Filter
Top Products
System > Packet Monitor
148
SonicOS 5.8.1 Administrator Guide
To configure Packet Monitor display filter settings, complete the following steps:
Step 1 Navigate to the Dashboard > Packet Monitor page and click Configure.
Step 2 In the Packet Monitor Configuration window, click the Display Filter tab.
Step 3 In the Interface Name(s) box, type the SonicWALL appliance interfaces for which to display
packets, or use the negative format (!X0) to display packets captured from all interfaces except
those specified. You can specify up to ten interfaces separated by commas. Refer to the
Network > Interfaces screen in the management interface for the available interface names.
Step 4 In the Ether Type(s) box, enter the Ethernet types for which you want to display packets, or
use the negative format (!ARP) to display packets of all Ethernet types except those specified.
You can specify up to ten Ethernet types separated by commas. Currently, the following
Ethernet types are supported: ARP, IP, PPPoE-SES, and PPPoE-DIS. The latter two can be
specified by PPPoE alone. You can also use hexadecimal values to represent the Ethernet
types, or mix hex values with the standard representations; for example: ARP, 0x800, IP.
Normally you would only use hex values for Ethernet types that are not supported by acronym
in SonicOS Enhanced. See “Supported Packet Types” on page 162.
Step 5 In the IP Type(s) box, enter the IP packet types for which you want to display packets, or use
the negative format (!UDP) to display packets of all IP types except those specified. You can
specify up to ten IP types separated by commas. The following IP types are supported: TCP,
UDP, ICMP, GRE, IGMP, AH, ESP. You can also use hexadecimal values to represent the IP
types, or mix hex values with the standard representations; for example: TCP, 0x1, 0x6. See
“Supported Packet Types” on page 162. To display all IP types, leave blank.
Step 6 In the Source IP Address(es) box, type the IP addresses from which you want to display
packets, or use the negative format (!10.1.2.3) to display packets captured from all source
addresses except those specified.