>It seems that under NetBSD 1.4.1, at least, when you set up a gre tunnel
>between two machines, the `real' interface that the tunnel's packets pass
>over is showing de-encapsulated incoming packets to bpf, ipfilter, etc.
>(Outgoing are shown encapsulated.) Here's an example:
>
>16:33:38.755359 fmh.blink.com > 192.168.10.32: icmp: echo request (gre encap)
>16:33:38.788769 192.168.10.32 > fmh.blink.com: icmp: echo reply
>
>What's up with this? Does current still do it?

	bpf sends encapsulated packet to userland.
	NetBSD 1.4.1 tcpdump(8) skips outer header, if you don't have -v on
	command line.   If you have -v, it will print like this:
>16:33:38.755359 fmh.blink.com > 192.168.10.32: gre 10.1.1.1 > 10.1.1.2: icmp: echo request (gre encap)

	I think this is a bit confusing that the order is reversed.

	NetBSD-current tcpdump needs some fix around here, due to the changes
	in ip header printing I made (I did not change print-gre.c) -
	I'll do that.  Could you give me (privately) a packet trace that
	includes GRE, saved by tcpdump -w?

itojun