[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] fw monitor / writing inspect filters
Has anybody got any decent documentation, or links to documents containing instructions or just basic syntax for writing 'INSPECT' filters? I'm desperately playing with the fw monitor command in an attempt to troubleshoot a VPN related problem. The only examples I have of filters are the following 2 I found on phoneboy. fw monitor -e '[9:1]=6, accept;' -l 100 -m iO -x 20 will display all TCP packets entering and leaving FireWall-1. Up to 80 bytes of TCP header and data will be displayed (assuming no IP Options are used) fw monitor -e 'accept;' -m iI will display all packets entering and exiting FireWall-1 in the inbound direction (i.e. before the OS routes the packet). Any help much appreciated. Cheers, Jonny Robertson Wellington, New Zealand ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|