Permalink
Please
sign in to comment.
Showing
with
13,027 additions
and 0 deletions.
- +1 −0 .gitignore
- +50 −0 .goreleaser.yml
- +68 −0 README.md
- +3,129 −0 cmd/termshark/termshark.go
- +78 −0 confwatcher.go
- +9 −0 copycommand.go
- +7 −0 copycommand_android.go
- +7 −0 copycommand_darwin.go
- +7 −0 copycommand_windows.go
- +122 −0 docs/FAQ.md
- +185 −0 docs/UserGuide.md
- +67 −0 fdinfo.go
- +177 −0 fields.go
- +35 −0 fields_test.go
- +19 −0 go.mod
- +108 −0 go.sum
- +15 −0 have_fdinfo.go
- +13 −0 have_fdinfo_linux.go
- +42 −0 modeswap/modeswap.go
- +42 −0 noroot.go
- +194 −0 pcap/cmds.go
- +1,632 −0 pcap/loader.go
- +644 −0 pcap/loader_test.go
- +566 −0 pcap/loader_tshark_test.go
- BIN pcap/testdata/1.pcap
- +2,113 −0 pcap/testdata/1.pdml
- +193 −0 pcap/testdata/1.psml
- BIN pcap/testdata/2.pcap-body
- 0 pcap/testdata/2.pcap-footer
- BIN pcap/testdata/2.pcap-header
- +103 −0 pcap/testdata/2.pdml-body
- +3 −0 pcap/testdata/2.pdml-footer
- +4 −0 pcap/testdata/2.pdml-header
- +9 −0 pcap/testdata/2.psml-body
- +2 −0 pcap/testdata/2.psml-footer
- +12 −0 pcap/testdata/2.psml-header
- +237 −0 pdmltree/pdmltree.go
- +210 −0 pdmltree/pdmltree_test.go
- +152 −0 psmltable/model.go
- +448 −0 utils.go
- +95 −0 utils_test.go
- +14 −0 version.go
- +187 −0 widgets/appkeys/appkeys.go
- +155 −0 widgets/copymodetree/copymodetree.go
- +54 −0 widgets/enableselected/enableselected.go
- +68 −0 widgets/expander/expander.go
- +507 −0 widgets/filter/filter.go
- +619 −0 widgets/hexdumper/hexdumper.go
- +40 −0 widgets/hexdumper/hexdumper_test.go
- +97 −0 widgets/ifwidget/ifwidget.go
- +56 −0 widgets/renderfocused/renderfocused.go
- +246 −0 widgets/resizable/resizable.go
- +37 −0 widgets/resizable/resizable_test.go
- +149 −0 widgets/withscrollbar/withscrollbar.go
@@ -0,0 +1 @@ | |||
dist/ |
@@ -0,0 +1,50 @@ | |||
# This is an example goreleaser.yaml file with some sane defaults. | |||
# Make sure to check the documentation at http://goreleaser.com | |||
before: | |||
hooks: | |||
builds: | |||
- env: | |||
- CGO_ENABLED=0 | |||
- GO111MODULE=on | |||
main: ./cmd/termshark/termshark.go | |||
goos: | |||
- freebsd | |||
- windows | |||
- linux | |||
- darwin | |||
goarch: | |||
- arm | |||
- amd64 | |||
ignore: | |||
- goos: darwin | |||
goarch: arm | |||
- goos: freebsd | |||
goarch: arm | |||
- goos: windows | |||
goarch: arm | |||
ldflags: | |||
- -X github.com/gcla/termshark.Version={{.Version}} | |||
archives: | |||
- replacements: | |||
darwin: macOS | |||
linux: linux | |||
windows: windows | |||
amd64: x64 | |||
wrap_in_directory: true | |||
format_overrides: | |||
- goos: windows | |||
format: zip | |||
files: | |||
- none* | |||
sign: | |||
artifacts: checksum | |||
checksum: | |||
name_template: 'checksums.txt' | |||
snapshot: | |||
name_template: "{{ .Tag }}-next" | |||
changelog: | |||
sort: asc | |||
filters: | |||
exclude: | |||
- '^docs:' | |||
- '^test:' |
@@ -0,0 +1,68 @@ | |||
# Termshark | |||
A terminal user-interface for tshark, inspired by Wireshark. | |||
|
|||
![demo1](https://drive.google.com/uc?export=view&id=1vDecxjqwJrtMGJjOObL-LLvi-1pBVByt) | |||
|
|||
If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help! | |||
|
|||
## Features | |||
|
|||
- Read pcap files or sniff live interfaces (where tshark is permitted). | |||
- Inspect each packet using familiar Wireshark-inspired views | |||
- Filter pcaps or live captures using Wireshark's display filters | |||
- Copy ranges of packets to the clipboard from the terminal | |||
- Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows | |||
|
|||
## Building | |||
|
|||
Termshark uses Go modules, so it's best to compile with Go 1.11 or higher. Set `GO111MODULE=on` then run: | |||
|
|||
```bash | |||
go get github.com/gcla/termshark/cmd/termshark | |||
``` | |||
Then add ```~/go/bin/``` to your ```PATH```. | |||
|
|||
For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure ```tshark``` is in your ```PATH```. | |||
|
|||
## Quick Start | |||
|
|||
Inspect a local pcap: | |||
|
|||
```bash | |||
termshark -r test.pcap | |||
``` | |||
|
|||
Capture ping packets on interface ```eth0```: | |||
|
|||
```bash | |||
termshark -i eth0 icmp | |||
``` | |||
|
|||
Run ```termshark -h``` for options. | |||
|
|||
## Downloads | |||
|
|||
Pre-compiled executables are available via [Github releases](https://github.com/gcla/termshark/releases) | |||
|
|||
## User Guide | |||
|
|||
See the [termshark user guide](docs/UserGuide.md) (and my best guess at some [FAQs](docs/FAQ.md)) | |||
|
|||
## Dependencies | |||
|
|||
Termshark depends on these open-source packages: | |||
|
|||
- [tshark](https://www.wireshark.org/docs/man-pages/tshark.html) - command-line network protocol analyzer, part of [Wireshark](https://wireshark.org) | |||
- [tcell](https://github.com/gdamore/tcell) - a cell based terminal handling package, inspired by termbox | |||
- [gowid](https://github.com/gcla/gowid) - compositional terminal UI widgets, inspired by [urwid](http://urwid.org), built on [tcell](https://github.com/gdamore/tcell) | |||
|
|||
Note that tshark is a run-time dependency, and must be in your ```PATH``` for termshark to function. Version 1.10.2 or higher is required (approx 2013). | |||
|
|||
## Contact | |||
|
|||
- The author - Graham Clark (grclark@gmail.com) | |||
|
|||
## License | |||
|
|||
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) | |||
|
Oops, something went wrong.
0 comments on commit
b6b2c35