What is Packet Capture? - SonicWALL
What is Packet Capture? - SonicWALL
What is Packet Capture? - SonicWALL
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Using <strong>Packet</strong> <strong>Capture</strong><br />
The status field shows the state of the packet with respect to the firewall. A packet can be dropped,<br />
generated, consumed or forwarded by the <strong>SonicWALL</strong> appliance. You can position the mouse pointer<br />
over dropped or consumed packets to show the following information.<br />
<strong>Packet</strong> status D<strong>is</strong>played value Definition of d<strong>is</strong>played value<br />
Dropped Module-ID = Value for the protocol subsystem ID<br />
Drop-code = Reason for dropping the packet<br />
Reference-ID: <strong>SonicWALL</strong>-specific data<br />
Consumed Module-ID = Value for the protocol subsystem ID<br />
• Length [Actual] - Length value <strong>is</strong> the number of bytes captured in the buffer for th<strong>is</strong> packet. Actual<br />
value, in brackets, <strong>is</strong> the number of bytes transmitted in the packet.<br />
You can configure the number of bytes to capture. See “Configuring General Settings” on page 10.<br />
About the <strong>Packet</strong> Detail Window<br />
When you click on a packet in the <strong>Capture</strong>d <strong>Packet</strong>s window, the packet header fields are d<strong>is</strong>played in the<br />
<strong>Packet</strong> Detail window. The d<strong>is</strong>play will vary depending on the type of packet that you select.<br />
Figure 4<br />
<strong>Packet</strong> Detail Window d<strong>is</strong>playing ARP packet<br />
Figure 5<br />
<strong>Packet</strong> <strong>Capture</strong> Detail Window D<strong>is</strong>playing IP <strong>Packet</strong><br />
8 SonicOS Enhanced <strong>Packet</strong> <strong>Capture</strong>
Change language