之前在網站中看到有人提出問題"如何知道資料是否有正常的走vpn?"，我之前也有這樣的疑問，經過簡單的資料尋找，再參考gvpe的說明，有幾個方法可以知道gvpe是否運作正常。
1、tcpdump：這是最直接的想法，直接sniffer 虛擬網卡(vpn0)，使用類似下列的指令

tcpdump -i vpn0 -vv

tcpdump: listening on vpn0, link-type EN10MB (Ethernet), capture size 96 bytes
13:35:57.530767 IP (tos 0x0, ttl 127, id 42249, offset 0, flags [DF], proto: TCP (6), length: 50) 192.168.14.8.1027 > 192.168.11.25.ftp: P, cksum 0x6baf (correct), 1147511673:1147511683(10) ack 3847595045 win 16887
13:35:57.603298 IP (tos 0x0, ttl 63, id 28938, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.11.25.ftp > 192.168.14.8.1027: ., cksum 0x8916 (correct), 1:1(0) ack 10 win 5840
....
用dmesg看系統留下的log

dmesg

device vpn0 entered promiscuous mode
audit(126404129.464:5): dev=vpn0 prom=256 old_prom=0 auid=494967295 ses=494967295
.....

2、iptstate：因為系統中另外運行iptables，所以有可用iptstate，透過監控iptables的運作看到gvpe的運作，使用類似下列的指令：

iptstate -s

IP Tables State Top -- Sort by: SrcIP
Source Destination Proto State TTL
......
192.168.14.8:1521 192.168.11.25:40705 tcp TIME_WAIT 0:01:26
192.168.14.8:1519 192.168.11.25:52395 tcp TIME_WAIT 0:01:22
192.168.14.8:1027 192.168.11.25:21 tcp ESTABLISHED 119:59:27

3、gvpe的啟動選項：gvpe啟動方式中有提到"-l"就是留下log，範例中是使用"-linfo"，這個只有簡單的連線、斷線的訊息，而"-lnoise"會留下更多訊息，我就是用這個選項發現設定檔中有錯誤的。一般使用類似指令可以在messages看到gvpe運作的訊息，syslog.conf裡要設定類似這樣kern.* /var/log/messages

gvpe -D -L -lnoise <node name> 2>&1
tail -f /var/log/messages

<<?/icmp/xxx.yyy.zzz.mmm:0 received possible vpn packet type 1 from 1 to 3, length 102.
<node name> >> received packet type 1 from 1 to 3.
<<?/icmp/xxx.yyy.zzz.mmm:0 received possible vpn packet type 1 from 1 to 3, length 86.
<node name> >> received packet type 1 from 1 to 3.
<<?/icmp/xxx.yyy.zzz.mmm:0 received possible vpn packet type 1 from 1 to 3, length 86.
<node name> >> received packet type 1 from 1 to 3.
......