This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

live monitoring of ping traffic

I'm coming from a Cisco ASA background and am finding the monitoring/logging on the UTM to be a bit difficult. On the ASA I could look a the syslog and see live monitoring of ALL traffic. Then filter accordingly.

The specific thing I'm looking for now is the ability to monitor pings (ICMP). Being as you have to set up ping in the firewall rules I'd think the firewall live log would be the place to look. Well I must be thinking wrong because it is showing neither successful nor non-successful ping traveling from the LAN to the WAN.

I've found that if I search the firewall log, using the search log files tab I can see ping info, but I need to see it live to perform debugging.

Can someone provide me some direction please?



This thread was automatically locked due to age.
Parents
  • Another approach would be tcpdump at the command line:

    tcpdump -ni eth0 icmp

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bob,


    I logged in as loginuser and ran this command at the prompt

    <M>loginuser@x:/home/login >tcpdump -ni eth0 icmp

    -bash: tcpdump: command not found

    tried

    usr/sbin/tcpdump -ni eth0 icmp

    directory not found

    I was sure tcpdump was pre-installed on 9.403-4, what am I missing?

Reply
  • Bob,


    I logged in as loginuser and ran this command at the prompt

    <M>loginuser@x:/home/login >tcpdump -ni eth0 icmp

    -bash: tcpdump: command not found

    tried

    usr/sbin/tcpdump -ni eth0 icmp

    directory not found

    I was sure tcpdump was pre-installed on 9.403-4, what am I missing?

Children