Packet Capture is the process of intercepting and logging traffic.
Sophos XG Firewall’s (SF) packet capture utility capture packets that match the specified criteria and displays the packet's values of various fields. These fields include the connection details and the details of policies applied to the packet by each module like the Rule ID, User/Group Name, Web Filter ID, Application Filter ID, etc.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Capture incoming and outgoing packets on port 80. Filter only the TCP packets from the source (172.20.20.2) in the capture.
You must be logged in to the Admin Console as an administrator with Read-Write permissions for the relevant feature(s).
Ethernet type is a field in an ethernet frame. It is used to indicate the encapsulated protocol in the Ethernet frame.
Select the Ethernet Type:
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.