Filter
Top Products
System > Packet Monitor
156
SonicOS 5.8.1 Administrator Guide
Step 5 To stop the packet capture, click Stop Capture.
You can view the captured packets in the Captured
Packets, Packet Detail, and Hex Dump
sections of the screen. See “Viewing Captured Packets” on page 156.
Starting and Stopping Packet Mirror
You can start packet mirroring that uses your configured mirror settings by clicking Start
Mirror. It is not necessary to first configure specific criteria for display, logging, FTP export, and
other settings. Packet mirroring stops when you click Stop Mirror.
Step 1 Navigate to the Dashboard > Packet Monitor page.
Step 2 Under Packet Monitor, click Start Mirror to start mirroring packets according to your
configured settings.
Step 3 To stop mirroring packets, click Stop Mirror.
Viewing Captured Packets
The Dashboard > Packet Monitor page provides three windows to display different views of
captured packets. The following sections describe the viewing windows:
• “About the Captured Packets Window” on page 156
• “About the Packet Detail Window” on page 158
• “About the Hex Dump Window” on page 158
About the Captured Packets Window
The Captured Packets window displays the following statistics about each packet:
• # - The packet number relative to the start of the capture
• Time - The date and time that the packet was captured
• Ingress - The SonicWALL appliance interface on which the packet arrived is marked with
an asterisk (*). The subsystem type abbreviation is shown in parentheses. Subsystem type
abbreviations are defined in the following table.
Abbreviation Definition
i
Interface
hc Hardware based encryption or decryption
sc Software based encryption or decryption
mMulticast
r Packet reassembly
sSystem stack
ip IP helper
f Fragmentation