CPUG

The Check Point User Group

A Resource For The Check Point Community.  Fast.  Useful.  Independent.

1. CCSA or CCSE One-Week Certification Training Courses with CPUG in Beautiful San Francisco!
    R70 CCSA Courses Starting (2010) 6/7, 7/12, 8/9, 10/11, 11/8, 12/6.  R70 CCSE Courses Starting (2010) 8/16.
2. CPUG CON 2010 EUROPE, the User Conference in Switzerland, September 20th-22nd, 2010!
3. Join Our CPUG Groups On LinkedIn and Facebook.  See Our Channel on YouTube.


Go Back   CPUG: The Check Point User Group > Check Point Firewall-1/VPN-1 Platforms > Nortel ASF/NSF
Traffic Capture Traffic Capture
Register Projects FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 2009-08-05
Member
  
Join Date: 2006-04-19
Posts: 35
Rep Power: 0
luisrocha has an average reputation (10+)
Default Traffic Capture
Hi to all,

Hi have 2 Directors 5016-NE1 and 2 Accelarators 6416, i need to capture traffic using tcpdump, fwmonitor whathever, can someone help me.

I have shutdown 1 director and 1 accelerator to force the traffic going to only one director. I access the serial port via root and run a tcpdump and a fwmonitor but cannot see all the traffic (I now this beacause i have a pc connected to a port mirror).

Additionaly i have disable fwaccell and run it again without success.

Question, when I need to capture traffic, it must be on the Director or on the Accelarator ? I think is in the Director right ?

Regards,
LR
Reply With Quote
  #2 (permalink)  
Old 2009-08-25
Junior Member
  
Join Date: 2007-03-08
Posts: 7
Rep Power: 0
mohankumar has an average reputation (10+)
Default Re: Traffic Capture
Hi,

You can use following example for capturing info :

Login as root and run the following commands:

For any particular port :

ascpature -f "port 4404" -p 1
-f is filter and -p is physical port on accelerator.

ascpature -f "host 4.2.2.2" -p 1

Fwmonitor :

fw monitor -e 'accept ((src=192.168.1.100));'
Reply With Quote
  #3 (permalink)  
Old 2009-08-25
Junior Member
  
Join Date: 2007-03-08
Posts: 7
Rep Power: 0
mohankumar has an average reputation (10+)
Default Re: Traffic Capture
tcpdump sometime doesn't work here
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -7. The time now is 23:47.

Contact Us - CPUG Home Page - Archive - Top

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.5.1