Filter
Top Products
System > Packet Monitor
147
SonicOS 5.8.1 Administrator Guide
specified; for example: !TCP, !UDP. You can also use hexadecimal values to represent the
IP types, or mix hex values with the standard representations; for example: TCP, 0x1, 0x6.
See “Supported Packet Types” on page 162.
• Source IP Address(es) - You can specify up to ten IP addresses separated by commas;
for example: 10.1.1.1, 192.2.2.2. You can use one or more negative values to capture
packets from all but the specified addresses; for example: !10.3.3.3, !10.4.4.4.
• Source Port(s) - You can specify up to ten TCP or UDP port numbers separated by
commas; for example: 20, 21, 22, 25. You can use one or more negative values to capture
packets from all but the specified ports; for example: !80, !8080.
• Destination IP Address(es) - You can specify up to ten IP addresses separated by
commas; for example: 10.1.1.1, 192.2.2.2. You can use one or more negative values to
capture packets destined for all but the specified addresses; for example: !10.3.3.3,
!10.4.4.4.
• Destination Port(s) - You can specify up to ten TCP or UDP port numbers separated by
commas; for example: 20, 21, 22, 25. You can use one or more negative values to capture
packets destined for all but the specified ports; for example: !80, !8080.
• Bidirectional Address and Port Matching - When this option is selected, IP addresses
and ports specified in the Source or Destination fields on this page will be matched against
both the source and destination fields in each packet.
• Forwarded packets only - Select this option to monitor any packets which are forwarded
by the firewall.
• Consumed packets only - Select this option to monitor all packets which are consumed
by internal sources within the firewall.
• Dropped packets only - Select this option to monitor all packets which are dropped at the
perimeter.
Note If a field is left blank, no filtering is done on that field. Packets are captured or mirrored
without regard to the value contained in that field of their headers.
Step 5 To save your settings and exit the configuration window, click OK.
Configuring Display Filter Settings
This section describes how to configure packet monitor display filter settings. The values that
you provide here are compared to corresponding fields in the captured packets, and only those
packets that match are displayed. These settings apply only to the display of captured packets
on the management interface, and do not affect packet mirroring.
Note If a field is left blank, no filtering is done on that field. Packets are displayed without regard
to the value contained in that field of their headers.