/ Networking

A terminal user-interface for tshark

A terminal user-interface for tshark

termshark

A terminal user-interface for tshark, inspired by Wireshark.

Termshark

If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!

Features

  • Read pcap files or sniff live interfaces (where tshark is permitted).
  • Inspect each packet using familiar Wireshark-inspired views
  • Filter pcaps or live captures using Wireshark's display filters
  • Copy ranges of packets to the clipboard from the terminal
  • Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows

Building

Termshark uses Go modules, so it's best to compile with Go 1.11 or higher. Set GO111MODULE=on then run:

go get github.com/gcla/termshark/cmd/termshark

Then add ~/go/bin/ to your PATH.

For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure tshark is in your PATH.

Quick Start

Inspect a local pcap:

termshark -r test.pcap

Capture ping packets on interface eth0:

termshark -i eth0 icmp

Run termshark -h for options.

GitHub

— Golang Example —

Networking

— Next Post —
— Prev Post —
Latest
A distributed and coördination-free log management system
2019-05-10
Compositional widgets for terminal user interfaces written in Go
2019-05-10
An open-source network monitoring tool which can record your live traffic
2019-05-08
A structured logger for Go
2019-05-08
CLI tool to generate terraform files from existing infrastructure
2019-05-06
Tag