 Sdep 80 03000600 00000000 10020000 d536dd93 00000000 00000000
001338.108090 Sdep 80 pf_key_v2_write: iov[6]:
001338.108595 Sdep 80 04000800 a0000000 4fe5c800 bd9e6466 865d170f
5d575de8 87fe0601 00000000
001338.108900 Sdep 80 pf_key_v2_write: iov[7]:
001338.109402 Sdep 80 04000900 c0000000 ab38fe09 bce573e4 abf71221
d7c4f4ff 6f2508b0 180a0e8d
001338.109706 Sdep 80 pf_key_v2_write: iov[8]:
001338.110214 Sdep 80 05000b00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001338.110562 Sdep 80 32000000 00000000
001338.110842 Sdep 80 pf_key_v2_write: iov[9]:
001338.111350 Sdep 80 05000a00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001338.111701 Sdep 80 00000000 00000000
001338.111987 Sdep 80 pf_key_v2_write: iov[10]:
001338.112866 Sdep 80 01001400 00010000
001338.113192 Sdep 80 pf_key_v2_write: iov[11]:
001338.113515 Sdep 80 01001300 00000000
001338.113803 Sdep 80 pf_key_v2_write: iov[12]:
001338.114257 Sdep 80 03001600 00000000 10020000 c0a80000 00000000 00000000
001338.114558 Sdep 80 pf_key_v2_write: iov[13]:
001338.115135 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001338.115459 Sdep 80 pf_key_v2_write: iov[14]:
001338.115914 Sdep 80 03001500 00000000 10020000 0a000200 00000000 00000000
001338.116213 Sdep 80 pf_key_v2_write: iov[15]:
001338.116666 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001338.118225 Sdep 80 pf_key_v2_read: msg:
001338.118825 Sdep 80 02020002 2a000000 08000000 9b5d0000 02000100
feacc3af 10010303 04000000
001338.119391 Sdep 80 04000300 00000000 00000000 00000000 b0040000
00000000 00000000 00000000
001338.119951 Sdep 80 04000400 00000000 00000000 00000000 38040000
00000000 00000000 00000000
001338.120552 Sdep 80 03000500 00000000 10020000 d9e8511d 00000000
00000000 03000600 00000000
001338.124804 Sdep 80 10020000 d536dd93 00000000 00000000 05000a00
01000000 00000000 00000000
001338.125563 Sdep 80 3231372e 3233322e 38312e32 392f3332 00000000
00000000 05000b00 01000000
001338.126115 Sdep 80 00000000 00000000 3231332e 35342e32 32312e31
34372f33 32000000 00000000
001338.126673 Sdep 80 03001100 00000000 10020000 ffffff00 00000000
00000000 03001200 00000000
001338.127230 Sdep 80 10020000 ffffff00 00000000 00000000 01001300
00000000 01001400 00010000
001338.127790 Sdep 80 03001500 00000000 10020000 0a000200 00000000
00000000 03001600 00000000
001338.128208 Sdep 80 10020000 c0a80000 00000000 00000000
001338.128718 Sdep 50 pf_key_v2_set_spi: done
001338.129322 Exch 50 ipsec_finalize_exchange: src 192.168.0.0
255.255.255.0 dst 10.0.2.0 255.255.255.0 tproto 0 sport 0 dport 0
001338.129884 Sdep 40 pf_key_v2_convert_id: IPv4 address 213.54.221.147/32
001338.130293 Sdep 40 pf_key_v2_convert_id: IPv4 address 217.232.81.29/32
001338.135644 Sdep 50 pf_key_v2_flow: src 192.168.0.0 255.255.255.0
dst 10.0.2.0 255.255.255.0 proto 0 sport 0 dport 0
001338.136079 Sdep 80 pf_key_v2_write: iov[0]:
001338.136534 Sdep 80 020c0002 1d000000 09000000 9b5d0000
001338.136829 Sdep 80 pf_key_v2_write: iov[1]:
001338.137334 Sdep 80 05000a00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001338.137680 Sdep 80 32000000 00000000
001338.137964 Sdep 80 pf_key_v2_write: iov[2]:
001338.138468 Sdep 80 05000b00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001338.138813 Sdep 80 00000000 00000000
001338.139098 Sdep 80 pf_key_v2_write: iov[3]:
001338.139417 Sdep 80 01001400 03020000
001338.139700 Sdep 80 pf_key_v2_write: iov[4]:
001338.140150 Sdep 80 03000600 00000000 10020000 d9e8511d 00000000 00000000
001338.140448 Sdep 80 pf_key_v2_write: iov[5]:
001338.140899 Sdep 80 03001500 00000000 10020000 c0a80000 00000000 00000000
001338.141195 Sdep 80 pf_key_v2_write: iov[6]:
001338.141646 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001338.147202 Sdep 80 pf_key_v2_write: iov[7]:
001338.147696 Sdep 80 03001600 00000000 10020000 0a000200 00000000 00000000
001338.147996 Sdep 80 pf_key_v2_write: iov[8]:
001338.148449 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001338.148748 Sdep 80 pf_key_v2_write: iov[9]:
001338.149069 Sdep 80 01001300 00000000
001338.150056 Sdep 80 pf_key_v2_read: msg:
001338.150634 Sdep 80 020c0002 1d000000 09000000 9b5d0000 03000600
00000000 10020000 d9e8511d
001338.151173 Sdep 80 00000000 00000000 05000a00 01000000 00000000
00000000 3231332e 35342e32
001338.151711 Sdep 80 32312e31 34372f33 32000000 00000000 05000b00
01000000 00000000 00000000
001338.152293 Sdep 80 3231372e 3233322e 38312e32 392f3332 00000000
00000000 03001100 00000000
001338.152835 Sdep 80 10020000 ffffff00 00000000 00000000 03001200
00000000 10020000 ffffff00
001338.153379 Sdep 80 00000000 00000000 01001300 00000000 01001400
03020000 03001500 00000000
001338.153919 Sdep 80 10020000 c0a80000 00000000 00000000 03001600
00000000 10020000 0a000200
001338.159428 Sdep 80 00000000 00000000
001338.159934 Misc 50 pf_key_v2_flow: ADDFLOW: done
001338.160643 Sdep 50 pf_key_v2_flow: src 10.0.2.0 255.255.255.0 dst
192.168.0.0 255.255.255.0 proto 0 sport 0 dport 0
001338.161066 Sdep 80 pf_key_v2_write: iov[0]:
001338.161473 Sdep 80 020c0002 1d000000 0a000000 9b5d0000
001338.161765 Sdep 80 pf_key_v2_write: iov[1]:
001338.162272 Sdep 80 05000a00 01000000 00000000 00000000 3231332e
35342e32 32312e31 34372f33
001338.162620 Sdep 80 32000000 00000000
001338.162906 Sdep 80 pf_key_v2_write: iov[2]:
001338.163411 Sdep 80 05000b00 01000000 00000000 00000000 3231372e
3233322e 38312e32 392f3332
001338.163757 Sdep 80 00000000 00000000
001338.164043 Sdep 80 pf_key_v2_write: iov[3]:
001338.164364 Sdep 80 01001400 01010000
001338.164649 Sdep 80 pf_key_v2_write: iov[4]:
001338.177016 Sdep 80 03000600 00000000 10020000 d9e8511d 00000000 00000000
001338.182269 Sdep 80 pf_key_v2_write: iov[5]:
001338.184918 Sdep 80 03001500 00000000 10020000 0a000200 00000000 00000000
001338.192980 Sdep 80 pf_key_v2_write: iov[6]:
001338.199699 Sdep 80 03001100 00000000 10020000 ffffff00 00000000 00000000
001338.202142 Sdep 80 pf_key_v2_write: iov[7]:
001338.207621 Sdep 80 03001600 00000000 10020000 c0a80000 00000000 00000000
001338.210067 Sdep 80 pf_key_v2_write: iov[8]:
001338.215636 Sdep 80 03001200 00000000 10020000 ffffff00 00000000 00000000
001338.218082 Sdep 80 pf_key_v2_write: iov[9]:
001338.224025 Sdep 80 01001300 00000000
001338.225088 Sdep 80 pf_key_v2_read: msg:
001338.225794 Sdep 80 020c0002 1d000000 0a000000 9b5d0000 03000600
00000000 10020000 d9e8511d
001338.226343 Sdep 80 00000000 00000000 05000a00 01000000 00000000
00000000 3231332e 35342e32
001338.226879 Sdep 80 32312e31 34372f33 32000000 00000000 05000b00
01000000 00000000 00000000
001338.227408 Sdep 80 3231372e 3233322e 38312e32 392f3332 00000000
00000000 03001100 00000000
001338.227944 Sdep 80 10020000 ffffff00 00000000 00000000 03001200
00000000 10020000 ffffff00
001338.228486 Sdep 80 00000000 00000000 01001300 00000000 01001400
01010000 03001500 00000000
001338.233746 Sdep 80 10020000 0a000200 00000000 00000000 03001600
00000000 10020000 c0a80000
001338.234170 Sdep 80 00000000 00000000
001338.234598 Misc 50 pf_key_v2_flow: ADDFLOW: done
001338.234946 SA   90 sa_find: return SA 0x3c12d100
001338.235261 SA   60 sa_mark_replaced: SA 0x3c12d100 (conn-tbase-gh)
marked as replaced
001338.235757 SA   90 sa_find: no SA matched query
001338.236609 SA   80 sa_release: SA 0x3c12d500 had 4 references
001400.664902 Timr 10 timer_handle_expirations: event
connection_checker(0x3c1eac20)
001400.669963 Timr 10 timer_add_event: event
connection_checker(0x3c1eac20) added before
exchange_free_aux(0x3c067c00), expiration in 60s
001400.670394 SA   90 sa_find: return SA 0x3c12d500
001400.670697 Sdep 70 pf_key_v2_connection_check: SA for conn-tbase-gh exists
001500.914927 Timr 10 timer_handle_expirations: event
connection_checker(0x3c1eac20)
001500.919185 Timr 10 timer_add_event: event
connection_checker(0x3c1eac20) added before
sa_soft_expire(0x3c12d100), expiration in 60s
001500.921907 SA   90 sa_find: return SA 0x3c12d500
001500.926997 Sdep 70 pf_key_v2_connection_check: SA for conn-tbase-gh exists
001513.274215 Timr 10 timer_handle_expirations: event
exchange_free_aux(0x3c067c00)
001513.276713 Exch 80 exchange_free_aux: freeing exchange 0x3c067c00
001513.281818 Mesg 20 message_free: freeing 0x3c06b780
001513.284285 SA   80 sa_release: SA 0x3c067d00 had 5 references
001513.284668 Mesg 20 message_free: freeing 0x3c06b600
001513.285502 Trpt 70 transport_release: freeing 0x3c06cb40
001513.285912 SA   80 sa_release: SA 0x3c067d00 had 4 references
001533.240001 Timr 10 timer_handle_expirations: event
exchange_free_aux(0x3c067800)
001533.242551 Exch 80 exchange_free_aux: freeing exchange 0x3c067800
001533.246104 Mesg 20 message_free: freeing 0x3c06b300
001533.251327 SA   80 sa_release: SA 0x3c067900 had 5 references
001533.253778 Mesg 20 message_free: freeing 0x3c06b400
001533.258784 Trpt 70 transport_release: freeing 0x3c06c800
001533.261322 SA   80 sa_release: SA 0x3c067900 had 4 references
001600.930640 Timr 10 timer_handle_expirations: event
connection_checker(0x3c1eac20)
001600.938846 Timr 10 timer_add_event: event
connection_checker(0x3c1eac20) added before
sa_soft_expire(0x3c12d100), expiration in 60s
001600.944778 SA   90 sa_find: return SA 0x3c12d500
001600.945152 Sdep 70 pf_key_v2_connection_check: SA for conn-tbase-gh exists



Visit your host, monkey.org