Hi,
I am trying to capture the "esp" packets that I am
sending from one host to the other using ethereal on
the destination machine. The "esp" packets are shown
properly but the corresponding "tcp" packets have
incorrect IP header. It seams that 16 bytes of extra
fields are inserted in IP header. following is the tcp
packet in hex:
the extra part is shown by +++ signs
<------------Ethernet header------------> <----
00 0f ea 6e 4a 19 00 0d 88 4f 9c 76 08 00 45 00
IP header-------------------------------- +++++
00 60 10 9d 40 00 40 06 00 a7 0a 0a 0a 84 45 00
++++extra bytes++++++++++++++++++++++++++ -----
00 42 10 9d 40 00 40 06 00 f1 0a 0a 0a 84 0a 0a
---->
0a 91 0d a2 41 26 b2 0f 28 0c ac d7 12 b6 80 18
05 a8 d2 86 00 00 01 01 08 0a 00 0d 38 91 00 0d
12 dd 48 65 6c 6c 6f 2c 20 77 6f 72 6c 64 21 0a
does anyone have an idea what the problem is?
thanks for any help
fariba
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
