You are troubleshooting a HTTP connection problem. You’ve started fw monitor -o http.pcap. When
you open http. cap with Wire shark there is only one line. What is the most likely reason?
A.
fw monitor was restricted to the wrong interface.
B.
Like Smart View Tracker only the first packet of a connection will be captured by fw monitor.
C.
By default only SYN pakets are captured.
D.
Acceleration was turned on and therefore fw monitor sees only SYN.