Wireshark · Wireshark-users: Re: [Wireshark-users] Cisco FWSM Capture Dump

Wireshark-users: Re: [Wireshark-users] Cisco FWSM Capture Dump

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Fri, 7 Aug 2009 10:19:27 -0700


On Aug 7, 2009, at 10:08 AM, Robert D. Scott wrote:

Here is a 3 step tcp handshake from the fwsm:
  9: 12:11:00.692669814 802.1Q vlan#1202 P0 10.227.212.114.3709 >
10.19.1.125.80: S 3444274164:3444274164(0) win 65535 <mss1460,nop,wscale
7,nop,nop,timestamp 0 0,nop,nop,sackOK>
0x0000 4500 0040 f143 4000 7e06 208f 0ae3 d472[email protected]@.~. ....r0x0010 0a13 017d 0e7d 0050 cd4b 73f4 00000000 ...}.}.P.Ks.....0x0020 b002 ffff fb07 0000 0204 05b4 01030307 ................0x0030 0101 080a 0000 0000 0000 0000 01010402 ................


That looks like tcpdump output; is that output generated by the FWSM?

If so, there might also be an option to make it generate a pcap-formatfile.

Follow-Ups:
- Re: [Wireshark-users] Cisco FWSM Capture Dump
  - From: Robert D. Scott

References:
- [Wireshark-users] Cisco FWSM Capture Dump
  - From: Robert D. Scott

Prev by Date: [Wireshark-users] Cisco FWSM Capture Dump
Next by Date: Re: [Wireshark-users] Cisco FWSM Capture Dump
Previous by thread: [Wireshark-users] Cisco FWSM Capture Dump
Next by thread: Re: [Wireshark-users] Cisco FWSM Capture Dump
Index(es):
- Date
- Thread