[Fedora Core 4 (kernel 2.6.17)]
I am interested to understand whether the IPsec implementation outputs any
log information. I am particularly interested in any log output under
conditions of replay attack. I have simulated a replay attack (using
ethereal and tcpreplay) - I noted that the incoming ping packets were
ignored, but I could find no log of the 'replay attack'. I looked in the
syslog, but perhaps I am looking in the wrong place - or maybe there is a
kernel option that needs to be enabled.
I understand that IPsec is implemented in the kernel - I'm struggling to
find any documenation that might describe the function of the IPsec
implementation (e.g. regarding logging, configuration etc.). Perhaps someone
could point me in the right direction.