While discussing the mess isakmpd is, I came across the problem that
writing a pcap file from isakmpd is a nice way to debug problems, BUT:
if isakmpd runs for a while on a busy gateway the file can grow
rather large and tcpdump reading it needs considerable disk-IO - and
one cannot "tail -f" it anyway.
Same problem applies to rotating the pcap file in a non-loss way (lossy
is 'p off' 'p on' on isakmpd.fifo). Maybe a SIGUSR2 to get a coherent
way
of pcap files. I am still confused by the code for
report()/log_packet_restart() a bit.
Have to scratch some rust from my C and give this a shot - too messy to
cope with it that way.
