[hipl-users] Re: HIPL+ ubuntu

From: Dongsu Park <dpark1978@xxxxxxxxx>
To: hipl-users@xxxxxxxxxxxxx
Date: Thu, 12 Jun 2008 12:19:04 +0200

Hi Andrey,

Andrey Khurri wrote:
> Hi Lina,
>
> To check whether the HIP base exchange has been performed you can use a
> network analyzer, for instance, tcpdump or even better graphical
> Wireshark. The latter has HIP patches provided by Boeing and can display
> HIP packets as well:
>
> http://hipserver.mct.phantomworks.org/ethereal.html
>
> I am not sure though if the current patch for Wireshark reflects changes
> of HIP protocol number (253 -> 139).

As I tested a few weeks ago, the wireshark patches provided in the linkdoes not reflect the HIP protocol number change. So I had to installwireshark 1.0.0 with the patch on main branch. With that it could showHIP packets with respect to the new protocol number 139.

If someone stick to the hipl release 1.0.3, it's not a bad choice justto use wireshark 0.99.5 with the patch available on the link above,since it can show as the old protocol number 253.


>
> With tcpdump you can run the following command to see HIP only traffic:
> "tcpdump -n -i any esp or proto 139 or port 50500"
>
> If you resolve your hostname to an IP address at least locally (e.g. in
> /etc/hosts) your test with hostname should work then.
>
> Regards,
> Andrey

Regards,
Dongsu

References:
- [hipl-users] HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Dongsu Park
- [hipl-users] Re: HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Dongsu Park
- [hipl-users] Re: HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Andrey Lukyanenko
- [hipl-users] Re: HIPL+ ubuntu
  - From: Andrey Lukyanenko
- [hipl-users] Re: HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Lina
- [hipl-users] Re: HIPL+ ubuntu
  - From: Andrey Khurri

[hipl-users] Re: HIPL+ ubuntu

Other related posts: