ENC(4) BSD Programmer's Manual ENC(4)
enc - Encapsulating Interface
pseudo-device enc [count]
The enc interface is a software loopback mechanism that allows hosts or firewalls to filter ipsec(4) traffic using pf(4). The vpn(8) manpage shows an example of such a setup. The enc interface is a software loopback mechanism that allows an ad- ministrator to see outgoing packets before they have been processed by ipsec(4), or incoming packets after they have been similarly processed, via tcpdump(8). The "enc0" interface inherits all IPsec traffic. Thus all IPsec traffic can be filtered based on "enc0", and all IPsec traffic could be seen by invoking tcpdump(8) on the "enc0" interface.
To see all outgoing packets before they have been processed via ipsec(4), or all incoming packets after they have been similarly processed: #> ifconfig enc0 up #> tcpdump -i enc0
bpf(4), inet(4), ipsec(4), netintro(4), pf(4), tcpdump(8), vpn(8) MirOS BSD #10-current October 7, 1999 1
Generated on 2013-10-31 22:57:03 by $MirOS: src/scripts/roff2htm,v 1.77 2013/01/01 20:49:09 tg Exp $
These manual pages and other documentation are copyrighted by their respective writers;
their source is available at our CVSweb,
AnonCVS, and other mirrors. The rest is Copyright © 2002‒2013 The MirOS Project, Germany.
This product includes material provided by Thorsten Glaser.
This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report – diffs preferred.