Ethereal-dev: Re: [Ethereal-dev] Flow graph functionality

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Jon Ringle <ml-ethereal@xxxxxxxxxx>
Date: Fri, 29 Apr 2005 11:45:17 -0400
On Friday 29 April 2005 11:24, John McDermott wrote:
> This is very cool!  I do not have my lab set up in a way I can test it
> right now due to a power supply that needs replacement :-(.  If I capture
> on a firewall or router, can the tcp graph be configured to show stuff
> like:
>     inside  inside-fw  outside-fw  outside
>       ---syn---->
>                         ------syn---->
>                         <-- syn ack---
>       <--syn ack--
>
> I'd like to use this in teaching firewalls.

I had to observe firewall's treatment of packets, and I set myself an 
environment like the following diagram. The Sniffer box, has 3 nic cards. I 
would run 3 instances of tethereal simultaneously to create capture files on 
each interface, then use mergecap to put them into one capture file.

Jon

.......................................
                                      .
  +----------+     +----+             .
  |   /  \   |     |    |             .
     /    \        |    |             .
    / x122 \  <--->|    |             . 
   /        \      |    |        +----+----+
  ------------     |Net |        |    |    |
  192.168.0.7      |Gear|        | Netgear |
                   |    |<------>|   NAT   |<--------\
  +----------+     |four|        |    |    |          |
  |   /  \   |     |port|        +----+----+          |
     /    \        |    |  192.168.0.1|172.16.101.11  |
    / x201 \  <--->|HUB |             .               |
   /        \      |    |             .               |
  ------------     |    |             .               |
  192.168.0.9      +----+             .               |
                     ^                .               |
.....................|.................               |
                     |                                V
                     |                             +-----+
        192.168.0.2  V           +--------+        |     |         ____
                   +---+         |   SIP  |        |     |        (    )
                   | S |         | Server |<------>|3COM |       (      )
                   | n |         |        |        |     |      (        )
                   | i |         +--------+        |eight|<--->( Internet )
                   | f |       172.16.101.10       |port |      (        )
                   | f |                           |     |       (      )
                   | e |                           | HUB |        (____)
                   | r |<------------------------->|     |
                   +---+  172.16.101.12            |     |
        192.168.5.2  ^                             +-----+
                     |                                ^
.....................|.................               |
                     V                .               |
  +----------+     +----+             .               |
  |   /  \   |     |    |             .               |
     /    \        |    |             .               |
    / x123 \  <--->|    |             .               |
   /        \      |    |        +----+----+          |
  ------------     |Net |        |    |    |          |
  192.168.5.5      |Gear|        | Netgear |          |
                   |    |<------>|   NAT   |<--------/
  +----------+     |four|        |    |    |         
  |   /  \   |     |port|        +----+----+         
     /    \        |    |  192.168.5.1|172.16.101.13
    / x202 \  <--->|HUB |             .              
   /        \      |    |             .              
  ------------     |    |             .              
  192.168.5.6      +----+             .              
                                      .              
.......................................