Such an amount of packets can severely influence performance. These are synchronization packets that are sent between two firewalls working in a cluster, updating session tables between the firewalls. We see more than 200,000 checkpoint high availability ( CPHA) packets, 74.7% of which are sent over the network we monitored.If IPv6 and DHCPv6 are not required, disable it. In this file example, we can see two interesting issues: That is why you see a zero count for Ethernet, IPv4, and UDP end packets there are no frames where those protocols are the last protocol in the frame. These can be TCP packets with no payload (for example, SYN packets) which carry upper layer protocols. Last, see if you can get in touch with any of the ex-developers from that company, or other customers of that software and see if they can help if you can find any of them, maybe they know of other customers or have a support forum or other admins that are running the software that can get into a mailing list to help each other out.The end columns counts when the protocol is the last protocol in the packet (that is, when the protocol comes at the end of the frame). If it is on Linux (or some Windows machines) you can look in the config files to see if they have a port specified. Or scan it from behind your firewall if you're not running a software firewall. Or you can drop the firewall temporarily and run NMap against the server, scanning all ports, to see what's open. Use the man page to see if further options (such as what the program command line is for each listened port) can help you narrow it down. On the server, you can try running netstat or a similar program depending on your OS that will tell you what ports are being listened to. Are you using Linux? If so, as others mentioned, you access the data using wireshark/tcpdump, filtered for the IP, while using that software.
0 kommentar(er)
