Hi,
in the wiki protocol at the InternetProtocolFamily section I have added :
a new menu with a few information.
Network Layer (IPsec <http://wiki.ethereal.com/IPsec> Internet Protocol
Security):
*
AH <http://wiki.ethereal.com/AH>: Authentication Header
*
ESP <http://wiki.ethereal.com/ESP>: Encapsulating Security Payload
Moreover I also have added a little doc for the ESP Preference Settings.
I hope it is what you were expecting for .
Regards,
--
Frederic
Anders Broman wrote:
Hi,
I have checked in your patch with a change:
#ifdef HAVE_LIBCRYPT
#define __USE_LIBGCRYPT__
#endif
(Please check if that's correct).
Can you please put the information from the readme file on the wiki protocol
pages.
Brg
Anders
-----Ursprungligt meddelande-----
Från: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] För Frederic Roudaut
Skickat: den 25 februari 2006 14:02
Till: Ethereal development
Kopia: Ethereal development
Ämne: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload
Hi
I just add a #define __USE_LIBGCRYPT__ that you have to set to be able to
decrypt ESP payload. Otherwise if not, the original IPSEC dissector is
compiled. I also notice that on current stable Ethereal versions gnutls is
not linked.
Thus you have to install libgcrypt and do:
LDFLAGS=-lgcrypt ./configure && make
For windows you should get:
http://gnunet.org/download/win/libgcrypt-1.2.1.zip
and do something similar.
Best regards
---
Frederic
Paolo,
is there a way to compile the dissector with windows. The sourceforge rep
(gnutls-win32-msvc.tgz) does not include the winposixtype.h and the
gcrypt.h.
TIA
Thomas
--- Ursprüngliche Nachricht ---
Von: "Filonenko Alexander-AAF013" <AAF013@xxxxxxxxxxxx>
An: "Ethereal development" <ethereal-dev@xxxxxxxxxxxx>
Betreff: RE: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload
Datum: Fri, 24 Feb 2006 17:42:44 -0500
Frederic,
I find IPsec functionality you have added to the dissector very useful.
Hope I can provide you with some feedback in a few weeks.
Thank you,
Alex Filonenko
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of
Frederic Roudaut
Sent: Friday, February 24, 2006 10:01 AM
To: Ethereal development
Subject: [Ethereal-dev] IPsec Dissector to decrypt ESP Payload
Hi,
finally, I have updated my dissector using libgcrypt.
It does not use openssl anymore.
If gnutls is installed, all should work.
Thus, now it should decrypt and dissect
(transport/tunnel/several encapsulations ...) :
- NULL Encryption Algorithm
- TripleDES-CBC [RFC2451] : keylen 192 bits.
- AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits.
- AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining
32 bits will be used as nonce.
- DES-CBC [RFC2405] : keylen 64 bits
I also have added :
- BLOWFISH-CBC : keylen 128 bits.
- TWOFISH-CBC : keylen 128/256 bits.
You have to indicate the Authentication algorithm even if all
Algorithms since it uses 12 bytes in the Auth field should
work (have a look to the README to understand why I put it
;-) ). If you consider I have to throw it away please tell me.
HMAC-SHA1-96 [RFC2404]
NULL
AES-XCBC-MAC-96 [RFC3566]
HMAC-MD5-96 [RFC2403]
In the attachment you will get :
- this dissector
- a new README
- some example capture files with associated preferences
files (and setkey config files)
Best Regards,
----
Frederic
--
Frédéric ROUDAUT
IRISA-INRIA, Campus de Beaulieu, 35042 Rennes cedex, France
Tl: +33 (0) 2 99 84 71 44, Fax: +33 (0) 2 99 84 71 71
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
--
DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert:
GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
