Here is the experiment:
Open a window to an IPsec host and another window to an insecure host.
Now start capturing packets.
In the “secure” window, run the UNIX®
command yes(1), which will stream the y
character. After a while, stop this. Switch to the
insecure window, and repeat. After a while, stop.
Now run MUST on the captured packets. You should see something like the following. The important thing to note is that the secure connection has 93% (6.7) of the expected value (7.18), and the “normal” connection has 29% (2.1) of the expected value.
%
tcpdump -c 4000 -s 10000 -w ipsecdemo.bin
%
uliscan ipsecdemo.bin
Uliscan 21 Dec 98
L=8 256 258560
Measuring file ipsecdemo.bin
Init done
Expected value for L=8 is 7.1836656
6.9396 --------------------------------------------------------
6.6177 -----------------------------------------------------
6.4100 ---------------------------------------------------
2.1101 -----------------
2.0838 -----------------
2.0983 -----------------This, and other documents, can be downloaded from http://ftp.FreeBSD.org/pub/FreeBSD/doc/
For questions about FreeBSD, read the
documentation before
contacting <questions@FreeBSD.org>.
For questions about this documentation, e-mail <doc@FreeBSD.org>.