[ previous ] [ next ] [ threads ]
 
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  "Manuel Kasper" <mk at neon1 dot net>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] New release and IPSec problem
 Date:  Mon, 3 Nov 2003 15:06:07 -0500
Manuel,

Here is my status.cgi at the moment I was trying to ping from 192.168.1.3
(remote network) to 192.168.2.3 (local network).  I can ping the opposite
way without a problem.  I can ping from the remote networks to my Lan
interface, 192.168.2.1 and get a response.  Anywhere beyond that, and I get
no response.  It appears it's making it through the WAN interface, but not
past the LAN interface.

Chris


***** Server statistics on Mon Nov  3 15:00:18 EST 2003 *****
***** System uptime *****
 3:00PM  up 1 day, 18:32, 0 users, load averages: 0.00, 0.00, 0.00
***** Interfaces *****
an0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.255.1 netmask 0xffffff00 broadcast 192.168.255.255
	ether 00:09:b7:f0:d7:12
	media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps)
	status: no carrier
	ssid iaroccinet 1:iaroccinet
	stationname iaroccinet
	channel 10 authmode OPEN powersavemode OFF powersavesleep 200
	wepmode OFF weptxkey 1
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
	ether 00:48:54:39:b7:23
	media: Ethernet autoselect (100baseTX)
	status: active
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 24.190.174.211 netmask 0xfffff000 broadcast 255.255.255.255
	ether 00:00:c5:8f:64:5a
	media: Ethernet autoselect (10baseT/UTP)
	status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
***** netstat -ni *****
Name  Mtu   Network       Address            Ipkts Ierrs    Opkts Oerrs
Coll
an0   1500  <Link#1>    00:09:b7:f0:d7:12        0     0        0     0
0
an0   1500  192.168.255   192.168.255.1          0     -
   0     -     -
rl0   1500  <Link#2>    00:48:54:39:b7:23   727498     0   668695     0
11
rl0   1500  192.168.2     192.168.2.1       354607     -
9231     -     -
fxp0  1500  <Link#3>    00:00:c5:8f:64:5a  2274418     0   394940     0
3798
fxp0  1500  24.190.160/20 24.190.174.211    157660     -
8290     -     -
lo0   16384 <Link#4>                             0     0        0     0
0
lo0   16384 127           127.0.0.1              0     -
   0     -     -
ppp0* 1500  <Link#5>                             0     0        0     0
0
sl0*  552   <Link#6>                             0     0        0     0
0
faith 1500  <Link#7>                             0     0        0     0
0
***** ipfw show *****
00100  309221  27530890 allow ip from 192.168.2.1 to any
00200  306861  41733681 allow ip from any to 192.168.2.1
00300  200050  41575127 pipe 1 ip from 192.168.2.199 to any via rl0
00400       0         0 pipe 2 tcp from any 21 to any 21 via rl0
65535 1555821 358659512 allow ip from any to any
***** ipnat -l *****
List of active MAP/Redirect filters:
map fxp0 192.168.2.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map fxp0 192.168.2.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map fxp0 192.168.2.0/24 -> 0.0.0.0/32
map fxp0 192.168.255.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map fxp0 192.168.255.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map fxp0 192.168.255.0/24 -> 0.0.0.0/32
rdr fxp0 0.0.0.0/0 port 21 -> 192.168.2.4 port 21 tcp
rdr fxp0 0.0.0.0/0 port 22 -> 192.168.2.3 port 22 tcp
rdr fxp0 0.0.0.0/0 port 25 -> 192.168.2.3 port 25 tcp
rdr fxp0 0.0.0.0/0 port 110 -> 192.168.2.3 port 110 tcp
rdr fxp0 0.0.0.0/0 port 143 -> 192.168.2.3 port 143 tcp
rdr fxp0 0.0.0.0/0 port 3389 -> 192.168.2.72 port 3389 tcp
rdr fxp0 0.0.0.0/0 port 8081 -> 192.168.2.72 port 8081 tcp
rdr fxp0 0.0.0.0/0 port 10000 -> 192.168.2.3 port 10000 tcp
rdr fxp0 0.0.0.0/0 port 5060- 5061 -> 192.168.2.199 port 5060 udp
rdr fxp0 0.0.0.0/0 port 10100- 10500 -> 192.168.2.199 port 10100 udp
rdr fxp0 0.0.0.0/0 port 20000 -> 192.168.2.3 port 20000 tcp

List of active sessions:
MAP 192.168.2.100   4885  <- -> 24.190.174.211  26321 [199.181.134.88 80]
	age 863832 use 0 sumd 0x5841/0x5841 pr 6 bkt 14/86 flags 1 drop 0/0
	ifp fxp0 bytes 1405 pkts 7
MAP 192.168.2.100   4884  <- -> 24.190.174.211  26320 [12.120.29.12 80]
	age 432 use 0 sumd 0x5841/0x5841 pr 6 bkt 20/108 flags 1 drop 0/0
	ifp fxp0 bytes 1087 pkts 7
MAP 192.168.2.72    1171  <- -> 24.190.174.211  19331 [66.252.8.3 53]
	age 518 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 28/54 flags 2 drop 0/0
	ifp fxp0 bytes 183 pkts 2
MAP 192.168.2.72    1171  <- -> 24.190.174.211  19331 [207.242.93.20 53]
	age 420 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 116/15 flags 2 drop 0/0
	ifp fxp0 bytes 188 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [66.187.224.210 53]
	age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 41/106 flags 2 drop 0/0
	ifp fxp0 bytes 308 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [195.86.128.22 53]
	age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 47/1 flags 2 drop 0/0
	ifp fxp0 bytes 229 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [194.165.94.1 53]
	age 158 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 86/40 flags 2 drop 0/0
	ifp fxp0 bytes 947 pkts 6
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [204.251.1.12 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 123/77 flags 2 drop 0/0
	ifp fxp0 bytes 420 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [203.20.52.5 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 5/86 flags 2 drop 0/0
	ifp fxp0 bytes 432 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [209.204.159.15 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 9/90 flags 2 drop 0/0
	ifp fxp0 bytes 502 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [204.152.186.189 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 31/96 flags 2 drop 0/0
	ifp fxp0 bytes 436 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [130.94.6.10 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 126/80 flags 2 drop 0/0
	ifp fxp0 bytes 484 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [209.208.0.104 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 17/82 flags 2 drop 0/0
	ifp fxp0 bytes 414 pkts 4
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [209.61.140.1 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 44/125 flags 2 drop 0/0
	ifp fxp0 bytes 204 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [193.190.198.10 53]
	age 189 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 36/117 flags 2 drop 0/0
	ifp fxp0 bytes 716 pkts 6
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [192.26.92.30 53]
	age 155 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 28/109 flags 2 drop 0/0
	ifp fxp0 bytes 228 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [66.187.233.210 53]
	age 156 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 94/32 flags 2 drop 0/0
	ifp fxp0 bytes 817 pkts 6
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [192.26.92.32 53]
	age 155 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 108/62 flags 2 drop 0/0
	ifp fxp0 bytes 208 pkts 2
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [209.142.2.8 53]
	age 189 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 17/98 flags 2 drop 0/0
	ifp fxp0 bytes 641 pkts 6
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [194.109.6.141 53]
	age 157 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 0/65 flags 2 drop 0/0
	ifp fxp0 bytes 720 pkts 6
MAP 192.168.2.3     32769 <- -> 24.190.174.211  1789  [66.6.205.130 53]
	age 427 use 0 sumd 0x8be1/0x8be1 pr 17 bkt 25/90 flags 2 drop 0/0
	ifp fxp0 bytes 1942 pkts 24
MAP 192.168.2.72    1171  <- -> 24.190.174.211  19331 [12.120.29.5 53]
	age 1031 use 0 sumd 0x4b91/0x4b91 pr 17 bkt 75/101 flags 2 drop 0/0
	ifp fxp0 bytes 16554 pkts 178
MAP 192.168.2.100   3752  <- -> 24.190.174.211  26448 [64.12.24.84 5190]
	age 863920 use 0 sumd 0x5d2d/0x5d2d pr 6 bkt 126/33 flags 1 drop 0/0
	ifp fxp0 bytes 68419 pkts 1376
MAP 192.168.2.100   2957  <- -> 24.190.174.211  26409 [205.188.179.80 5190]
	age 863975 use 0 sumd 0x6021/0x6021 pr 6 bkt 84/97 flags 1 drop 0/0
	ifp fxp0 bytes 228708 pkts 5299
MAP 192.168.2.199   5061  <- -> 24.190.174.211  51193 [12.144.47.27 5060]
	age 1185 use 0 sumd 0xb856/0xb856 pr 17 bkt 7/24 flags 2 drop 0/0
	ifp fxp0 bytes 9370076 pkts 30641

List of active host mappings:
192.168.2.3 -> 0.0.0.0 (use = 17 hv = 52)
192.168.2.100 -> 0.0.0.0 (use = 2 hv = 66)
192.168.2.100 -> 0.0.0.0 (use = 1 hv = 66)
192.168.2.100 -> 0.0.0.0 (use = 1 hv = 66)
192.168.2.72 -> 0.0.0.0 (use = 2 hv = 96)
192.168.2.72 -> 0.0.0.0 (use = 1 hv = 96)
192.168.2.199 -> 0.0.0.0 (use = 1 hv = 96)
***** ipfstat -v *****
opts 0x40 name /dev/ipl
 IPv6 packets:		in 0 out 0
 input packets:		blocked 514 passed 1311084 nomatch 0 counted 0 short 0
output packets:		blocked 35579 passed 1060899 nomatch 0 counted 0 short 0
 input packets logged:	blocked 514 passed 32239
output packets logged:	blocked 35579 passed 18384
 packets logged:	input 0 output 0
 log failures:		input 10141 output 7458
fragment state(in):	kept 21	lost 0
fragment state(out):	kept 21	lost 0
packet state(in):	kept 15786	lost 0
packet state(out):	kept 299661	lost 35579
ICMP replies:	0	TCP RSTs sent:	0
Invalid source(in):	0
Result cache hits(in):	53859	(out):	42939
IN Pullups succeeded:	0	failed:	0
OUT Pullups succeeded:	0	failed:	0
Fastroute successes:	0	failures:	0
TCP cksum fails(in):	0	(out):	0
Packet log flags set: (0x20000000)
	packets blocked by filter
***** ipfstat -hio *****
0 pass out quick on lo0 from any to any
112 pass out quick on rl0 proto udp from 192.168.2.1/32 port = 67 to any
port = 68
0 pass out quick on an0 proto udp from 192.168.255.1/32 port = 67 to any
port = 68
0 pass out quick on fxp0 proto udp from any port = 68 to any port = 67
39782 block out quick on rl0 from any to any head 150
32838 pass out quick proto udp from 192.168.2.1/32 to 192.168.2.0/24 port =
53 keep state group 150
0 pass out quick proto udp from 192.168.2.1/32 to 192.168.2.0/24 port = 514
keep state group 150
0 pass out quick proto icmp from 192.168.2.1/32 to 192.168.2.0/24 keep state
group 150
9045 block out quick on fxp0 from any to any head 250
5300 pass out quick proto esp from 24.190.174.211/32 to 24.187.115.86/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.187.115.86/32
group 250
6 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.187.115.86/32 group 250
864 pass out quick proto esp from 24.190.174.211/32 to 24.185.231.163/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.185.231.163/32
group 250
6 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.185.231.163/32 group 250
2390 pass out quick proto esp from 24.190.174.211/32 to 24.190.161.244/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.190.161.244/32
group 250
5 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.190.161.244/32 group 250
0 pass out quick proto ah from 24.190.174.211/32 to 24.184.150.82/32 group
250
0 pass out quick proto ipencap from 24.190.174.211/32 to 24.184.150.82/32
group 250
0 pass out quick proto udp from 24.190.174.211/32 port = 500 to
24.184.150.82/32 group 250
0 pass out quick proto esp from 24.190.174.211/32 to 207.198.250.254/32
group 250
0 pass out quick proto ipencap from 24.190.174.211/32 to 207.198.250.254/32
group 250
16 pass out quick proto udp from 24.190.174.211/32 port = 500 to
207.198.250.254/32 group 250
0 pass out quick proto tcp from any to any keep state group 250
0 pass out quick proto udp from any to any keep state group 250
6944 pass out quick proto icmp from any to any keep state group 250
0 block out quick on an0 from any to any head 350
0 pass out quick proto udp from 192.168.255.1/32 to 192.168.255.0/24 port =
53 keep state group 350
0 pass out quick proto udp from 192.168.255.1/32 to 192.168.255.0/24 port =
514 keep state group 350
0 pass out quick proto icmp from 192.168.255.1/32 to 192.168.255.0/24 keep
state group 350
0 block out quick from any to any
0 pass in quick on lo0 from any to any
0 block in quick from any to any with short
0 block in quick from any to any with ipopt
0 pass in quick on rl0 proto udp from any port = 68 to 255.255.255.255/32
port = 67
112 pass in quick on rl0 proto udp from any port = 68 to 192.168.2.1/32 port
= 67
0 pass in quick on an0 proto udp from any port = 68 to 255.255.255.255/32
port = 67
0 pass in quick on an0 proto udp from any port = 68 to 192.168.255.1/32 port
= 67
0 block in log quick on fxp0 from 192.168.2.0/24 to any
0 block in log quick on fxp0 from 192.168.255.0/24 to any
0 block in log quick on fxp0 proto udp from any port = 67 to 192.168.2.0/24
port = 68
718 pass in quick on fxp0 proto udp from any port = 67 to any port = 68
0 block in quick on rl0 from !192.168.2.0/24 to any
0 block in quick on an0 from !192.168.255.0/24 to any
492 skip 1 in proto tcp from any to any flags S/FSRA
0 block in quick proto tcp from any to any
2042 block in quick on rl0 from any to any head 100
180 pass in quick from 192.168.2.0/24 to 192.168.2.1/32 keep state group 100
1862 pass in log quick from 192.168.0.0/16 to any keep state keep frags
group 100
0 pass in quick from 192.168.2.0/24 to any keep state keep frags group 100
5317 block in log quick on fxp0 from any to any head 200
4065 pass in quick proto esp from 24.187.115.86/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.187.115.86/32 to 24.190.174.211/32
group 200
4 pass in quick proto udp from 24.187.115.86/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.4.0/24 to 192.168.2.0/24 keep state group 200
2832 pass in quick proto esp from 24.185.231.163/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.185.231.163/32 to 24.190.174.211/32
group 200
4 pass in quick proto udp from 24.185.231.163/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.3.0/24 to 192.168.2.0/24 keep state group 200
5743 pass in quick proto esp from 24.190.161.244/32 to 24.190.174.211/32
group 200
0 pass in quick proto ipencap from 24.190.161.244/32 to 24.190.174.211/32
group 200
15 pass in quick proto udp from 24.190.161.244/32 to 24.190.174.211/32 port
= 500 group 200
0 pass in quick from 192.168.1.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick proto ah from 24.184.150.82/32 to 24.190.174.211/32 group
200
0 pass in quick proto ipencap from 24.184.150.82/32 to 24.190.174.211/32
group 200
0 pass in quick proto udp from 24.184.150.82/32 to 24.190.174.211/32 port =
500 group 200
0 pass in quick from 192.168.5.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick from 192.168.6.0/24 to 192.168.2.0/24 keep state group 200
0 pass in quick proto esp from 207.198.250.254/32 to 24.190.174.211/32 group
200
0 pass in quick proto ipencap from 207.198.250.254/32 to 24.190.174.211/32
group 200
24 pass in quick proto udp from 207.198.250.254/32 to 24.190.174.211/32 port
= 500 group 200
0 pass in quick from 172.16.0.0/16 to 192.168.2.0/24 keep state group 200
20 pass in quick proto icmp from any to any keep state group 200
0 pass in log quick from 192.168.0.0/16 to any keep state keep frags group
200
0 pass in quick proto tcp from any to 192.168.2.4/32 port 19 >< 22 keep
state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 22 keep state
group 200
116 pass in quick proto tcp from any to 192.168.2.3/32 port = 25 keep state
group 200
0 pass in quick proto tcp from any to 192.168.2.72/32 port = 80 keep state
group 200
122 pass in quick proto tcp from any to 192.168.2.3/32 port = 110 keep state
group 200
26 pass in quick proto tcp from any to any port = 443 keep state group 200
0 pass in quick proto tcp from any to 192.168.2.72/32 port = 3389 keep state
group 200
12 pass in quick proto tcp from any to 192.168.2.72/32 port = 8081 keep
state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 10000 keep state
group 200
0 pass in quick proto udp from any to 192.168.2.199/32 port 5059 >< 5062
keep state group 200
0 pass in quick proto udp from any to 192.168.2.199/32 port 10099 >< 10501
keep state group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 143 keep state
group 200
0 pass in quick proto tcp from any to 192.168.2.3/32 port = 20000 keep state
group 200
0 block in quick on an0 from any to any head 300
0 pass in quick from any to any keep state keep frags group 300
0 block in quick from any to any
***** resolv.conf *****
domain home.eastendsc.net
nameserver 192.168.2.72
nameserver 192.168.1.3
***** Processes *****
USER   PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
root  1116 13.0  1.7  1332  832  ??  SN    3:00PM   0:00.14 /bin/sh
status.cgi
root  1118  3.0  3.6  2364 1816  ??  S     3:00PM   0:00.04
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root     2  0.0  0.0     0    0  ??  DL   Sat08PM   0:00.00  (cryptoret)
root     3  0.0  0.0     0    0  ??  DL   Sat08PM   0:00.00  (taskqueue)
root     4  0.0  0.0     0    0  ??  DL   Sat08PM   0:00.24  (pagedaemon)
root     5  0.0  0.0     0    0  ??  DL   Sat08PM   0:01.25  (bufdaemon)
root     6  0.0  0.0     0    0  ??  DL   Sat08PM   0:07.57  (syncer)
root     7  0.0  0.0     0    0  ??  DL   Sat08PM   0:01.40  (vnlru)
root    71  0.0  2.2  1432 1104  ??  Is   Sat08PM   0:01.18
/sbin/dhclient -nw fxp0
root    84  0.0  2.4  1448 1200  ??  Ss   Sat08PM   0:25.91 /sbin/ipmon -sD
root    89  0.0  1.4   984  692  ??  Ss   Sat08PM   1:54.65
/usr/sbin/syslogd -ss
root    94  0.0  3.2  2280 1604  ??  Ss   Sat08PM   0:00.36
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root    97  0.0  1.5  1008  740 con- S    Sat08PM   0:00.20
/usr/local/bin/ez-ipupdate -c /var/etc/ez-ipupdate.conf
root   100  0.0  3.1  1888 1544  ??  Is   Sat08PM   0:02.06
/usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf rl0 an0
root   103  0.0  3.4  2508 1696 con- I    Sat08PM   0:01.06
/usr/local/sbin/snmpd -c /var/etc/snmpd.conf -P /var/run/snmpd.pid
root   105  0.0  1.6  1324  824 con- S    Sat08PM   6:12.00 /bin/sh
/usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300
clock.linuxshell.net time.chu.nrc.ca
root   125  0.0  1.7  1328  856  ??  I    Sat08PM   0:00.02 /bin/sh
/etc/rc.initial console
root   167  0.0  4.8  2912 2428  ??  Ss   Sat08PM   1:18.08
/usr/local/sbin/racoon -d -f /var/etc/racoon.conf
root  1115  0.0  0.7   868  340  ??  S     3:00PM   0:00.00 sleep 1
root  1117  0.0  3.6  2364 1816  ??  S     3:00PM   0:00.00
/usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c cgi-bin/*|**.php -u
root -i /var/run/mini_httpd.pid
root     0  0.0  0.0     0    0  ??  DLs  Sat08PM   0:00.00  (swapper)
root  1128  0.0  1.3  1072  644  ??  RN    3:00PM   0:00.00 ps xauww
root     1  0.0  1.4  1052  684  ??  ILs  Sat08PM   0:00.05 /sbin/init --
***** top -b *****
last pid:  1129;  load averages:  0.00,  0.00,  0.00  up 1+18:32:59
15:00:18
15 processes:  1 running, 14 sleeping

Mem: 6040K Active, 4312K Inact, 5168K Wired, 4992K Buf, 34M Free
Swap:


  PID USERNAME PRI NICE  SIZE    RES STATE    TIME   WCPU    CPU COMMAND
 1116 root      10  10  1332K   832K wait     0:00 13.00%  0.63% sh
 1118 root      -6   0  2364K  1816K piperd   0:00  3.00%  0.15% mini_httpd
  105 root      10   0  1324K   824K wait     6:12  0.00%  0.00% sh
   89 root       2   0   984K   692K select   1:55  0.00%  0.00% syslogd
  167 root       2   0  2912K  2428K select   1:18  0.00%  0.00% racoon
   84 root      10   0  1448K  1200K nanslp   0:26  0.00%  0.00% ipmon
  100 root       2   0  1888K  1544K select   0:02  0.00%  0.00% dhcpd
   71 root       2   0  1432K  1104K select   0:01  0.00%  0.00% dhclient
  103 root       2   0  2508K  1696K select   0:01  0.00%  0.00% snmpd
   94 root       2   0  2280K  1604K accept   0:00  0.00%  0.00% mini_httpd
   97 root      10   0  1008K   740K nanslp   0:00  0.00%  0.00% ez-ipupdate
  125 root       3   0  1328K   856K ttyin    0:00  0.00%  0.00% sh
 1115 root      10   0   868K   340K nanslp   0:00  0.00%  0.00% sleep
 1117 root       2   0  2364K  1816K sbwait   0:00  0.00%  0.00% mini_httpd
 1129 root      48  10  1864K   928K RUN      0:00  0.00%  0.00% top

***** dhcpd.conf *****
option domain-name "home.eastendsc.net";
option domain-name-servers 192.168.2.72,192.168.1.3;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
ddns-update-style none;
subnet 192.168.2.0 netmask 255.255.255.0 {
    range 192.168.2.100 192.168.2.198;
    option routers 192.168.2.1;
}
host s_lan_0 {
    hardware ethernet 00:0c:30:a8:61:f4;
    fixed-address 192.168.2.199;
}
subnet 192.168.255.0 netmask 255.255.255.0 {
    range 192.168.255.240 192.168.255.250;
    option routers 192.168.255.1;
}
***** /conf/ez-ipupdate.cache *****
1067736600,24.190.174.211
***** df *****
Filesystem 512-blocks  Used Avail Capacity  Mounted on
/dev/md0c       19774 17068  1126    94%    /
procfs              8     8     0   100%    /proc
/dev/ad0a        9854  9506  -440   105%    /cf
***** /var/etc/racoon.conf *****
path pre_shared_key "/var/etc/psk.txt";

remote 24.187.115.86 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 24.187.115.86;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm 3des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 2;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 192.168.4.0/24 any {
    encryption_algorithm 3des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 86400 secs;
}

remote 24.185.231.163 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 24.185.231.163;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm 3des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 2;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 192.168.3.0/24 any {
    encryption_algorithm 3des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 86400 secs;
}

remote 24.190.161.244 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 24.190.161.244;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm 3des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 2;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 192.168.1.0/24 any {
    encryption_algorithm 3des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 86400 secs;
}

remote 24.184.150.82 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 24.184.150.82;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 2;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 192.168.5.0/24 any {
    encryption_algorithm des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 86400 secs;
}

remote 24.190.161.244 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 24.190.161.244;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm 3des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 2;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 192.168.6.0/24 any {
    encryption_algorithm 3des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 86400 secs;
}

remote 207.198.250.254 {
    exchange_mode main;
    my_identifier address "24.190.174.211";
    peers_identifier address 207.198.250.254;
    initial_contact on;
    support_proxy on;
    proposal_check obey;
    proposal {
        encryption_algorithm 3des;
        hash_algorithm md5;
        authentication_method pre_shared_key;
        dh_group 5;
        lifetime time 86400 secs;
    }
    lifetime time 86400 secs;
}

sainfo address 192.168.2.0/24 any address 172.16.0.0/16 any {
    encryption_algorithm des,3des,blowfish,cast128,rijndael;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    pfs_group 5;
    lifetime time 86400 secs;
}

***** SPD *****
192.168.4.0/24[any] 192.168.2.0/24[any] any
	in ipsec
	esp/tunnel/24.187.115.86-24.190.174.211/require
	spid=2 seq=11 pid=1134
	refcnt=1
192.168.3.0/24[any] 192.168.2.0/24[any] any
	in ipsec
	esp/tunnel/24.185.231.163-24.190.174.211/require
	spid=4 seq=10 pid=1134
	refcnt=1
192.168.1.0/24[any] 192.168.2.0/24[any] any
	in ipsec
	esp/tunnel/24.190.161.244-24.190.174.211/require
	spid=6 seq=9 pid=1134
	refcnt=1
192.168.5.0/24[any] 192.168.2.0/24[any] any
	in ipsec
	ah/tunnel/24.184.150.82-24.190.174.211/require
	spid=8 seq=8 pid=1134
	refcnt=1
192.168.6.0/24[any] 192.168.2.0/24[any] any
	in ipsec
	esp/tunnel/24.190.161.244-24.190.174.211/require
	spid=10 seq=7 pid=1134
	refcnt=1
172.16.0.0/16[any] 192.168.2.0/24[any] any
	in ipsec
	esp/tunnel/207.198.250.254-24.190.174.211/require
	spid=12 seq=6 pid=1134
	refcnt=1
192.168.2.0/24[any] 192.168.4.0/24[any] any
	out ipsec
	esp/tunnel/24.190.174.211-24.187.115.86/require
	spid=1 seq=5 pid=1134
	refcnt=1
192.168.2.0/24[any] 192.168.3.0/24[any] any
	out ipsec
	esp/tunnel/24.190.174.211-24.185.231.163/require
	spid=3 seq=4 pid=1134
	refcnt=1
192.168.2.0/24[any] 192.168.1.0/24[any] any
	out ipsec
	esp/tunnel/24.190.174.211-24.190.161.244/require
	spid=5 seq=3 pid=1134
	refcnt=1
192.168.2.0/24[any] 192.168.5.0/24[any] any
	out ipsec
	ah/tunnel/24.190.174.211-24.184.150.82/require
	spid=7 seq=2 pid=1134
	refcnt=1
192.168.2.0/24[any] 192.168.6.0/24[any] any
	out ipsec
	esp/tunnel/24.190.174.211-24.190.161.244/require
	spid=9 seq=1 pid=1134
	refcnt=1
192.168.2.0/24[any] 172.16.0.0/16[any] any
	out ipsec
	esp/tunnel/24.190.174.211-207.198.250.254/require
	spid=11 seq=0 pid=1134
	refcnt=1
***** SAD *****
24.190.174.211 24.187.115.86
	esp mode=tunnel spi=3141877105(0xbb453d71) reqid=0(0x00000000)
	E: 3des-cbc  ca25d3e6 0e896513 49d3c59f 9db6e3de 17b2ee27 d885c4cd
	A: hmac-md5  b67e335c 76e4a0e8 dac0266f b3410749
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 10:55:58 2003	current: Nov  3 15:00:19 2003
	diff: 14661(s)	hard: 86400(s)	soft: 69120(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=11 pid=1135 refcnt=1
24.190.174.211 24.187.115.86
	esp mode=tunnel spi=1464130428(0x5744db7c) reqid=0(0x00000000)
	E: 3des-cbc  3650af8f 2e082f4b aece2ee9 a2023731 5fe2817e e30094e9
	A: hmac-md5  0937c44b d7a13449 6aff6e21 e89ae1b5
	seq=0x00004f61 replay=4 flags=0x00000000 state=dying
	created: Nov  2 15:43:31 2003	current: Nov  3 15:00:19 2003
	diff: 83808(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 14:59:39 2003	hard: 0(s)	soft: 0(s)
	current: 4292784(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 20321	hard: 0	soft: 0
	sadb_seq=10 pid=1135 refcnt=2
24.190.174.211 24.185.231.163
	esp mode=tunnel spi=2804222748(0xa7250b1c) reqid=0(0x00000000)
	E: 3des-cbc  89d96d64 19abff8a b03d120f 27d4e3df ef20ecce b697c391
	A: hmac-md5  a8a15e4b a609a0e7 47ade95c c3413ff4
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 10:55:51 2003	current: Nov  3 15:00:19 2003
	diff: 14668(s)	hard: 86400(s)	soft: 69120(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=9 pid=1135 refcnt=1
24.190.174.211 24.185.231.163
	esp mode=tunnel spi=1288626683(0x4ccee1fb) reqid=0(0x00000000)
	E: 3des-cbc  ed2608c1 c41fcec5 a10ca955 62881075 8e4a273b 544301e7
	A: hmac-md5  59d7fbda fbb91d95 03d19167 83cdc6ec
	seq=0x00000a99 replay=4 flags=0x00000000 state=dying
	created: Nov  2 15:43:25 2003	current: Nov  3 15:00:19 2003
	diff: 83814(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 14:59:39 2003	hard: 0(s)	soft: 0(s)
	current: 687896(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 2713	hard: 0	soft: 0
	sadb_seq=8 pid=1135 refcnt=2
24.187.115.86 24.190.174.211
	esp mode=tunnel spi=234500906(0x0dfa332a) reqid=0(0x00000000)
	E: 3des-cbc  4770b4c2 05470fc6 a67524be 433632de bc636435 b7268bb6
	A: hmac-md5  3c367ff6 06b4223b db81d4e8 2c083040
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 10:55:58 2003	current: Nov  3 15:00:19 2003
	diff: 14661(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 14:59:50 2003	hard: 0(s)	soft: 0(s)
	current: 747097(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 3589	hard: 0	soft: 0
	sadb_seq=7 pid=1135 refcnt=1
24.187.115.86 24.190.174.211
	esp mode=tunnel spi=162358996(0x09ad66d4) reqid=0(0x00000000)
	E: 3des-cbc  fa5fb765 d4b7b307 d5211836 799f8ceb dcecbc15 2f45c638
	A: hmac-md5  986ec721 f6fa838b 89524daa 2c0b71be
	seq=0x00000000 replay=4 flags=0x00000000 state=dying
	created: Nov  2 15:43:31 2003	current: Nov  3 15:00:19 2003
	diff: 83808(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 10:55:48 2003	hard: 0(s)	soft: 0(s)
	current: 2733189(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 13877	hard: 0	soft: 0
	sadb_seq=6 pid=1135 refcnt=1
24.185.231.163 24.190.174.211
	esp mode=tunnel spi=262797136(0x0fa9f750) reqid=0(0x00000000)
	E: 3des-cbc  b9c2d36c fe0fa52b 26112576 2481328e 6193f6d5 cd9290cf
	A: hmac-md5  92276a08 4b465446 caeb305b c6bfbe99
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 10:55:51 2003	current: Nov  3 15:00:19 2003
	diff: 14668(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 15:00:03 2003	hard: 0(s)	soft: 0(s)
	current: 227010(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 2445	hard: 0	soft: 0
	sadb_seq=5 pid=1135 refcnt=1
24.185.231.163 24.190.174.211
	esp mode=tunnel spi=28890902(0x01b8d716) reqid=0(0x00000000)
	E: 3des-cbc  fee71586 9a6c6361 0646e9a5 f0638869 d8ee0000 f591562b
	A: hmac-md5  24550cd0 6093f4bc 40242f67 c0c49bee
	seq=0x00000000 replay=4 flags=0x00000000 state=dying
	created: Nov  2 15:43:25 2003	current: Nov  3 15:00:19 2003
	diff: 83814(s)	hard: 86400(s)	soft: 69120(s)
	last: Nov  3 10:55:29 2003	hard: 0(s)	soft: 0(s)
	current: 658433(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 5624	hard: 0	soft: 0
	sadb_seq=4 pid=1135 refcnt=1
24.190.174.211 207.198.250.254
	esp mode=tunnel spi=2875911984(0xab6aef30) reqid=0(0x00000000)
	E: 3des-cbc  8268f5de cef172d7 c12d333a 9c5de5c8 61519d90 6e108fe6
	A: hmac-md5  110d9c38 c3290791 312430e7 98aa0b0e
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 11:09:19 2003	current: Nov  3 15:00:19 2003
	diff: 13860(s)	hard: 28800(s)	soft: 23040(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=3 pid=1135 refcnt=1
207.198.250.254 24.190.174.211
	esp mode=tunnel spi=166809109(0x09f14e15) reqid=0(0x00000000)
	E: 3des-cbc  5185d814 cab660c1 df00b677 2b4ebbb9 a5629293 2942d911
	A: hmac-md5  8b61635d d685ad5a 3f1ef7fa 207390b3
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 11:09:19 2003	current: Nov  3 15:00:19 2003
	diff: 13860(s)	hard: 28800(s)	soft: 23040(s)
	last:                     	hard: 0(s)	soft: 0(s)
	current: 0(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 0	hard: 0	soft: 0
	sadb_seq=2 pid=1135 refcnt=1
24.190.174.211 24.190.161.244
	esp mode=tunnel spi=2012315772(0x77f1807c) reqid=0(0x00000000)
	E: 3des-cbc  b3c75794 1c479dd8 fbb13cd8 41e88466 27653e02 0c21216f
	A: hmac-md5  e996e77f 165f507f 7ad21ac5 9c43c154
	seq=0x0000000c replay=4 flags=0x00000000 state=mature
	created: Nov  3 14:58:17 2003	current: Nov  3 15:00:19 2003
	diff: 122(s)	hard: 3600(s)	soft: 2880(s)
	last: Nov  3 15:00:08 2003	hard: 0(s)	soft: 0(s)
	current: 4400(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 12	hard: 0	soft: 0
	sadb_seq=1 pid=1135 refcnt=2
24.190.161.244 24.190.174.211
	esp mode=tunnel spi=63425646(0x03c7cc6e) reqid=0(0x00000000)
	E: 3des-cbc  5363debc 1e8b93ce 852e9613 50bd39b3 368a73ce 9dc3ffbc
	A: hmac-md5  7e6ecf8c 6e4c4ffe 1438a3f5 937d5a20
	seq=0x00000000 replay=4 flags=0x00000000 state=mature
	created: Nov  3 14:58:17 2003	current: Nov  3 15:00:19 2003
	diff: 122(s)	hard: 3600(s)	soft: 2880(s)
	last: Nov  3 15:00:18 2003	hard: 0(s)	soft: 0(s)
	current: 7537(bytes)	hard: 0(bytes)	soft: 0(bytes)
	allocated: 68	hard: 0	soft: 0
	sadb_seq=0 pid=1135 refcnt=1
***** last 200 system log entries *****
Nov  3 14:58:41 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:41 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:42 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:42 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:43 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:43 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:44 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:44 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:45 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:45 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:46 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:46 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:47 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:47 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:48 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:48 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:49 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:49 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:50 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:50 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:51 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:51 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:52 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:52 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:53 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:53 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:54 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:54 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:55 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:55 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:56 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:56 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:57 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:57 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:58 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:58 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:58:59 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:58:59 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:00 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:00 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:01 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:01 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:02 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:02 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:03 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:03 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:04 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:04 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:05 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:05 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:06 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:06 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:07 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:07 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:08 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:08 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:09 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:09 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:10 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:10 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:11 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:11 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:12 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:12 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:13 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:13 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:14 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:14 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:15 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:15 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:16 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:16 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:17 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:17 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:18 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:19 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:19 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:20 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:20 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:21 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:21 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:22 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:22 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:23 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:23 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:24 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:24 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:25 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:25 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:26 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:26 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:27 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:27 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:28 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:28 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:29 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:29 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:30 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:30 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:31 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:31 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:32 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:32 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:33 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:33 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:34 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:34 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:35 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:35 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:36 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:36 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:37 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:37 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:38 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:38 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:39 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:39 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:40 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:40 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:41 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:41 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:42 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:42 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:43 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:43 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:44 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:44 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:45 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:45 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:46 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:46 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:47 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:47 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:48 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:48 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:49 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:49 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:50 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:50 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:51 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:51 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:52 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:52 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:53 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:53 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:54 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:54 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:55 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:55 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:56 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:56 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:57 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:57 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:58 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:58 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 14:59:59 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 14:59:59 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:00 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:00 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:01 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:01 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:02 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:02 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:03 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:03 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:04 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:04 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:05 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:05 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:06 gw1 racoon: INFO: isakmp_inf.c:925:purge_ipsec_spi(): purged
IPsec-SA proto_id=ESP spi=2769982832.
Nov  3 15:00:06 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:06 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:07 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:07 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:08 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:08 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:09 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:09 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:10 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:10 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:11 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:11 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:12 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:12 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:13 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:13 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:14 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:14 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:15 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:15 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:16 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:16 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:17 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:17 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
Nov  3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 156,
got 182 for Rid ff10
Nov  3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 138,
got 144 for Rid ff50
Nov  3 15:00:18 gw1 /kernel: an0: record length mismatch -- expected 430,
got 440 for Rid ff68
***** last 50 filter log entries *****
Nov  3 14:59:51 gw1 ipmon[84]: 14:59:51.094390 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 14:59:54 gw1 ipmon[84]: 14:59:54.211620 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov  3 14:59:54 gw1 ipmon[84]: 14:59:54.215528 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov  3 14:59:55 gw1 ipmon[84]: 14:59:54.676148 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 14:59:55 gw1 ipmon[84]: 14:59:54.704466 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 14:59:55 gw1 ipmon[84]: 14:59:54.859171 rl0 @100:2 p
192.168.2.100,4884 -> 12.120.29.12,80 PR tcp len 20 40 -R K-S K-F IN
Nov  3 14:59:55 gw1 ipmon[84]: 14:59:54.859254 fxp0 @100:2 p
24.190.174.211,26320 -> 12.120.29.12,80 PR tcp len 20 40 -R K-S K-F OUT
Nov  3 14:59:55 gw1 ipmon[84]: 14:59:55.380318 2x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 14:59:56 gw1 ipmon[84]: 14:59:55.920024 3x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 14:59:56 gw1 ipmon[84]: 14:59:56.576665 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 14:59:57 gw1 ipmon[84]: 14:59:56.729912 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 14:59:57 gw1 ipmon[84]: 14:59:57.167882 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov  3 14:59:57 gw1 ipmon[84]: 14:59:57.171824 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov  3 14:59:57 gw1 ipmon[84]: 14:59:57.671342 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 14:59:58 gw1 ipmon[84]: 14:59:57.706333 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 15:00:02 gw1 ipmon[84]: 15:00:02.112581 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 15:00:03 gw1 ipmon[84]: 15:00:03.234219 rl0 @0:5 B
192.168.1.3,1179 -> 192.168.2.72,2161 PR tcp len 20 48 -S OUT
Nov  3 15:00:03 gw1 ipmon[84]: 15:00:03.234565 rl0 @0:5 B
192.168.1.3,1178 -> 192.168.2.4,2161 PR tcp len 20 48 -S OUT
Nov  3 15:00:03 gw1 ipmon[84]: 15:00:03.715300 rl0 @0:5 B
192.168.3.3,4237 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 15:00:03 gw1 ipmon[84]: 15:00:03.735295 rl0 @0:5 B
192.168.1.3,1180 -> 192.168.2.72,135 PR tcp len 20 48 -S OUT
Nov  3 15:00:07 gw1 ipmon[84]: 15:00:07.009459 3x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 15:00:07 gw1 ipmon[84]: 15:00:07.584726 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:07.820825 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.020732 rl0 @100:2 p 192.168.2.100 ->
192.168.1.3 PR icmp len 20 60 icmp echo/0 K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.050186 rl0 @100:2 p 192.168.1.3 ->
192.168.2.100 PR icmp len 20 60 icmp echoreply/0 K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.050812 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 52 -S K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.051340 rl0 @100:2 p 192.168.2.100 ->
192.168.1.3 PR icmp len 20 60 icmp echo/0 K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.074263 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 52 -AS K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.074540 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 40 -A K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.074908 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 177 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.086947 rl0 @100:2 p 192.168.1.3 ->
192.168.2.100 PR icmp len 20 60 icmp echoreply/0 K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.089129 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.127318 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 236 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.130549 rl0 @100:2 p 192.168.2.100,48
86 -> 192.168.1.3,445 PR tcp len 20 1500 -A K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.131805 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 1256 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.178438 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 40 -A K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.187896 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 349 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.189032 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 178 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.218009 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 100 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.218633 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 116 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.256184 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 228 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.260898 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 154 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.288842 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 386 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.289755 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 126 -AP K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.358952 rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.384593 rl0 @100:2 p
192.168.1.3,445 -> 192.168.2.100,4886 PR tcp len 20 244 -AP K-S K-F OUT
Nov  3 15:00:08 gw1 ipmon[84]: 15:00:08.528716 rl0 @100:2 p
192.168.2.100,4886 -> 192.168.1.3,445 PR tcp len 20 40 -A K-S K-F IN
Nov  3 15:00:12 gw1 ipmon[84]: 15:00:12.652236 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 15:00:18 gw1 ipmon[84]: 15:00:18.095004 rl0 @0:5 B 192.168.1.3 ->
192.168.2.3 PR icmp len 20 60 icmp echo/0 OUT
Nov  3 15:00:18 gw1 ipmon[84]: 15:00:18.638506 2x rl0 @100:2 p
192.168.2.3,37911 -> 192.168.2.255,137 PR udp len 20 78 K-S K-F IN
***** ls /conf *****
config.xml
ez-ipupdate.cache
***** ls /var/run *****
dev.db
dhclient.pid
dhcpd.pid
ez-ipupdate.pid
htpasswd
ipmon.pid
ld-elf.so.hints
log
mini_httpd.pid
racoon.pid
runmsntp.pid
snmpd.pid
syslog.pid
utmp
***** config.xml *****
<?xml version="1.0"?>
<m0n0wall>
	<version>1.3</version>
	<system>
		<hostname>gw1</hostname>
		<domain>home.eastendsc.net</domain>
		<password>$1$eISRf7G8$O6b4DBCgG2EQgSs2Jau/z1</password>
		<timezone>EST5EDT</timezone>
		<time-update-interval>300</time-update-interval>
		<timeservers>clock.linuxshell.net time.chu.nrc.ca</timeservers>
		<webgui>
			<protocol>https</protocol>
		</webgui>
		<dnsserver>192.168.2.72</dnsserver>
		<dnsserver>192.168.1.3</dnsserver>
	</system>
	<interfaces>
		<lan>
			<if>rl0</if>
			<ipaddr>192.168.2.1</ipaddr>
			<subnet>24</subnet>
		</lan>
		<wan>
			<if>fxp0</if>
			<spoofmac>00:00:c5:8f:64:5a</spoofmac>
			<ipaddr>dhcp</ipaddr>
		</wan>
		<opt1>
			<if>an0</if>
			<wireless>
				<mode>BSS</mode>
				<ssid>iaroccinet</ssid>
				<stationname>iaroccinet</stationname>
				<channel>10</channel>
				<wep>
					<key>
						<value>0x12345678901234567890123456</value>
						<txkey/>
					</key>
					<key>
						<value>0x12345678901234567890123456</value>
					</key>
					<key>
						<value>0x12345678901234567890123456</value>
					</key>
					<key>
						<value>0x12345678901234567890123456</value>
					</key>
				</wep>
			</wireless>
			<descr>Aironet 350 card</descr>
			<ipaddr>192.168.255.1</ipaddr>
			<subnet>24</subnet>
			<bridge/>
			<enable/>
		</opt1>
	</interfaces>
	<pppoe/>
	<pptp/>
	<dyndns>
		<type>zoneedit</type>
		<username>ciarocci</username>
		<password>April4</password>
		<host>eastendsc.net</host>
		<mx>mail.eastendsc.net</mx>
		<enable/>
	</dyndns>
	<dhcpd>
		<lan>
			<range>
				<from>192.168.2.100</from>
				<to>192.168.2.198</to>
			</range>
			<enable/>
			<staticmap>
				<mac>00:0c:30:a8:61:f4</mac>
				<ipaddr>192.168.2.199</ipaddr>
				<descr>Cisco voice router</descr>
			</staticmap>
		</lan>
		<opt1>
			<range>
				<from>192.168.255.240</from>
				<to>192.168.255.250</to>
			</range>
			<enable/>
		</opt1>
	</dhcpd>
	<pptpd>
		<mode/>
		<redir/>
		<localip/>
		<remoteip/>
	</pptpd>
	<diag>
		<ipv6nat>
			<ipaddr/>
		</ipv6nat>
	</diag>
	<nat>
		<rule>
			<protocol>tcp</protocol>
			<external-port>21</external-port>
			<target>192.168.2.4</target>
			<local-port>21</local-port>
			<descr>FTP to Novell Server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>22</external-port>
			<target>192.168.2.3</target>
			<local-port>22</local-port>
			<descr>SSH to Linux box</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>25</external-port>
			<target>192.168.2.3</target>
			<local-port>25</local-port>
			<descr>SMTP to Linux Server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>110</external-port>
			<target>192.168.2.3</target>
			<local-port>110</local-port>
			<descr>POP3 to Linux server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>143</external-port>
			<target>192.168.2.3</target>
			<local-port>143</local-port>
			<descr>IMAP to linux server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>3389</external-port>
			<target>192.168.2.72</target>
			<local-port>3389</local-port>
			<descr>TS access to 2K server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>8081</external-port>
			<target>192.168.2.72</target>
			<local-port>8081</local-port>
			<descr>HTTP to 2K server</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>10000</external-port>
			<target>192.168.2.3</target>
			<local-port>10000</local-port>
			<descr>Webmin</descr>
		</rule>
		<rule>
			<protocol>udp</protocol>
			<external-port>5060-5061</external-port>
			<target>192.168.2.199</target>
			<local-port>5060</local-port>
			<descr>Vonage Ports</descr>
		</rule>
		<rule>
			<protocol>udp</protocol>
			<external-port>10100-10500</external-port>
			<target>192.168.2.199</target>
			<local-port>10100</local-port>
			<descr>Vonage ports</descr>
		</rule>
		<rule>
			<protocol>tcp</protocol>
			<external-port>20000</external-port>
			<target>192.168.2.3</target>
			<local-port>20000</local-port>
			<descr>Usermin to Linux server</descr>
		</rule>
	</nat>
	<filter>
		<rule>
			<interface>wan</interface>
			<protocol>icmp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<any/>
			</destination>
			<descr>Allow ICMP </descr>
			<type>pass</type>
		</rule>
		<rule>
			<type>pass</type>
			<interface>wan</interface>
			<source>
				<address>192.168.0.0/16</address>
			</source>
			<destination>
				<any/>
			</destination>
			<log/>
			<frags/>
			<descr>Allow all from 192.168.0.0/16 networks</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.4</address>
				<port>20-21</port>
			</destination>
			<descr>NAT FTP to Novell Server</descr>
			<type>pass</type>
		</rule>
		<rule>
			<type>pass</type>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>22</port>
			</destination>
			<descr>NAT SSH to Linux box</descr>
		</rule>
		<rule>
			<type>pass</type>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>25</port>
			</destination>
			<descr>NAT SMTP to Linux Server</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.72</address>
				<port>80</port>
			</destination>
			<descr>NAT </descr>
			<type>pass</type>
		</rule>
		<rule>
			<type>pass</type>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>110</port>
			</destination>
			<descr>NAT POP3 to Linux server</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<any/>
				<port>443</port>
			</destination>
			<descr/>
			<type>pass</type>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.72</address>
				<port>3389</port>
			</destination>
			<descr>NAT TS access to 2K server</descr>
			<type>pass</type>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.72</address>
				<port>8081</port>
			</destination>
			<descr>NAT HTTP to 2K server</descr>
			<type>pass</type>
		</rule>
		<rule>
			<type>pass</type>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>10000</port>
			</destination>
			<descr>NAT Webmin</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>udp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.199</address>
				<port>5060-5061</port>
			</destination>
			<descr>NAT Vonage Ports</descr>
			<type>pass</type>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>udp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.199</address>
				<port>10100-10500</port>
			</destination>
			<descr>NAT Vonage ports</descr>
			<type>pass</type>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>143</port>
			</destination>
			<descr>NAT IMAP to linux server</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
			</source>
			<destination>
				<address>192.168.2.3</address>
				<port>20000</port>
			</destination>
			<descr>NAT Usermin to Linux server</descr>
		</rule>
		<rule>
			<interface>opt1</interface>
			<source>
				<any/>
			</source>
			<destination>
				<any/>
			</destination>
			<frags/>
			<descr>Allow all from Wireless interface</descr>
			<type>pass</type>
		</rule>
		<rule>
			<type>pass</type>
			<interface>lan</interface>
			<source>
				<address>192.168.0.0/16</address>
			</source>
			<destination>
				<any/>
			</destination>
			<log/>
			<frags/>
			<descr>Allow from all other LANs</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<source>
				<network>lan</network>
			</source>
			<destination>
				<any/>
			</destination>
			<frags/>
			<descr>Default LAN -&gt; any</descr>
			<type>pass</type>
		</rule>
	</filter>
	<shaper>
		<enable/>
		<rule>
			<interface>lan</interface>
			<source>
				<address>192.168.2.199</address>
			</source>
			<destination>
				<any/>
			</destination>
			<bandwidth>100</bandwidth>
			<mask>source</mask>
			<descr>Allow bandwidth for voice router</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<protocol>tcp</protocol>
			<source>
				<any/>
				<port>21</port>
			</source>
			<destination>
				<any/>
				<port>21</port>
			</destination>
			<bandwidth>720</bandwidth>
			<mask>source</mask>
			<descr>Limit FTP</descr>
		</rule>
	</shaper>
	<ipsec>
		<enable/>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>192.168.4.0/24</remote-subnet>
			<remote-gateway>24.187.115.86</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>3des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>2</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801</pre-shared-key>
			</p1>
			<p2>
				<protocol>esp</protocol>
				<encryption-algorithm-option>3des</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>2</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>IPSec to KennaNet</descr>
		</tunnel>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>192.168.3.0/24</remote-subnet>
			<remote-gateway>24.185.231.163</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>3des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>2</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801</pre-shared-key>
			</p1>
			<p2>
				<protocol>esp</protocol>
				<encryption-algorithm-option>3des</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>2</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>IPSec to MarescoNet</descr>
		</tunnel>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>192.168.1.0/24</remote-subnet>
			<remote-gateway>24.190.161.244</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>3des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>2</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801</pre-shared-key>
			</p1>
			<p2>
				<protocol>esp</protocol>
				<encryption-algorithm-option>3des</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>2</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>IPSec to HomeNet</descr>
		</tunnel>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>192.168.5.0/24</remote-subnet>
			<remote-gateway>24.184.150.82</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>2</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801</pre-shared-key>
			</p1>
			<p2>
				<protocol>ah</protocol>
				<encryption-algorithm-option>des</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>2</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>VPN to CrifasiNet</descr>
		</tunnel>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>192.168.6.0/24</remote-subnet>
			<remote-gateway>24.190.161.244</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>3des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>2</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801</pre-shared-key>
			</p1>
			<p2>
				<protocol>esp</protocol>
				<encryption-algorithm-option>3des</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>2</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>IPSec to HomeNet</descr>
		</tunnel>
		<tunnel>
			<local-subnet>
				<network>lan</network>
			</local-subnet>
			<remote-subnet>172.16.0.0/16</remote-subnet>
			<remote-gateway>207.198.250.254</remote-gateway>
			<p1>
				<mode>main</mode>
				<myident>
					<myaddress/>
				</myident>
				<encryption-algorithm>3des</encryption-algorithm>
				<hash-algorithm>md5</hash-algorithm>
				<dhgroup>5</dhgroup>
				<lifetime>86400</lifetime>
				<pre-shared-key>6801680168016801</pre-shared-key>
			</p1>
			<p2>
				<protocol>esp</protocol>
				<encryption-algorithm-option>des</encryption-algorithm-option>
				<encryption-algorithm-option>3des</encryption-algorithm-option>
				<encryption-algorithm-option>blowfish</encryption-algorithm-option>
				<encryption-algorithm-option>cast128</encryption-algorithm-option>
				<encryption-algorithm-option>rijndael</encryption-algorithm-option>
				<hash-algorithm-option>hmac_md5</hash-algorithm-option>
				<pfsgroup>5</pfsgroup>
				<lifetime>86400</lifetime>
			</p2>
			<descr>Russ's firewall</descr>
		</tunnel>
	</ipsec>
	<staticroutes/>
	<syslog>
		<reverse/>
		<nentries>100</nentries>
		<remoteserver/>
	</syslog>
	<dnsmasq>
		<regdhcp/>
	</dnsmasq>
	<snmpd>
		<rocommunity>iaroccinet</rocommunity>
		<syslocation>Patchogue, NY</syslocation>
		<syscontact>Christopher Iarocci</syscontact>
		<enable/>
	</snmpd>
</m0n0wall>
***** kldstat *****
kldstat: not found
***** ngctl list *****
There are 4 total nodes:
  Name: ngctl1145       Type: socket          ID: 00000007   Num hooks: 0
  Name: fxp0            Type: ether           ID: 00000003   Num hooks: 0
  Name: rl0             Type: ether           ID: 00000002   Num hooks: 0
  Name: an0             Type: ether           ID: 00000001   Num hooks:
0----- Original Message ----- 
From: "Manuel Kasper" <mk at neon1 dot net>
To: "Greg Nicholson" <greg at d0gz dot net>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, November 03, 2003 12:40 PM
Subject: Re: [m0n0wall] New release and IPSec problem


> On 03.11.2003, at 17:50, Greg Nicholson wrote:
>
> > I noticed the same behavior on my installation last night, but didn't
> > have
> > time to troubleshoot before reverting to pb18 where everything worked.
> >  I'm
> > pretty sure that it is in the firewall code, as I was seeing the
> > packets
> > being bounced by rule 0:4.
>
> Well, I can't see why any of the changes made to the filter generator
> from pb18 to pb19 would cause something like this. Guess we'll need
> more input, like status.cgi output when the problem occurs...
>
> > On a related note, we have LAN,WAN,PPTP options on the firewall rules.
> > Where do the IPsec tunnels fit in?
>
> Nowhere. In a way, IPsec completely sucks when it comes to filtering
> because there are no virtual interfaces per tunnel as there are with
> PPTP or OpenVPN. ipfilter just sees those packets as coming in via WAN
> (and to make matters worse, they pass through the filter three (!)
> times - once as ESP, then as ipencap and finally as the decrypted
> packet). Maybe some kludge with gif interfaces would help, but I'm not
> sure about that.
>
> I'd prefer to get rid of that nasty, ugly, kludgy IPsec + IKE (did I
> mention that racoon sucks? ;) shit anyway - causes more headaches than
> it is worth. Too bad it's the de-facto industry standard. OpenVPN is
> much more beautiful. But the good things in life always have a catch:
> it runs in userland and as such it's very slow on low-end platforms
> like embedded PCs. Gosh!
>
> - Manuel
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>