I understand how to merge two capture files together with wireshak (aka ethereal).
I would like to take this one step further. Let say if I have a clusterXL with 5 firewalls together in a single cluster, I guess I would have to run tcpdump on ALL firewall and try to piece together the flow of the connection. Is that correct? Man, this would be a pain. Now that I think about this some more, Active/Standy is much easier to troubleshoot and maintain. Thanks. Tom Louis <[EMAIL PROTECTED]> wrote: With Ethereal you can merge two capture files, so I would do a dump or fw monitor on both firewalls and capture the traffic, open one file and then merge the second file, they should align up. I have never actually done what you are wanting but it should work. I know Ethereal has the options for merging files. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= --------------------------------- Yahoo! oneSearch: Finally, mobile search that gives answers, not web links. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
