25 April 2019 / Networking

A terminal user-interface for tshark

termshark

A terminal user-interface for tshark, inspired by Wireshark.

Termshark

If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!

Read pcap files or sniff live interfaces (where tshark is permitted).
Inspect each packet using familiar Wireshark-inspired views
Filter pcaps or live captures using Wireshark's display filters
Copy ranges of packets to the clipboard from the terminal
Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows

Termshark uses Go modules, so it's best to compile with Go 1.11 or higher. Set GO111MODULE=on then run:

go get github.com/gcla/termshark/cmd/termshark

Then add ~/go/bin/ to your PATH.

For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure tshark is in your PATH.

Inspect a local pcap:

termshark -r test.pcap

Capture ping packets on interface eth0:

termshark -i eth0 icmp

Run termshark -h for options.

— Golang Example —

Simple Web based configuration generator for WireGuard.

Neffos is a cross-platform real-time framework with expressive, elegant API written in Go.

IPFS is a global, versioned, peer-to-peer filesystem. It combines good ideas from previous systems such Git, BitTorrent, Kademlia, SFS, and the Web.

— Next Post —

watch tool rewritten in go.

— Prev Post —

Alloy is a starter template for creating web applications using Go programming language.