Ethereal

Re: [Ethereal-users] Help with tcp dump
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: November 2003

 

not sure if it will do what you need but mergecap them both with -v to see
what happens:

mergecap -v -F libpcap -T ether -w merge.cap cap1.cap cap2.cap

otherwise you can take a specific packet you know should be in both
captures, write a snort rule and reverse it through snort.

- jon

----- Original Message -----
From: "Marlovits, John [JM1]" <JM1@xxxxxxxxxxxx>
To: <ethereal-users@xxxxxxxxxxxx>
Sent: Friday, November 07, 2003 1:00 PM
Subject: [Ethereal-users] Help with tcp dump


I'm having a problem with a SSL vpn and I think my firewall is dropping
some packets and causing it to not work.  I have tcp dumps from both
interfaces of my firewall, and I want to compare them to see what if
anything is not being passed.  Will ethereal do this for me, if not can
someone direct me to something that will help?

Thanks
John

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.