Termshark - A Final Ui For Tshark, Inspired Past Times Wireshark
H5N1 finally user-interface for tshark, inspired past times Wireshark.
If you're debugging on a remote automobile amongst a large pcap together with no wishing to scp it dorsum to your desktop, termshark tin give notice help!
Features
- Read pcap files or sniff alive interfaces (where tshark is permitted).
- Inspect each packet using familiar Wireshark-inspired views
- Filter pcaps or alive captures using Wireshark's display filters
- Copy ranges of packets to the clipboard from the terminal
- Written inward Golang, compiles to a unmarried executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, together with Windows
tshark has many to a greater extent than features that termshark doesn't bring out yet! See What's Next.
Installation (FreeBSD)
Termshark is inward the FreeBSD ports tree! To install the package, run:
pkg install termsharkTo build/install the port, run:
cd /usr/ports/net/termshark/ && brand install cleanBuilding
Termshark uses Go modules, thence it's best to compile amongst Go 1.11 or higher. Set
GO111MODULE=on thence run:go instruct github.com/gcla/termshark/cmd/termshark /go/bin/ to your PATH.For all packet analysis, termshark depends on tshark from the Wireshark project. Make certain
tshark is inward your PATH.Quick Start
Inspect a local pcap:
termshark -r test.pcapeth0:termshark -i eth0 icmptermshark -h for options.User Guide
See the termshark user guide (and my best approximate at closed to FAQs)
Dependencies
Termshark depends on these open-source packages:
- tshark - command-line network protocol analyzer, constituent of Wireshark
- tcell - a prison theatre cellphone based finally treatment package, inspired past times termbox
- gowid - compositional finally UI widgets, inspired past times urwid, built on tcell
PATH for termshark to function. Version 1.10.2 or higher is required (approx 2013).Contact
- The writer - Graham Clark (grclark@gmail.com)
