Checkpoint

Passage en mode admin

expert

Capture de flux via tcpdump

tcpdump -v -nni any "host <IP_host>"

Capture de flux via fw monitor

fw monitor -F ”{src IP}, {src port}, {dst IP}, {dst port}, {protocol number}”

Example captureing ssl trafic on port 443.

fw monitor -F ”0, 0, 0, 443, 0”

Example capturing traffic from source ip

fw monitor -F ”10.10.10.10, 0, 0, 0, 0”