termshark v2.2 releases: A terminal UI for tshark
Termshark
A terminal user-interface for tshark, inspired by Wireshark.
If you’re debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!
Features
- Read pcap files or sniff live interfaces (where tshark is permitted).
- Inspect each packet using familiar Wireshark-inspired views
- Filter pcaps or live captures using Wireshark’s display filters
- Copy ranges of packets to the clipboard from the terminal
- Written in Golang, compiles to a single executable on each platform – downloads available for Linux (+termux), macOS, FreeBSD, and Windows
Changelog v2.2
e073727 A first attempt to make termshark themeable
962362d A function to construct a color by looking it up in the config file
e10382a A limited function to build a widget containing scrollable text
1722d07 A minibuffer command to load a new pcap file
b9d4e1e A minibuffer option to set the preferred terminal type
9c8d532 A new callback handler for pcap operations
654a4aa A new minibuffer command to clear the filter and apply it
709b15f A reworking of the tshark pcap loaders
afd03cd A simple type that formats PSML for display in a dialog
b090f05 A simple widget to display the termshark log file
410a81a A simpler way to detect when a live packet source is ready
1c2a84f A small struct to track vim key-chord state
e1fa8cf A widget to provide a vim “last-line” or emacs “minibuffer”More…
Use
It provides a terminal-based user interface for analyzing packet captures. It’s inspired by Wireshark and depends on tshark for all its intelligence. Termshark is run from the command-line. You can see its options with
Download & Tutorial
Copyright (c) 2019 Graham Clark