Support User Manuals

SonicWALL 5.8.1 Microscope & Magnifier User Manual

Open as PDF

of 1490

System > Packet Monitor

146

SonicOS 5.8.1 Administrator Guide

Step 2 In the Packet Monitor Configuration window, click the Monitor Filter tab.

Step 3 Choose to Enable filter based on the firewall/app rule if you are using firewall rules to

capture specific traffic.

Note Before the Enable filter based on the firewall/app rule option is selected, be certain you

have selected one or more access rules on which to monitor packet traffic. This

configuration is done from either the Firewall Settings > Access Rules page or the

Dashboard > App Flow Mintor page.

On the F

irewall Settings > Access Rules page, click on the edit icon for the Access Rule

on which you want to enable monitoring, and select the Enable packet monitor option.

On the Dashboard

> App Flow Mintor page, select the item on which you want to enable

monitoring, click Create Rule, then select Packet Monitor and click Create Rule.

Step 4 Specify how Packet Monitor will filter packets using these options:

• Interface Name(s) - You can specify up to ten interfaces separated by commas. Refer to

the Network > Interfaces screen in the management interface for the available interface

names. You can use a negative value to configure all interfaces except the one(s) specified;

for example: !X0, or !LAN.

• Ether Type(s) - You can specify up to ten Ethernet types separated by commas. Currently,

the following Ethernet types are supported: ARP, IP, PPPoE-SES, and PPPoE-DIS. The

latter two can be specified by PPPoE alone. This option is not case-sensitive. For example,

to capture all supported types, you could enter: ARP, IP, PPPOE. You can use one or more

negative values to capture all Ethernet types except those specified; for example: !ARP,

!PPPoE. You can also use hexadecimal values to represent the Ethernet types, or mix hex

values with the standard representations; for example: ARP, 0x800, IP. Normally you would

only use hex values for Ethernet types that are not supported by acronym in SonicOS

Enhanced. See “Supported Packet Types” on page 162.

• IP Type(s) - You can specify up to ten IP types separated by commas. The following IP

types are supported: TCP, UDP, ICMP, GRE, IGMP, AH, ESP. This option is not case-

sensitive. You can use one or more negative values to capture all IP types except those

previous next