SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
System > Packet Monitor
140
SonicOS 5.8.1 Administrator Guide
Interface identification
MAC addresses
Ethernet type
Internet Protocol (IP) type
Source and destination IP addresses
Port numbers
L2TP payload details
PPP negotiations details
You can configure the packet monitor feature
in the SonicOS Enhanced management interface.
The management interface provides a way to configure the monitor criteria, display settings,
mirror settings, and file export settings, and displays the captured packets.
Benefits of Packet Monitor
The SonicOS Enhanced packet monitor feature provides the functionality and flexibility that you
need to examine network traffic without the use of external utilities, such as Wireshark (formerly
known as Ethereal). Packet monitor includes the following features:
Control mechanism with improved granularity for custom filtering (Monitor Filter)
Display filter settings independent from monitor filter settings
Packet status indicates if the packet was dropped, forwarded, generated, or consumed by
the firewall
Three-window output in the management interface:
List of packets
Decoded output of selected packet
Hexadecimal dump of selected packet
Export capabilities include text or HTML format with hex dump of packets, plus CAP file
format
Automatic export to FTP server when the buffer is full
Bidirectional packet monitor based on IP address and port
Configurable wrap-around of packet monitor buffer when full
How Does Packet Monitor Work?
As an administrator, you can configure the general settings, monitor filter, display filter,
advanced filter settings, and FTP settings of the packet monitor tool. As network packets enter
the packet monitor subsystem, the monitor filter settings are applied and the resulting packets
are written to the capture buffer. The display filter settings are applied as you view the buffer
contents in the management interface. You can log the capture buffer to view in the
management interface, or you can configure automatic transfer to the FTP server when the
buffer is full.
 previous next