CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 5 of 5

Thread: FW Monitor Interface

  1. #1
    Join Date
    2005-12-01
    Location
    Maryland
    Posts
    11
    Rep Power
    0

    Default FW Monitor Interface

    I love the FW Monitor tool, and use it quite a bit, but there's one thing I haven't figured out how to do that I would really like, monitor a specific interface.

    This is easy to do with TCPDump, ie: tcpdump -i eth9

    Does anyone know a way to monitor a single (or multiple) interface(s) with FW Monitor?

    I could monitor pre-inbound/Inbound, then possibly grep out the results, or filter in Wireshark, but was hoping for a way to do this at the command line.

  2. #2
    Join Date
    2006-02-09
    Location
    Charleston, SC
    Posts
    1,172
    Rep Power
    16

    Default Re: FW Monitor Interface

    just search for fw monitor in google - first link points back to a word doc on this site

    fw monitor cheat sheet - Google Search
    There's no place like 127.0.0.1

  3. #3
    Join Date
    2008-07-31
    Location
    Netherlands, Europe
    Posts
    1,147
    Rep Power
    13

    Default Re: FW Monitor Interface

    And adding this one in will show you how to make Wireshark show the interfaces and colorizes i I o O for you.
    Regards, Maarten.
    Triple MDS on R77.30, MDS on R80.10, VSX, GAIA.

  4. #4
    Join Date
    2006-02-09
    Location
    Charleston, SC
    Posts
    1,172
    Rep Power
    16

    Default Re: FW Monitor Interface

    Quote Originally Posted by msjouw View Post
    And adding this one in will show you how to make Wireshark show the interfaces and colorizes i I o O for you.
    Good one! I forgot about that post.
    There's no place like 127.0.0.1

  5. #5
    Join Date
    2006-04-30
    Location
    Europe, Germany
    Posts
    433
    Rep Power
    14

    Default Re: FW Monitor Interface

    Dr. Matthias Leu, from aerasec has a really nice wrapper script for fwmonitor on his public ftp server.

    I don't publish the exact URL since I'm not the owner, but you can get the url with just a view nslookups ;)

Similar Threads

  1. cluster works on one interface, but fails on another interface
    By shmilyh in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2009-08-20, 02:22
  2. "fw monitor" Warning: External Interface not found
    By r4tze in forum Miscellaneous
    Replies: 16
    Last Post: 2009-04-27, 06:05
  3. Interface state unknown using fw monitor
    By stefanjuon@yahoo.com in forum Miscellaneous
    Replies: 1
    Last Post: 2008-03-07, 06:37
  4. QoS-Smartview Monitor - QoS Interface not defined
    By detsh in forum SmartView Monitor
    Replies: 0
    Last Post: 2008-01-28, 07:26
  5. Use "fw monitor" to monitor traffic from 1 host.
    By Wutkung in forum Miscellaneous
    Replies: 2
    Last Post: 2007-01-17, 06:31

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •