The Packet capture section allows you to record the traffic that meets the specified conditions to a PCAP file for further analysis using third-party tools, such as wireshark. This may be necessary to diagnose network problems.
The section consists of three parts:
-
Filters: here you define the conditions which should be matched to capture the traffic. You can use a source address, a source port, a destination address, a destination port, an Ethernet protocol, or an IPv4 protocol as conditions. For a list of IPv4 protocols, see http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml.
-
Rules: specify UserGate interfaces on which the traffic should be logged, the existing filters, the name and size of the file to which captured traffic is logged.
-
Files: files with captured traffic. You can download them for analysis or delete them.
To capture traffic, perform the following steps:
|
Task |
Description |
|---|---|
|
Step 1. Create a filter. |
Optional. You can use preinstalled filters or capture all traffic without filtering it. |
|
Step 2. Create a rule. |
Create a rule where you specify the rule name, the file name, the maximum size of the file to be written, and the necessary filters. |
|
Step 3. Select a rule and start capturing. |
Select the rule you want to use and click Start capture. To stop capturing, click Stop capture. |
|
Step 4. Under Files, select a file to download. |
Download the PCAP file for analysis. |