Jump to:navigation, search
Wiki

Packet capture

From Securepoint Wiki




























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden





































Description of the packet captureing on the UTM

New function with version: 14.1.0(08.2025)

notempty
This article refers to a Beta version
-
Access: UTM-IP:Port or UTM-URL:Port
Port as configured at Network / Appliance Settings / Webserver
Default-Port: 11115
i.e.: https://utm.ttt-point.de:11115
Default: https://192.168.175.1:11115 Packet capture

Overview

All current captures and capture options can be viewed under Packet capture . New captures can also be created and the data from completed captures can be viewed and downloaded.
Caption Value Description Packet capture UTMuser@firewall.name.fqdn Packet capture Log Overview of all current captures and capture options
Interface LAN1 Interface whose network traffic is to be captured / has been captured
Status   REC Current status of the capture (e.g. ongoing capture)
Entries 43 Number of entries captured
Size 14 KiB Size of the capture
End in 30 minutes Automatic end of capture
Filter parameters net 0.0.0.0/0 Filter parameters selected for the capture
Start capture Open the Start capture dialog
End capture End current capture
Log View the current Log of the capture
Download Download data of the capture
  • File format can be selected in the table settings () (PCAP files can be opened and analyzed with WireShark, for example)
    • Delete capture Delete current capture
  • Irrevocably deletes all data of the current capture

    • Start capture dialog

    Using the button Start capture the following dialog for configuring filters for the respective capture is started.
    Caption Value Description Start capture UTMuser@firewall.name.fqdnPacket capture Start capture Dialog for starting a capture
    Interface: LAN1 Interface to be captured
    Filter (optional): Filters that should be taken into account during capture

    Logs

    The captured packets can be viewed in the logs. The logs can be opened using the Packet capture log button.
    Caption Value Description
    Pop-up window with log information
    Interface: LAN1 Interface for which the captured logs are to be displayed
    Display package contents: Off Display contents of the captured packages
    Message: Log entries
    Download (PCAP) Download log as PCAP file (can be opened and analyzed with WireShark, for example)
    Download (TXT) Download logs as a TXT-file
    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/EXTRAS/Paket-Mitschnitte&oldid=97989"