1551944a2SBjoern A. Zeeb# $FreeBSD$ 2551944a2SBjoern A. Zeeb 3551944a2SBjoern A. ZeebTo test tcp-md5 do: 4551944a2SBjoern A. Zeeb 5551944a2SBjoern A. Zeeb* compile and install kernel with TCP_SIGNATURE support 6551944a2SBjoern A. Zeeb 7551944a2SBjoern A. Zeeb* add this to /etc/ipsec.conf (the md5 'secret' is just a sample) 8551944a2SBjoern A. Zeeb add 127.0.0.1 127.0.0.1 tcp 0x1000 -A tcp-md5 "0e3a9ac42ceca8260f1d6fbc46a9707c"; 9551944a2SBjoern A. Zeeb 10551944a2SBjoern A. Zeeb* enable it in /etc/rc.conf with 11551944a2SBjoern A. Zeeb ipsec_enable="YES" 12551944a2SBjoern A. Zeeb and apply it with sh /etc/rc.d/ipsec start 13551944a2SBjoern A. Zeeb 14551944a2SBjoern A. Zeeb [ off course you can also manually add it using setkey(8) ] 15551944a2SBjoern A. Zeeb 16551944a2SBjoern A. Zeeb* compile tcpconnect in here running: 17551944a2SBjoern A. Zeeb make 18551944a2SBjoern A. Zeeb 19551944a2SBjoern A. Zeeb* start tcpdump (secret as above, port is just a sample): 20551944a2SBjoern A. Zeeb tcpdump -l -n -i lo0 -s 0 -M "0e3a9ac42ceca8260f1d6fbc46a9707c" tcp and port 2345 21551944a2SBjoern A. Zeeb 22551944a2SBjoern A. Zeeb* run the server (use same port as given to tcpdump): 23551944a2SBjoern A. Zeeb ./tcpconnect server 2345 24551944a2SBjoern A. Zeeb 25551944a2SBjoern A. Zeeb* run the client (use same port as given to tcpdump): 26551944a2SBjoern A. Zeeb ./tcpconnect client 127.0.0.1 2345 1 tcpmd5 27551944a2SBjoern A. Zeeb 28551944a2SBjoern A. Zeeb* check tcpdump output 29551944a2SBjoern A. Zeeb 30551944a2SBjoern A. Zeeb# end 31