Termshark is a command line user interface, inspired by Wireshark. Resources
- Read pcap files or analyze active interfaces (with appropriate permissions)
- Filter pcaps or live captures using Wireshark display filters
- Reassemble and inspect TCP and UDP streams
- View network conversations by protocol
- Copy package ranges to the terminal clipboard
- Written in Golang, it compiles into a single executable on each platform - downloads available for Linux, macOS, FreeBSD, Android (termux) and Windows.
Installation
First you need to install Go, for that use the package manager of your distribution, examples:
emerge go # Gentoo, Funtoo, ...
sudo apt install go # Debian, Ubuntu, Mint, ...
sudo pacman -S go # Arch, Manjaro, ...
sudo dnf install go # Red Hat, CentOS, Fedora, ...Also install the dependencies:
- tshark - command line network protocol analyzer, part of Wireshark
- tcell - a cell-based terminal management package, inspired by termbox
- gowid - composition terminal user interface widgets, inspired by urwid, built in tcell
After that just use the go command to install:
go get github.com/gcla/termshark/v2/cmd/termsharkAnd include the path in your $PATH variable, example:
echo 'export PATH="${PATH}:~/go/bin/' | tee -a ~/.bashrc
Example of use
Capture ping packets on the enp1s0 interface:
termshark -i eth0 enp1s0For more information, run the command:
termshark -hAnd visit the official address of the project: https://github.com/gcla/termshark
