The Packet capture section allows you to record the traffic that meets the specified conditions to a PCAP file for further analysis using third-party tools, such as wireshark. This may be necessary to diagnose network problems.
The section consists of three parts:
-
Filters: here the conditions are defined under which traffic will be recorded. You can use a source address, a source port, a destination address, a destination port, an Ethernet protocol, or an IPv4 protocol as conditions. For a list of IPv4 protocols, see http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml.
-
Rules: here UserGate interfaces are specified for traffic recording, previously created filters and the name and the size of the file where the captured traffic is recorded.
-
Files: files with captured traffic are placed here. You can download them for analysis or delete them.
To capture traffic, perform the following steps:
Name |
Description |
---|---|
Step 1. Create the desired filter. |
Optional. You can use preinstalled filters or capture all traffic without filtering it. |
Step 2. Create a rule. |
Create a rule where you specify the rule name, the file name, the maximum size of the file to be written, and the necessary filters. |
Step 3. Select a rule and start capturing. |
Select the rule you want to use and click Start capture. To stop capturing, click Stop capture. |
Step 4. Under Files, select a file to download. |
Download the PCAP file for analysis. |