Filter
Top Products
Chapter 13. Tools
only those matching certain criteria.
In the type and code fields, you can enter a single number (e. g., 5), a range of numbers (e. g., 5-10), a list of
numbers and ranges, separated by commas (e. g., 5, 10-20) or nothing at all. If the field is empty, any type or code
will match. See appendix G, Lists of ports, ICMP and protocols, for more information on ICMP types and codes.
If you want to study all traffic except the one of a certain type/code, enter the type/code number(s) here and mark
the "not" box.
ESP
ESP is an authentication/encryption protocol. Select this if you want to search for encrypted packets.
Note that you must have selected a log class which saves to local file, for encrypted packets, to be able to display
them here.
Protocol number
Here, you enter the number(s) of the protocols you want to search for. You can enter a single number (e. g., 5), a
range of numbers (e. g., 5-10), a list of numbers and ranges, separated by commas (e. g., 5, 10-20) or nothing at all.
If the field is empty, any protocol will match. See appendix C, Lists of Reserved Ports, ICMP Types and Codes, and
Internet Protocols, for more information on protocol numbers.
If you want to study all traffic except the one over a certain protocol or protocols, enter the protocol number(s) here
and mark the "not" box.
Collect data
Below the selection boxes, you activate and deactivate the sniffer by pressing the Start sniffing and Stop sniffing
buttons.
When the sniffer has been stopped, the capture log can be downloaded by pressing the Download sniffer data
button. The captured data can be deleted by pressing the Delete sniffer data button.
120