TCP streams and FW-1

[Hugo van der Kooij <hugo.van.der.kooij () qi nl>]

Hi,

I find the way that wireshark can handle TCP streams very usefull.

However I work a lot with `fw monitor` capture files and then I find that TCP stream are harder to distinguish.

Is there a way to add the TCP stream logic with the details you can get in regard to the FW-1 details that are hidden 
in the layer-2 details?

For now I determine the interfaces in use by hand and then split the single `fw monitor` into 4 files.

Would it be possible to combine the "follow TCP stream" option with following only the relevant measuring point in the 
Check Point firewall?


Regards,
Hugo

Met vriendelijke groet,
With kind regards,

Hugo van der Kooij
support engineer

Qi ict

Delftechpark 35-37
Postbus 402, 2600 AK Delft


T : +31 15 888 0 345
F : +31 15 888 0 445
E : mailto:hugo.van.der.kooij () qi nl
I : http://www.qi.nl

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe