Have you ever taken a wireshark capture, found the packets that you need to find, and wonder how to block that at your firewall? Wireshark does make this easy for you, if you know where to go. In my example, I select the packet I dont want, and go to Tools --> Firewall ACL Rules and it will show you what you should type in for your ACL for denying traffic. See the screenshot below. Play around with it if you are the firewall admin. It can help you out.
This is the retired Shane Killen personal blog, an IT technical blog about configs and topics related to the Network and Security Engineer working with Cisco, Brocade, Check Point, and Palo Alto and Sonicwall. I hope this blog serves you well. -- May The Lord bless you and keep you. May He shine His face upon you, and bring you peace.
Monday, December 22, 2014
Wireshark: Firewall ACL Rule Help
Subscribe to: Post Comments (Atom)
That´s a pretty cool feature I didn´t knew yet! Thanks for posting!ReplyDelete