Thread: Packet capture in Firewall Logs?
View Single Post
  #5 (permalink)  
Old 2006-09-26
jchrisos jchrisos is offline
Junior Member
  
Join Date: 2006-09-26
Posts: 18
Rep Power: 0
jchrisos has an average reputation (10+)
Default Re: Packet capture in Firewall Logs?
Quote:
Originally Posted by david View Post
fw monitor is a command line utility.
are you wanting to open a capture file to view in smartracker? this is not possible.

you can use tcpdump & redirect the output to a file, then open with a tool such as ethereal to view/analyse 'offline'
I was looking more for packet(s) related to an event that was dropped and thus shows up in my logs.

For example, lets say I deny outbound http access and log the drops. Then a user went to www.google.com. I would like to be able to see the actual packet of the http fetch to www.google.com from this user.

Is that possible?

Thanks for the reply btw.
Reply With Quote