Quote:
Originally Posted by Carsten  I have almost no experience with tcpdump on a firewall, I prefer fw monitor, you should give it a try as well, because it is meant especially for firewall packet filtering and it is superior to tcpdump for this purpose. http://www.cpug.org/check_point_reso...or_rev1_01.pdf |
I use fw mon and it's a great tool for understanding how packets traverse the firewall and troubleshooting. The trouble is i like to have the all the info on one line so i can apply filters to it like grep and awk
fw monitor splits this line into 2 so you see src dst IP on the first line and ports on the second. fine i guess for dumping the output into a reader like wireshark but its crap for Real time troubleshooting
havent figured out how to get it into one line if it can even be done?
will have to play with INSPECT