25 April 2019 / Networking

A terminal user-interface for tshark

termshark

A terminal user-interface for tshark, inspired by Wireshark.

Termshark

If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!

Read pcap files or sniff live interfaces (where tshark is permitted).
Inspect each packet using familiar Wireshark-inspired views
Filter pcaps or live captures using Wireshark's display filters
Copy ranges of packets to the clipboard from the terminal
Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows

Termshark uses Go modules, so it's best to compile with Go 1.11 or higher. Set GO111MODULE=on then run:

go get github.com/gcla/termshark/cmd/termshark

Then add ~/go/bin/ to your PATH.

For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure tshark is in your PATH.

Inspect a local pcap:

termshark -r test.pcap

Capture ping packets on interface eth0:

termshark -i eth0 icmp

Run termshark -h for options.

— Golang Example —

Hubble - Network, Service & Security Observability for Kubernetes.

Seata-Go-Server is a highly available server-side component of a distributed transaction solution compatible with Seata (after version 0.5).

BitTorrent client and library in Go. Running in production at put.io.

— Next Post —

watch tool rewritten in go.

— Prev Post —

Alloy is a starter template for creating web applications using Go programming language.