On Mon, 6 May 2024, Phil Nightowl via Swan wrote:
After giving it a second look, a brief response to my original message. The xfrm policies seem quite wrong after all:
Can you share the "ipsec traffic" output after doing a few pings over the tunnel? I have a feeling you might not actually have a plaintext leak, you just think you do because of the way tcpdump hooks into the kernel network/ipsec stack. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
