This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
dj0Nz
Advisor
‎2019-09-20 06:27 AM

fw monitor and cppcap on VSX R80.20 (JHF 91)

I just want to share my findings on fw monitor and cppcap on a VSX R80.20 JHF 91 environment:

  • fw monitor just segfaults if I use the -v <VSID> switch
  • fw monitor just ignores the VS context if running without -v switch and captures packets in all VS
  • cppcap does not work in VSX R80.20 JHF 91 with acceleration enabled, I had to do a fwaccel off in the specific VS to capture traffic

I may be wrong. But if not, some documents should be corrected, including Heiko's excellent cheat sheet... 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2019-09-22 09:01 AM

The first and third issues might be worth TAC cases.
0 Kudos
Danny
Champion Champion
Champion
‎2019-09-22 12:18 PM

@dj0Nz , this is all known. See..

  1. Documented in sk162402
  2. Documented in sk159152, either use the -F switch with simple capture syntax or disable SecureXL (for specific IPs if you like) before using -e
  3. Documented here
0 Kudos
dj0Nz
Advisor
‎2019-09-22 11:54 PM
In response to Danny

Thank you very much.

This would have helped a lot ... if sk162402 has been released earlier. Concerning the third topic: I would expect Check Point to include this in the official documentation, when it's certain that cppcap won't work with acceleration on. 

But, again, thank you for clarifying!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events