What is Packet Capture? - SonicWALL
03.05.2015 Views
Share Embed Flag

What is Packet Capture? - SonicWALL

What is Packet Capture? - SonicWALL

What is Packet Capture? - SonicWALL

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
software.sonicwall.com

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Using <strong>Packet</strong> <strong>Capture</strong><br />

Starting and Stopping <strong>Packet</strong> <strong>Capture</strong><br />

The <strong>Packet</strong> <strong>Capture</strong> screen has buttons for starting and stopping a packet capture. You can start a packet<br />

capture that uses default settings without configuring specific criteria for packet capture, d<strong>is</strong>play, FTP<br />

export, and other settings. If you start a default packet capture, the <strong>SonicWALL</strong> appliance will capture all<br />

packets except those for internal communication, and will stop when the buffer <strong>is</strong> full or when you click<br />

Stop.<br />

Starting <strong>Packet</strong> <strong>Capture</strong><br />

Step 1<br />

Step 2<br />

Step 3<br />

Step 4<br />

Navigate to the <strong>Packet</strong> <strong>Capture</strong> page in the UI.<br />

See “Accessing <strong>Packet</strong> <strong>Capture</strong> in the UI” on page 5.<br />

Under <strong>Packet</strong> <strong>Capture</strong>, optionally click Reset.<br />

The <strong>Packet</strong> <strong>Capture</strong> page d<strong>is</strong>plays several lines of stat<strong>is</strong>tics above the Start and Stop buttons. You can click<br />

Reset to set the stat<strong>is</strong>tics back to zero.<br />

Under <strong>Packet</strong> <strong>Capture</strong>, click Start.<br />

To refresh the packet d<strong>is</strong>play windows to show new buffer data, click Refresh.<br />

You can view the captured packets in the <strong>Capture</strong>d <strong>Packet</strong>s, <strong>Packet</strong> Detail, and Hex Dump sections of the<br />

screen. See “Viewing the <strong>Capture</strong>d <strong>Packet</strong>s” on page 6.<br />

Stopping <strong>Packet</strong> <strong>Capture</strong><br />

Step 1<br />

Step 2<br />

Navigate to the <strong>Packet</strong> <strong>Capture</strong> page in the UI.<br />

See “Accessing <strong>Packet</strong> <strong>Capture</strong> in the UI” on page 5.<br />

Under <strong>Packet</strong> <strong>Capture</strong>, click Stop.<br />

Viewing the <strong>Capture</strong>d <strong>Packet</strong>s<br />

The UI provides three windows to d<strong>is</strong>play different views of the captured packets. The following sections<br />

describe the viewing windows:<br />

• “About the <strong>Capture</strong>d <strong>Packet</strong>s Window” on page 6<br />

• “About the <strong>Packet</strong> Detail Window” on page 8<br />

• “About the Hex Dump Window” on page 9<br />

About the <strong>Capture</strong>d <strong>Packet</strong>s Window<br />

The <strong>Capture</strong>d <strong>Packet</strong>s window d<strong>is</strong>plays the following stat<strong>is</strong>tics about each packet:<br />

• # - The packet number relative to the start of the capture<br />

• Time - The date and time that the packet was captured<br />

• Ingress - The <strong>SonicWALL</strong> appliance interface on which the packet arrived <strong>is</strong> marked with an aster<strong>is</strong>k<br />

(*). The subsystem type abbreviation <strong>is</strong> shown in parentheses. Subsystem type abbreviations are defined<br />

in Table 1.<br />

6 SonicOS Enhanced <strong>Packet</strong> <strong>Capture</strong>

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!