I don't recommend doing this "fwaccel off" on a production firewall the performance impact can be noticeable. I would always recommend disabling SecureXL selectively for the IP addresses you want to capture ahead of time, then you can use tcpdump and/or fw monitor to see all inbound and outbound traffic:
sk104468: How to disable SecureXL for specific IP addresses
Or if necessary, I look at the utilization of the gateway and decide accordingly.
How do you do that?