Provided by:
freebsd-manpages_7.1~beta1-1_all 
NAME
enc - Encapsulating Interface
SYNOPSIS
To compile this driver into the kernel, place the following line in your
kernel configuration file:
device enc
DESCRIPTION
The enc interface is a software loopback mechanism that allows hosts or
firewalls to filter ipsec(4) traffic using any firewall package that
hooks in via the pfil(9) framework.
The enc interface allows an administrator to see outgoing packets before
they have been processed by ipsec(4), or incoming packets after they have
been similarly processed, via tcpdump(1).
The “enc0” interface inherits all IPsec traffic. Thus all IPsec traffic
can be filtered based on “enc0”, and all IPsec traffic could be seen by
invoking tcpdump(1) on the “enc0” interface.
EXAMPLES
To see all outgoing packets before they have been processed via ipsec(4),
or all incoming packets after they have been similarly processed:
tcpdump -i enc0
SEE ALSO
tcpdump(1), bpf(4), ipf(4), ipfw(4), ipsec(4), pf(4), tcpdump(8)