Fortinet FortiMail-100 Install Manual page 167

Testing the installation
FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide
Revision 2
http://docs.fortinet.com/ • Feedback
5 When you have captured all packets that you want to analyze, press Ctrl + C to stop
the capture.
6 Go to Transfer > Capture Text > Stop to stop and save the file.
7 Convert this plain text file to a format recognizable by your network protocol analyzer
application.
You can convert the plain text file to a format (.pcap) recognizable by Wireshark
(formerly called Ethereal) using the fgt2eth.pl Perl script. To download fgt2eth.pl, see
the Fortinet Knowledge Center article
Note: The fgt2eth.pl script is provided as-is, without any implied warranty or technical
support, and requires that you first install a Perl module compatible with your operating
system, such as ActivePerl (http://www.activestate.com/Products/activeperl/index.mhtml).
To use fgt2eth.pl on Windows XP, go to Start > Run and enter cmd to open a DOS
prompt, then enter a command such as the following:
fgt2eth.pl -in fortimail_sniff.txt -out fortimail_sniff.pcap
where:
• fgt2eth.pl is the name of the conversion script; include the path relative to the
current directory, which is indicated by the command prompt
• FortiMail_sniff.txt is the name of the packet capture's output file; include the
directory path relative to your current directory
• FortiMail_sniff.pcap is the name of the conversion script's output file; include
the directory path relative to your current directory where you want the converted
output to be saved
Figure 57: Converting sniffer output to .pcap format
8 Open the converted file in your network protocol analyzer application. For further
instructions, see the documentation for that application.
Using the FortiOS built-in packet
Troubleshooting tools
sniffer.
167