1174032Sbz# $FreeBSD$ 2174032Sbz 3174032SbzTo test tcp-md5 do: 4174032Sbz 5174032Sbz* compile and install kernel with TCP_SIGNATURE support 6174032Sbz 7174032Sbz* add this to /etc/ipsec.conf (the md5 'secret' is just a sample) 8174032Sbz add 127.0.0.1 127.0.0.1 tcp 0x1000 -A tcp-md5 "0e3a9ac42ceca8260f1d6fbc46a9707c"; 9174032Sbz 10174032Sbz* enable it in /etc/rc.conf with 11174032Sbz ipsec_enable="YES" 12174032Sbz and apply it with sh /etc/rc.d/ipsec start 13174032Sbz 14174032Sbz [ off course you can also manually add it using setkey(8) ] 15174032Sbz 16174032Sbz* compile tcpconnect in here running: 17174032Sbz make 18174032Sbz 19174032Sbz* start tcpdump (secret as above, port is just a sample): 20174032Sbz tcpdump -l -n -i lo0 -s 0 -M "0e3a9ac42ceca8260f1d6fbc46a9707c" tcp and port 2345 21174032Sbz 22174032Sbz* run the server (use same port as given to tcpdump): 23174032Sbz ./tcpconnect server 2345 24174032Sbz 25174032Sbz* run the client (use same port as given to tcpdump): 26174032Sbz ./tcpconnect client 127.0.0.1 2345 1 tcpmd5 27174032Sbz 28174032Sbz* check tcpdump output 29174032Sbz 30174032Sbz# end 31