CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 5 of 5

Thread: FW Monitor Interface

  1. #1
    Join Date
    2005-12-01
    Location
    Maryland
    Posts
    11
    Rep Power
    0

    Default FW Monitor Interface

    I love the FW Monitor tool, and use it quite a bit, but there's one thing I haven't figured out how to do that I would really like, monitor a specific interface.

    This is easy to do with TCPDump, ie: tcpdump -i eth9

    Does anyone know a way to monitor a single (or multiple) interface(s) with FW Monitor?

    I could monitor pre-inbound/Inbound, then possibly grep out the results, or filter in Wireshark, but was hoping for a way to do this at the command line.

  2. #2
    Join Date
    2006-02-09
    Location
    Charleston, SC
    Posts
    1,172
    Rep Power
    15

    Default Re: FW Monitor Interface

    just search for fw monitor in google - first link points back to a word doc on this site

    fw monitor cheat sheet - Google Search
    There's no place like 127.0.0.1

  3. #3
    Join Date
    2008-07-31
    Location
    Netherlands, Europe
    Posts
    1,146
    Rep Power
    13

    Default Re: FW Monitor Interface

    And adding this one in will show you how to make Wireshark show the interfaces and colorizes i I o O for you.
    Regards, Maarten.
    Triple MDS on R77.30, MDS on R80.10, VSX, GAIA.

  4. #4
    Join Date
    2006-02-09
    Location
    Charleston, SC
    Posts
    1,172
    Rep Power
    15

    Default Re: FW Monitor Interface

    Quote Originally Posted by msjouw View Post
    And adding this one in will show you how to make Wireshark show the interfaces and colorizes i I o O for you.
    Good one! I forgot about that post.
    There's no place like 127.0.0.1

  5. #5
    Join Date
    2006-04-30
    Location
    Europe, Germany
    Posts
    433
    Rep Power
    14

    Default Re: FW Monitor Interface

    Dr. Matthias Leu, from aerasec has a really nice wrapper script for fwmonitor on his public ftp server.

    I don't publish the exact URL since I'm not the owner, but you can get the url with just a view nslookups ;)

Similar Threads

  1. cluster works on one interface, but fails on another interface
    By shmilyh in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2009-08-20, 02:22
  2. "fw monitor" Warning: External Interface not found
    By r4tze in forum Miscellaneous
    Replies: 16
    Last Post: 2009-04-27, 06:05
  3. Interface state unknown using fw monitor
    By stefanjuon@yahoo.com in forum Miscellaneous
    Replies: 1
    Last Post: 2008-03-07, 06:37
  4. QoS-Smartview Monitor - QoS Interface not defined
    By detsh in forum SmartView Monitor
    Replies: 0
    Last Post: 2008-01-28, 07:26
  5. Use "fw monitor" to monitor traffic from 1 host.
    By Wutkung in forum Miscellaneous
    Replies: 2
    Last Post: 2007-01-17, 06:31

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •