The NetScreens also include the snoop command for watching packets at the firewall interfaces.

This command will not give the detailed information about the action the firewall takes on the
packet that flow debug will.

To see the help for snoop, use the following command:

<code>ns500> snoop ?</code>

Update from netscreen on Snoop..

Snoop is a powerful troubleshooting tool that gives the user the

ability to view packet information from layer-2 to layer-4 as it comes
into and out of the NetScreen interfaces. Here is the typical procedure
when using snoop:

set the NetScreen to send snoop output to the dbug buffer (it is on by
default)snoop

set console dbuf [Enter]

Create and verify the desired snoop filters

snoop <options>

Clear the debug buffer

clear dbuf [Enter]

Enable snoop

snoop [Enter]
Start Snoop, type ESC or 'snoop off' to stop, continue? [y]/n *y*

After testing, disable snoop

snoop off [Enter]

usefull commands

Snoop info - show filters and snoop status

snoop filter delete - Clears filters

example filter command

snoop filter ip src-ip 172.25.65.135 dst-ip 172.25.78.189 direction both

(this filters IP packets between src and dst IP in Both directions)