Cisco Cisco Web Security Appliance S660 Mode D'Emploi

In deployments using WCCP, the maximum number of port entries is 30 for HTTP, HTTPS , and FTP 
ports combined.

The appliance provides the ability to capture and display TCP/IP and other packets being transmitted or 
received over the network to which the appliance is attached.

The packet capture feature is similar to the Unix tcpdump command.

Choose Support and Help > Packet Capture.

(Optional) Click Edit Settings to change the packet capture settings. 

(Optional) Submit and commit your packet capture changes.

Capture File Size Limit

Specifies the maximum size that the capture file can reach. One the limit is 
reached, the data will be discarded and a new file started, unless the Capture 
Duration setting is 'Run Capture Until File Size Limit Reached.'

Capture Duration

Options for if and when the capture automatically stops. Choose from:

Run Capture Until File Size Limit Reached. The capture runs until the 
file limit set above is reached.

Run Capture Until Time Elapsed Reaches. The capture runs for a 
specified duration. If you enter the amount of time without specifying 
the units, AsyncOS uses seconds by default.

Run Capture Indefinitely. The packet capture runs until you manually 
stop it. 

The capture can be ended manually at any time.

Interfaces

The interfaces from which traffic will be captured.

Filters

The filtering options to apply when capturing packets. Filtering allows you 
to capture required packets only. Choose from:

No Filters. All packets will be captured.

Predefined Filters. The predefined filters provide filtering by port 
and/or IP addresses. If left blank, all traffic will be captured.

Custom Filter. Use this option if you already know the exact syntax of 
the packet capture options that you need. Use standard tcpdump syntax.