[strongSwan] Why can I only see incoming un-encrypted traffic ? Outgoing cleartext traffic is not visible on the strongswan box.

[Charles-Edouard Ruault]

Hi Noel,
I just tried and now I can see outgoing trafic but I do not see incoming trafic anymore (on nflog). 
I’ve tried adding iptables rules to also direct incoming trafic to the nflog interface but without success.
It already helps me but being able to capture trafic flowing in both directions into the same capture file would definitely be better.
Any idea why the incoming trafic does not show up on nflog ?
Thanks again !
Regards.

Le 27 août 2015 à 17:20, Noel Kuntze <noel at familie-kuntze.de> a écrit :


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Forgot the tcpdump command:

tcpdump -i nflog:5 -s 0 -n

- -- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV3yrWAAoJEDg5KY9j7GZYRG8P/2tAi7HU2XcUsqs9Uw1MXl/f
Hw/3aRsVw8ObtONganH5Oa9Bnx9iUVml6IxHPVKsXqmvZYjRwPcEfZtP81dgSuyT
USBbp07UfrMZUULeZrGnLRcOwx0jYgkmYMLren53ICaB1oj7c5ZUUl5/B2gJaL+v
nkD+jt85MnfnM1sPQFXe1VObFLQxvGeHQMDph51OAMOXjGfjUGwrpad0Jttw0dKc
9zkpHpae4MInKqY3ymC5jeSeBm541fpuZHe25rC7hGmjrInTl6JXerQm8dn5u0yG
Y28PFSNilvzRlmmUW77Wn+dyVd9EpPkMTYrCpooFqMDMR9dNn/xdCBbmxQVxP/8/
uezvAerXCC5hGXgxoFtBmm4j+akeS3KgdWSSEwYOh33VRe2HQvOrs2BCdZRukxO6
1XrHjNYgPBLmfwzmFhtCZAAOSCesnMzWJhOux6K2B5eNeh2+yREfKpe7xpr4PXJN
0zhviNnsdpZ9U4Z3+DMb8d7aaH/v25npbvWy0M1j3EmozIRdNvKa+5xgYLU0koOo
yW34AtI+k4shbf/8piuejkchQA8oUioXyg2A6KM5Pp/kDZiLewwAEVk7K3pUn1ta
1owwrqOiVkIrRvLAS1CDUhWbaArAbdwqZznYlLUat+JH37JxoVgC86ZxgFF1ti4X
pJ6YlEVJGOQtgxFxN3R4
=C/Zq
-----END PGP SIGNATURE-----


Charles-Edouard Ruault
Pleex - Maeglin Software
http://www.pleex.com
Mob: +33 6 74 46 26 51