enc - Encapsulating Interface
pseudo-device enc [count]
The enc interface is a software loopback mechanism that allows hosts or
firewalls to filter ipsec(4) traffic using pf(4). The
vpn(8) manpage
shows an example of such a setup.
The enc interface is a software loopback mechanism that allows an administrator
to see outgoing packets before they have been processed by
ipsec(4), or incoming packets after they have been similarly
processed,
via tcpdump(8).
The ``enc0'' interface inherits all IPsec traffic. Thus all
IPsec traffic
can be filtered based on ``enc0'', and all IPsec traffic
could be
seen by invoking tcpdump(8) on the ``enc0'' interface.
To see all outgoing packets before they have been processed
via ipsec(4),
or all incoming packets after they have been similarly processed:
#> ifconfig enc0 up
#> tcpdump -i enc0
bpf(4), inet(4), ipsec(4), netintro(4), pf(4), tcpdump(8),
vpn(8)
OpenBSD 3.6 October 7, 1999
[ Back ] |