The NetScreens also include the snoop command for watching packets at the firewall interfaces.

This command will not give the detailed information about the action the firewall takes on the packet that flow debug will. To see the help for snoop, use the following command: <code>ns500> snoop ?</code> Update from netscreen on Snoop.. Snoop is a powerful troubleshooting tool that gives the user the ability to view packet information from layer-2 to layer-4 as it comes into and out of the NetScreen interfaces. Here is the typical procedure when using snoop: set the NetScreen to send snoop output to the dbug buffer (it is on by default)snoop set console dbuf [Enter] Create and verify the desired snoop filters snoop <options> Clear the debug buffer clear dbuf [Enter] Enable snoop snoop [Enter] Start Snoop, type ESC or 'snoop off' to stop, continue? [y]/n *y* After testing, disable snoop snoop off [Enter] usefull commands Snoop info - show filters and snoop status snoop filter delete - Clears filters example filter command snoop filter ip src-ip dst-ip direction both (this filters IP packets between src and dst IP in Both directions)