Feature Request: Vim key bindings? about termshark HOT 22 CLOSED

I'll work on this after I push out v2!

from termshark.

Hi everyone - I've pushed some changes to master that start work on this issue. Here's the list so far, from the commit that implemented them:

• : - open "lastline" mode
• :r - load a new pcap
• :q - quit if confirmed
• :q! - quit immediately
• ZZ - quit immediately
• C-w C-w - cycle through the termshark panes (like tab)
• C-w = - reset the spacing so views are of equal size

In tabular views:

• gg - go to top
• G - go to bottom

These take a numeric prefix to go to a specific line e.g. 27gg

Please try them out and let me know what you think. More key binding ideas would be most welcome! I didn't yet do the simple h,j,k,l...

@linsong - I haven't tried to make these configurable yet. I could... e.g. I could add a lastline-mode function e.g.

map <f2> ZZ

Note that in edit boxes, you can now hit ctrl-w to kill backwards to the start of the current line. Ctrl-e, ctrl-a and ctrl-k also work. Please let me know which others are important to you.

You can download and compile the latest termshark like this:

export GO111MODULE=on
go get github.com/gcla/termshark/v2/cmd/termshark@master

Then run ~/go/bin/termshark

from termshark.

@gcla Can we use :e file.pcap to load the pcap file? Vim default binding use :e for edit/view a file.

from termshark.

Hi everyone - I've added some more vim-related features. Here's what you can do now:

• press ma to set a file-local mark called 'a' (use a through z)
• press 'a (single quote) to jump to file-local mark 'a'
• press mA to set a global mark called 'A' (use A through Z)
• press 'A(single quote) to jump to global mark 'A'
• press ':' to launch last-line mode (the minibuffer); new commands are
  • recents - to pick a pcap from the recent pcaps list
  • filter - to pick a filter from the recently applied display filter list
  • marks - show marks currently set
  • map - set a vim-style key mapping e.g. map <f1> ZZ
  • unmap - delete a key mapping e.g. unmap <f1>

The syntax for key mappings tries to follow what vim uses - for example, use ASCII for regular printable characters, and angle brackets for compound keys e.g. <C-s>, <A-h>, <esc>, <space>, <enter>.

Marks are intended to let you jump around pcaps more quickly in order to compare packets.

Global marks and key mappings are saved to ~/.config/termshark/termshark.toml (or similar for macOS or windows).

This is all very new, so please do try it out and let me know if anything unexpected happens. I haven't tested very much with life network sniffing; only loading pcaps.

@Piping - I added :e too

@linsong - could you try these key mappings to see if they work for you?

map <F1> <tab><tab><down><tab>
map <F2> <tab><tab><up><tab>

(I added Ctrl-u for edit widgets too)

As usual, you can download and compile the latest termshark like this:

export GO111MODULE=on
go get github.com/gcla/termshark/v2/cmd/termshark@master

Then just run ~/go/bin/termshark

Precompiled binaries are available here:

Linux:
https://storage.googleapis.com/termshark/7238bfcc653d87c5e2e631d5f1b978b2fdfe6d15/termshark_linux_amd64/termshark

macOS: https://storage.googleapis.com/termshark/7238bfcc653d87c5e2e631d5f1b978b2fdfe6d15/termshark_darwin_amd64/termshark

Windows: https://storage.googleapis.com/termshark/7238bfcc653d87c5e2e631d5f1b978b2fdfe6d15/termshark_windows_amd64/termshark.exe

from termshark.

Hi @kevinhwang91 - the latest on master will now understand C-p and C-n in the same way as up and down arrows, in more parts of the UI - in particular, the display filter.

from termshark.

This is a good question. Why don't we leave this issue up for a bit and if you have suggestions for bindings that you want, post them here?

A couple things that I would like to see are:

• G: go to bottom
• gg: go to bottom
• b: Skip behind 1% of packets
• e: Skip ahead 1% of packets

from termshark.

<Ctrl-W> <Ctrl-W> for switching between windows
<Ctrl-W> = to equal-size window
bottom command line area for quick command like load pcap :e pcap_file, :w pcap_file etc..

from termshark.

How about something like :123g to go to packet 123?

from termshark.

I would like to suggest to support user to customize the keybinding by himself: associate command with a keybinding in config file, that will be most flexible way. Can use shortcuts is the best part of the terminal version over GUI version for me.

And support readline like feature in all input boxes will be great, too.

Thanks for the GREAT work!

from termshark.

Travis builds binaries for each commit too, so you can download those if that's easier:

Linux:
https://storage.googleapis.com/termshark/206a443f04aa6b704b2d7b5c1755e278e254b647/termshark_linux_amd64/termshark

macOS: https://storage.googleapis.com/termshark/206a443f04aa6b704b2d7b5c1755e278e254b647/termshark_darwin_amd64/termshark

Windows: https://storage.googleapis.com/termshark/206a443f04aa6b704b2d7b5c1755e278e254b647/termshark_windows_amd64/termshark.exe

from termshark.

Great work Graham. Keep it up!

from termshark.

@gcla I just tried it, it works perfectly, thanks!

For shortcut in the filter input, I miss one: Ctrl-U to delete till the beginning of line.

One of my most common use case is like this: I focus on the middle window to check details of every packet most of time, but to switch to next or previous packet, I will have to change to the top packet list window, select other packet, then switch back to middle window. I normally repeat this many times within a session. If we can change focus with a shortcut key to next/prev packet without leave the middle window, that will be very efficient. Not sure if other users use it in the same way or not, just my two cents.

This tool is AWESOME, thanks for your time!

from termshark.

Thanks @linsong :-)

I'll add ctrl-U asap - that one's easy to do. Next on the list to implement is something like vim's marks, so you can jump around a pcap more easily. For your specific request - I wonder if a key mapping approach would be cleanest - so you could do something like

map <F1> <tab><tab><down><tab>
map <F2> <tab><tab><up><tab>

Not sure... I'll think about it! I'll aim to make more progress this weekend.

from termshark.

If the mapping works, I am happy with this solution, too. Thanks again :-)

from termshark.

@linsong - could you try these key mappings to see if they work for you?

map <F1> <tab><tab><down><tab>
map <F2> <tab><tab><up><tab>

(I added Ctrl-u for edit widgets too)

I tested these mappings, they works perfect!

I really love the vim style navigation with j, k for and , it works great before I move focus into filter box, it cause 'j' or 'k' can not be inputted there. Maybe we can borrow the design of vim: map only works under normal mode, imap for input mode ? Not sure if this is doable, I am already very happy with the current implementation.

Thanks for the AWESOME work!

from termshark.

Hi @linsong - I've now added support for h, j, k and l directly to the various composite widgets used in termshark, so you can unmap those keys and get back a working filter box :-)

@the-c0d3r - let me know if you have more vim-key suggestions!

Here are the latest binaries:

Linux:
https://storage.googleapis.com/termshark/50033b65c2a7d3582680721e6ebeb28df53e3fa9/termshark_linux_amd64/termshark

macOS: https://storage.googleapis.com/termshark/50033b65c2a7d3582680721e6ebeb28df53e3fa9/termshark_darwin_amd64/termshark

from termshark.

Hi @gcla, Just tried the new version, it works perfectly well, thanks a lot!

from termshark.

Hi @gcla thanks so much for implementing these features. I'll try them out. You have already covered quite a lot of vim shortcuts already, I can't think of anything else 😄

from termshark.

How can I focus on buttons like Analysis, Misc, and Recent quickly?

Btw, I think the Filter should select the completion using c-n and c-p.

from termshark.

Thanks @kevinhwang91 for the suggestions. So I'm clear - you mean when the display filter edit box has focus, and the display filter drop-down is displayed, you should be able to move up and down the list with C-n and C-p, right?

There's not a direct way to send focus to the Recent button or specific menu options yet. Do you think there should be single keypresses to do that? Or maybe simple chords? There are some less direct ways - maybe not satisfactory, but I'll list them anyway:

• hitting Escape will open the menu at Misc - then you can hit a key to run the option you want. That's not good enough for Analysis though because you need to hit Escape then left arrow, then another key.
• with the upcoming v2.2 (and built-in to the binary I built to test your arrow-between-panes issue) there is a way to map single keystrokes to key chords, like in vim. So you could hit ':' to open the cmdline and type

map <f7> <esc><left>c

Then the f7 key will open conversations directly.

• with v2.2, you can also open conversations quickly by hitting ":" then typing co tab enter. I find myself using that method more and more now I know it's there. How do you feel about that approach?

from termshark.

Btw, I think the Filter should select the completion using c-n and c-p.

I think you misunderstand this request, I mean Filter input bar will pop up the candidate's menu like vim completion.

After patching #94, You inspire me to solve this request by remapping:
map <C-p> <Up> map <C-n> <Down>. If these key bindings are builtin is more like vim.

Focus on buttons also can be achieved by remapping the key that I want.

from termshark.

I'll close this now v2.2.0 has been released.

from termshark.