Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Active connections

To: [email protected]
Subject: Re: [FW1] Active connections
From: Ed Rolison <[email protected]>
Date: Thu, 8 Mar 2001 10:11:58 +0000 (GMT)
Reply-to: Ed Rolison <[email protected]>
Sender: [email protected]


>Hi everybody,
>
>Is there any checkpoint command which can give me the active connections 
>as well as the type of these connections. For example are they http, ftp, 
>ssl, smtp etc..
>Is look like that  ./fw tab -s connections -t  command is giving only 
>virtual connections

the connections table contains every connection that the firewall is aware of.
It does time out entrys on seeing a FIN packet, and if the timeout on the 
connection is reached (3600 by default) without any data.

fw tab -t connections -u will print out the full table.
It is all in hex, so a little unfriendly to read, but I run it through the 
lovely fwtable perl script:

http://www.enteract.com/~lspitz/fwtable.txt

And you'll get a nice long list of each and every connection. 
Usefully converted into dotted quad addresses, and numeric timeout indicators.

I'm not quite sure what you mean by 'virtual' connections, but this appears to 
produce a pretty comprehensive list.


--
Ed Rolison
Systems Admin
ER706-RIPE
[email protected]



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Too Many Internal Hosts
Next by Date: [FW1] Webtrends & Stonebeat
Previous by thread: RE: [FW1] Active connections
Next by thread: RE: [FW1] Active connections
Index(es):
- Date
- Thread