Multi-blade Traffic Capture (tcpdump)
Description
Use the "tcpdump
" commands in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group. to capture and show traffic that is sent and received by Security Group A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. Members in the Security Group.
These commands are enhancements to the standard tcpdump
utility:
Command |
Description |
---|---|
|
Saves packets from specified Security Group Members to a capture file. |
|
Shows packets from the specified capture file, including the Security Group Member ID. |
|
Note - Use the " |
Syntax
|
|
|
Note - To stop the capture and save the data to the capture file, press CTRL+C at the prompt. |
Parameters
Parameter |
Description |
---|---|
|
Applies to Security Group Members as specified by the
|
|
Saves the captured packets at the specified path in a file with the specified the name. This output file contains captured packets from all specified Security Group Members. In the same directory, the command saves additional output files for each Security Group Member. The names of these additional files are: Example:
|
|
Reads the captured packets (in the |
|
Standard See the |
Examples
Clarification about this output:
|
|
|