最近遇到一个问题，是说收到了dup的ESP包。
这个目前还是未解的谜题，不知道到底是谁发的重复包。
但是从wireshark里确实可以看到在相同SPI下，收到了两个序号相同的ESP包。

这个时候，就会触发防火墙的防御机制。下面是一个大模型给出的一个解答（主要介绍的是anti-replay的防护机制）：
When ESP (Encapsulating Security Payload) packets are received and identified as duplicates in a firewall or network security environment, they are typically handled based on IPsec’s anti-replay protection. Here’s how it works:
Anti-Replay Protection: ESP uses a sequence number within the Security Association (SA) to guard against replay attacks. This seque