Re: AW: [FW1] --- traffic debug like cisco PIX ---

[David C. Diemer]

Check out http://support.nokia.com and look at solution 3206, "Please Explain the fw monitor command."   In summary, you can see packets on any of the four sides of the rule base:      a.  inbound - before the rule set      b.  inbound - after the rule set      c.  outbound - before the rule set      d.  outbound - after the rule set   This is a COOL command because you can now see exactly where a packet is being dropped, if it's being accepted, et. al.       David C. Diemer, CCSA, CNE Enterprise Security Firewall Engineer Georgia Department of Administrative Services (DOAS) [EMAIL PROTECTED] 404.651.9677 >>> Arno Hechenberger <[EMAIL PROTECTED]> 11/27/00 08:25AM >>> Hello All ! WHO has a detaild description of the fw monitor command ??? I've never found one on the command line reference ! Thanks in advance ! Arno Hechenberger -----Urspr�ngliche Nachricht----- Von: Gregor Munro [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 23. November 2000 07:42 An: Adams Gavin; Arno Hechenberger; FW-1 Mailing List (E-Mail) Betreff: RE: [FW1] --- traffic debug like cisco PIX --- Or alternatively if you are using a more recent version of FireWall-1, you could use the fw monitor command. Who ever heard of using the tools that the vendor supplies ;-) Greg -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Adams, Gavin Sent: Thursday, 23 November 2000 8:52 a.m. To: Arno Hechenberger; FW-1 Mailing List (E-Mail) Subject: RE: [FW1] --- traffic debug like cisco PIX --- Actually, tcpdump is available for NT. Don't know if I'd install the packet driver on a firewall, but tcpdump does work well. You can also run Ethereal too... Tcpdump (WinDump) for NT and packet driver - http://netgroup-serv.polito.it/windump/ <http://netgroup-serv.polito.it/windump/> Ethereal - http://www.ethereal.com/distribution/win32/ <http://www.ethereal.com/distribution/win32/> HTH, --- Gavin -----Original Message----- From: Arno Hechenberger [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 21, 2000 16:49 To: FW-1 Mailing List (E-Mail) Subject: [FW1] --- traffic debug like cisco PIX --- Hello out there ! Does anyone know if there is a possibility to debug traffic which passes the FW-1 ? On NT there is no TCPDUMP !!! On cisco PIX it is possible to capture and analyse every packet which passes. Thanks in advance Arno ============================================================================ ====      To unsubscribe from this mailing list, please see the instructions at                http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================      To unsubscribe from this mailing list, please see the instructions at                http://www.checkpoint.com/services/mailing.html ================================================================================