This page generates INSPECT filter code or a TCPDUMP filter expression from your input.
The main use for the INSPECT filter code is the fw monitor command, a built in packet logger (aka sniffer) on Checkpoint Firewall-1 with specific firewall functionality.

For an overview of the fw monitor command, check out 'How can I run a Packet Sniffer on the FireWall?', one of the FireWall-1 FAQ's at Phoneboy's excellent site.

For an overview on how to use this page and a brief INSPECT introduction, as well as more info on the use of the generated TCPDUMP filter expressions, please go to the howto.

For those who don't like to read:

• Fill in this form with the source and destination ip addresses and services you want to monitor
• Make sure the "Generate 'raw' INSPECT code" option is selected
• Make sure both the 'Save the output to a file' and 'Include reply packets' checkboxes are checked
• Copy the generated file to the bin directory of your firewall, cd to it and key-in the following command: