Community discussions

 
halimzhz
just joined
Topic Author
Posts: 24
Joined: Fri Jun 09, 2017 2:38 am
Location: Malaysia
Contact:

How Packet Sniffer Works

Sat Sep 15, 2018 10:39 pm

Dear all,

I'm sorry and i'm a newbie on firewall, please correct me if i'm wrong, what i understand the Packet Sniffer option on Mikrotik is any streaming before get thru the firewall rules, is possible to collect the streaming after the firewall rules ?

Please help. TQ
 
User avatar
CZFan
Forum Veteran
Forum Veteran
Posts: 966
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:00 am

It will capture the packets as it enters the interface
MTCNA, MTCTCE, MTCRE & MTCINE
 
halimzhz
just joined
Topic Author
Posts: 24
Joined: Fri Jun 09, 2017 2:38 am
Location: Malaysia
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:38 am

Hi,

Thank you for the answer, but is it possible to capture the packet after the Mikrotik firewall rules ?

Thank you
 
User avatar
CZFan
Forum Veteran
Forum Veteran
Posts: 966
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:41 am

Gnever looked into that, but suspect not
MTCNA, MTCTCE, MTCRE & MTCINE
 
halimzhz
just joined
Topic Author
Posts: 24
Joined: Fri Jun 09, 2017 2:38 am
Location: Malaysia
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:56 am

Hi,

Actually i'm running Mikrotik Packet Sniffer to my Suricata and the problem i keep receiving same packet from same ip eventhough the ip has been blocked on Mikrotik firewall, so that make Suricata are so busy and too much delay to send trigger back to Mikrotik, any advice please ?

Thank you so much
 
User avatar
CZFan
Forum Veteran
Forum Veteran
Posts: 966
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:41 pm

If you capture the packets on the outgoing interface in direction tx, it will be after firewall processing.
MTCNA, MTCTCE, MTCRE & MTCINE
 
halimzhz
just joined
Topic Author
Posts: 24
Joined: Fri Jun 09, 2017 2:38 am
Location: Malaysia
Contact:

Re: How Packet Sniffer Works

Sun Sep 16, 2018 1:50 pm

Dear Sir,

That great, but how to capture after the firewall process, anything can be done from terminal command line ?

TQ

Who is online

Users browsing this forum: No registered users and 12 guests