Skip to content

/termshark

Permalink
Browse files

Ready for pushing to github!

  • Loading branch information...
@gcla
gcla committed Apr 18, 2019
0 parents commit b6b2c35461d9910710c8ef03f95f21a879240d2b
Unified Split
Showing with 13,027 additions and 0 deletions.
  1. +1 −0 .gitignore
  2. +50 −0 .goreleaser.yml
  3. +68 −0 README.md
  4. +3,129 −0 cmd/termshark/termshark.go
  5. +78 −0 confwatcher.go
  6. +9 −0 copycommand.go
  7. +7 −0 copycommand_android.go
  8. +7 −0 copycommand_darwin.go
  9. +7 −0 copycommand_windows.go
  10. +122 −0 docs/FAQ.md
  11. +185 −0 docs/UserGuide.md
  12. +67 −0 fdinfo.go
  13. +177 −0 fields.go
  14. +35 −0 fields_test.go
  15. +19 −0 go.mod
  16. +108 −0 go.sum
  17. +15 −0 have_fdinfo.go
  18. +13 −0 have_fdinfo_linux.go
  19. +42 −0 modeswap/modeswap.go
  20. +42 −0 noroot.go
  21. +194 −0 pcap/cmds.go
  22. +1,632 −0 pcap/loader.go
  23. +644 −0 pcap/loader_test.go
  24. +566 −0 pcap/loader_tshark_test.go
  25. BIN pcap/testdata/1.pcap
  26. +2,113 −0 pcap/testdata/1.pdml
  27. +193 −0 pcap/testdata/1.psml
  28. BIN pcap/testdata/2.pcap-body
  29. 0 pcap/testdata/2.pcap-footer
  30. BIN pcap/testdata/2.pcap-header
  31. +103 −0 pcap/testdata/2.pdml-body
  32. +3 −0 pcap/testdata/2.pdml-footer
  33. +4 −0 pcap/testdata/2.pdml-header
  34. +9 −0 pcap/testdata/2.psml-body
  35. +2 −0 pcap/testdata/2.psml-footer
  36. +12 −0 pcap/testdata/2.psml-header
  37. +237 −0 pdmltree/pdmltree.go
  38. +210 −0 pdmltree/pdmltree_test.go
  39. +152 −0 psmltable/model.go
  40. +448 −0 utils.go
  41. +95 −0 utils_test.go
  42. +14 −0 version.go
  43. +187 −0 widgets/appkeys/appkeys.go
  44. +155 −0 widgets/copymodetree/copymodetree.go
  45. +54 −0 widgets/enableselected/enableselected.go
  46. +68 −0 widgets/expander/expander.go
  47. +507 −0 widgets/filter/filter.go
  48. +619 −0 widgets/hexdumper/hexdumper.go
  49. +40 −0 widgets/hexdumper/hexdumper_test.go
  50. +97 −0 widgets/ifwidget/ifwidget.go
  51. +56 −0 widgets/renderfocused/renderfocused.go
  52. +246 −0 widgets/resizable/resizable.go
  53. +37 −0 widgets/resizable/resizable_test.go
  54. +149 −0 widgets/withscrollbar/withscrollbar.go
1 .gitignore
@@ -0,0 +1 @@
dist/
50 .goreleaser.yml
@@ -0,0 +1,50 @@
# This is an example goreleaser.yaml file with some sane defaults.
# Make sure to check the documentation at http://goreleaser.com
before:
hooks:
builds:
- env:
- CGO_ENABLED=0
- GO111MODULE=on
main: ./cmd/termshark/termshark.go
goos:
- freebsd
- windows
- linux
- darwin
goarch:
- arm
- amd64
ignore:
- goos: darwin
goarch: arm
- goos: freebsd
goarch: arm
- goos: windows
goarch: arm
ldflags:
- -X github.com/gcla/termshark.Version={{.Version}}
archives:
- replacements:
darwin: macOS
linux: linux
windows: windows
amd64: x64
wrap_in_directory: true
format_overrides:
- goos: windows
format: zip
files:
- none*
sign:
artifacts: checksum
checksum:
name_template: 'checksums.txt'
snapshot:
name_template: "{{ .Tag }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
68 README.md
@@ -0,0 +1,68 @@
# Termshark
A terminal user-interface for tshark, inspired by Wireshark.

![demo1](https://drive.google.com/uc?export=view&id=1vDecxjqwJrtMGJjOObL-LLvi-1pBVByt)

If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!

## Features

- Read pcap files or sniff live interfaces (where tshark is permitted).
- Inspect each packet using familiar Wireshark-inspired views
- Filter pcaps or live captures using Wireshark's display filters
- Copy ranges of packets to the clipboard from the terminal
- Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows

## Building

Termshark uses Go modules, so it's best to compile with Go 1.11 or higher. Set `GO111MODULE=on` then run:

```bash
go get github.com/gcla/termshark/cmd/termshark
```
Then add ```~/go/bin/``` to your ```PATH```.

For all packet analysis, termshark depends on tshark from the Wireshark project. Make sure ```tshark``` is in your ```PATH```.

## Quick Start

Inspect a local pcap:

```bash
termshark -r test.pcap
```

Capture ping packets on interface ```eth0```:

```bash
termshark -i eth0 icmp
```

Run ```termshark -h``` for options.

## Downloads

Pre-compiled executables are available via [Github releases](https://github.com/gcla/termshark/releases)

## User Guide

See the [termshark user guide](docs/UserGuide.md) (and my best guess at some [FAQs](docs/FAQ.md))

## Dependencies

Termshark depends on these open-source packages:

- [tshark](https://www.wireshark.org/docs/man-pages/tshark.html) - command-line network protocol analyzer, part of [Wireshark](https://wireshark.org)
- [tcell](https://github.com/gdamore/tcell) - a cell based terminal handling package, inspired by termbox
- [gowid](https://github.com/gcla/gowid) - compositional terminal UI widgets, inspired by [urwid](http://urwid.org), built on [tcell](https://github.com/gdamore/tcell)

Note that tshark is a run-time dependency, and must be in your ```PATH``` for termshark to function. Version 1.10.2 or higher is required (approx 2013).

## Contact

- The author - Graham Clark (grclark@gmail.com)

## License

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

Oops, something went wrong.

0 comments on commit b6b2c35

Please sign in to comment.
You can’t perform that action at this time.