[Swan] bandwidth usage
Bob Miller
bob at computerisms.ca
Wed Mar 19 20:50:10 EET 2014
Hello,
I am looking for explanations on how packets traverse iptables using
netkey in openswan/libreswan implementations (I am presuming it will be
the same for both). Specifically, I want to know how I would trace vpn
traffic through the packet flow diagram found at
http://l7-filter.sourceforge.net/PacketFlow.png - I wonder where in that
model packets get lifted for encryption/decryption, and where those
modified packets re-appear, and how the flow of such packets might
differ from normally NAT'd traffic. I am particularly not clear on the
flow in the direction from unencrypted entry to encrypted exit...
The purpose is that I am trying to track bandwidth usage and I want to
know where the count is/isn't being increased by both the unencrypted
and encrypted packet, as well as differentiate between overall
egress/ingress, regularly NAT'd traffic, and vpn usage.
I have spent the last hours sifting through posts and articles and
haven't found much that seems authoritative; that which I have found
seems inconsistently detailed between different authors (and my
expectations), or uses terminology contrary to my understanding, such as
identifying the "POSTROUTING table".
I think I am searching on the wrong words, or am not recognizing the
information I want for what it is. Can anyone point me at some
documentation that describes the details I am after?
--
Computerisms
Bob Miller
867-334-7117 / 867-633-3760
http://computerisms.ca
More information about the Swan
mailing list