Cisco Cisco Web Security Appliance S170 Guía Del Usuario
A-16
AsyncOS 9.1 for Cisco Web Security Appliances User Guide
Appendix A Troubleshooting
Packet Capture
Packet Capture
The appliance provides the ability to capture and display TCP/IP and other packets being transmitted or
received over the network to which the appliance is attached.
received over the network to which the appliance is attached.
Note
The packet capture feature is similar to the Unix tcpdump command.
Starting a Packet Capture
Step 1
Choose Support and Help > Packet Capture.
Step 2
(Optional) Click Edit Settings to change the packet capture settings.
(Optional) Submit and commit your packet capture changes.
Note
When you change the packet capture settings without committing the changes and then start a
packet capture, AsyncOS uses the new settings. This allows you to use the new settings in the
current session without enforcing the settings for future packet capture runs. The settings remain
in effect until you clear them.
packet capture, AsyncOS uses the new settings. This allows you to use the new settings in the
current session without enforcing the settings for future packet capture runs. The settings remain
in effect until you clear them.
Step 3
Click Start Capture. To manually stop a running capture, click Stop Capture.
Option
Description
Capture File Size Limit
Specifies the maximum size that the capture file can reach. One the limit is
reached, the data will be discarded and a new file started, unless the Capture
Duration setting is 'Run Capture Until File Size Limit Reached.'
reached, the data will be discarded and a new file started, unless the Capture
Duration setting is 'Run Capture Until File Size Limit Reached.'
Capture Duration
Options for if and when the capture automatically stops. Choose from:
•
Run Capture Until File Size Limit Reached. The capture runs until the
file limit set above is reached.
file limit set above is reached.
•
Run Capture Until Time Elapsed Reaches. The capture runs for a
specified duration. If you enter the amount of time without specifying
the units, AsyncOS uses seconds by default.
specified duration. If you enter the amount of time without specifying
the units, AsyncOS uses seconds by default.
•
Run Capture Indefinitely. The packet capture runs until you manually
stop it.
stop it.
Note
The capture can be ended manually at any time.
Interfaces
The interfaces from which traffic will be captured.
Filters
The filtering options to apply when capturing packets. Filtering allows you
to capture required packets only. Choose from:
to capture required packets only. Choose from:
•
No Filters. All packets will be captured.
•
Predefined Filters. The predefined filters provide filtering by port
and/or IP addresses. If left blank, all traffic will be captured.
and/or IP addresses. If left blank, all traffic will be captured.
•
Custom Filter. Use this option if you already know the exact syntax of
the packet capture options that you need. Use standard tcpdump syntax.
the packet capture options that you need. Use standard tcpdump syntax.