Sophos XG Firewall : How to packet filter using Packet Capturr


  • Packet Capture is the process of capturing and recording traffic. The Packet Capture utility packages of Sophos XG Firewall conform to the specified criteria and display the package values ​​in different fields. These fields include connection details and details of policies applied to the package in sections such as Rule ID, User / Group Name (User Name / Group), Web filter ID (Web filter ID), Application filter ID (application filter ID), etc.


  • Get the packet of inbound and outbound packets on port 80. Only filter TCP packets from the source ( is the user’s address in the LAN area) in the capture.


  • You must log into the admin page of the Sophos XG firewall device with an admin account.
  • Packets of incoming and outgoing traffic can be recorded in Sophos Firewall by pressing Diagnostics> Packet Capture.
  • Under the Packet Capture section, press On on the switch to turn on Packet Capture.
  • Under the Capture Packet section, click Display Filter and enter the filter criteria as shown in the table below.
  • Click Apply. The following image will be displayed. The captured packages are the system default and will vary depending on the source IP.

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.