A terminal UI for tshark, inspired by Wireshark
A terminal user-interface for tshark, inspired by Wireshark.
V2.1 is out now with conversations, packet coloring and more! See the ChangeLog.
If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!
tshark has many more features that termshark doesn't expose yet! See What's Next.
Termshark uses Go modules, so it's best to compile with Go 1.12 or higher. Set
go get github.com/gcla/termshark/v2/cmd/termshark
For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure
tsharkis in your
Inspect a local pcap:
termshark -r test.pcap
Capture ping packets on interface
termshark -i eth0 icmp
termshark -hfor options.
Pre-compiled executables are available via Github releases. Or download the latest build from the master branch - .
Termshark depends on these open-source packages:
Note that tshark is a run-time dependency, and must be in your
PATHfor termshark to function. Version 1.10.2 or higher is required (approx 2013).
Thanks to everyone that's contributed ports, patches and effort!
💻 🐛 📓 |
Elliott Sales de Andrade
🐛 | | :---: | :---: | :---: | :---: | :---: | :---: | :---: | |
🐛 | |
🐛 📦 |
📦 | |
🤔 📓 |
🐛 | |
📓 | |
🤔 🐛 |
🤔 | |
🐛 | <!-- ALL-CONTRIBUTORS-LIST:END -->