Ethereal-users: Re: [Ethereal-users] Help with tcp dump

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "jon baer" <ethereal@xxxxxxxxxxx>
Date: Fri, 7 Nov 2003 13:54:11 -0500
not sure if it will do what you need but mergecap them both with -v to see
what happens:

mergecap -v -F libpcap -T ether -w merge.cap cap1.cap cap2.cap

otherwise you can take a specific packet you know should be in both
captures, write a snort rule and reverse it through snort.

- jon

----- Original Message -----
From: "Marlovits, John [JM1]" <JM1@xxxxxxxxxxxx>
To: <ethereal-users@xxxxxxxxxxxx>
Sent: Friday, November 07, 2003 1:00 PM
Subject: [Ethereal-users] Help with tcp dump


I'm having a problem with a SSL vpn and I think my firewall is dropping
some packets and causing it to not work.  I have tcp dumps from both
interfaces of my firewall, and I want to compare them to see what if
anything is not being passed.  Will ethereal do this for me, if not can
someone direct me to something that will help?

Thanks
John

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users