Hello, I am looking for explanations on how packets traverse iptables using netkey in openswan/libreswan implementations (I am presuming it will be the same for both). Specifically, I want to know how I would trace vpn traffic through the packet flow diagram found at http://l7-filter.sourceforge.net/PacketFlow.png - I wonder where in that model packets get lifted for encryption/decryption, and where those modified packets re-appear, and how the flow of such packets might differ from normally NAT'd traffic. I am particularly not clear on the flow in the direction from unencrypted entry to encrypted exit...
The purpose is that I am trying to track bandwidth usage and I want to know where the count is/isn't being increased by both the unencrypted and encrypted packet, as well as differentiate between overall egress/ingress, regularly NAT'd traffic, and vpn usage. I have spent the last hours sifting through posts and articles and haven't found much that seems authoritative; that which I have found seems inconsistently detailed between different authors (and my expectations), or uses terminology contrary to my understanding, such as identifying the "POSTROUTING table". I think I am searching on the wrong words, or am not recognizing the information I want for what it is. Can anyone point me at some documentation that describes the details I am after? -- Computerisms Bob Miller 867-334-7117 / 867-633-3760 http://computerisms.ca _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
