xref: /freebsd/tools/regression/netinet/tcpconnect/README.tcp-md5 (revision d6b92ffa990dc57d8a969a98e3ca4e25ba39cbb2)
1# $FreeBSD$
2
3To test tcp-md5 do:
4
5* compile and install kernel with TCP_SIGNATURE support
6
7* add this to /etc/ipsec.conf (the md5 'secret' is just a sample)
8	add 127.0.0.1 127.0.0.1 tcp 0x1000 -A tcp-md5 "0e3a9ac42ceca8260f1d6fbc46a9707c";
9
10* enable it in /etc/rc.conf with
11	ipsec_enable="YES"
12  and apply it with sh /etc/rc.d/ipsec start
13
14 [ off course you can also manually add it using setkey(8) ]
15
16* compile tcpconnect in here running:
17    make
18
19* start tcpdump (secret as above, port is just a sample):
20    tcpdump -l -n -i lo0 -s 0 -M "0e3a9ac42ceca8260f1d6fbc46a9707c" tcp and port 2345
21
22* run the server (use same port as given to tcpdump):
23    ./tcpconnect server 2345
24
25* run the client (use same port as given to tcpdump):
26    ./tcpconnect client 127.0.0.1 2345 1 tcpmd5
27
28* check tcpdump output
29
30# end
31