Firewall

Permit source IP 192.168.1.1 to communicate with destination IP 10.0.0.1 over TCP port 1000.

To test the rule, issue the following hping2 command: hping2 -a 192.168.1.1 10.0.0.1 -p 1000

At the same time, log into the firewall and run the following commands (example using a Solaris firewall with internal network interface hme0 and external network interface qfe0):

In window 1: snoop -d hme0 host 192.168.1.1 port 1000 -- or -- tcpdump -i hme0 host 192.168.1.1 and port 1000

In window 2: snoop -d qfe0 host 10.0.0.1 port 1000 -- or -- tcpdump -i qfe0 host 10.0.0.1 and port 1000