Skip to content

Configure capture filter

You can configure the number of bytes to be captured per packet.

How to configure the capture filter

  1. Go to Diagnostics > Packet capture and click Configure.
  2. Enter details to configure the capture filter:

    Setting Description
    Number of bytes to capture (per packet) Specify the number of bytes to be captured per packet.
    Wrap capture buffer once full Select this option to continue capturing the packets even after the buffer is full. If you select this option, Packet capture starts again from the beginning of the buffer.
    Enter BPF string Specify a Berkeley Packet Filter (BPF) string. BPF provides a raw interface between the link-level driver and the userspace. BPF is protocol-independent and uses a filter-before-buffering approach. It includes a machine abstraction to make the filtering efficient. For example, host and port 137. For filtering specific packets, see BPF string parameters.
  3. Click Save.

BPF string parameters

Object Example
Specific host host
Specific source host src host
Specific destination host dst host
Specific network net
Specific source network src net
Specific destination network dst net
Specific port port 20 or port 21
Specific source port src port 21
Specific destination port dst port 21
Specific host for the particular port host and port 21
the specific host for all the ports except SSH host and port not 22
Specific protocol proto ICMP, proto UDP, proto TCP