Comments (16)
It's been a long while @jJit0 but I am finally working on this now...
from termshark.
Oh man, I love it, works perfect 🙏
Wish I could have this tool many years ago
from termshark.
Hi. Any plans on this? Actually I'm interested in columns+profiles setting
For example for HTTP we need one set of columns(profile) and for SNMP - another set(profile)
Possibility to switch profiles in 2 clicks would be nice
from termshark.
Hi @zoulja - yes, though I didn't complete it for v2.2 unfortunately. I think I need to do some work on the underlying table widget to make its layout more flexible.
from termshark.
Hi @jJit0 and @zoulja ,
I've pushed a branch called configcolumns with a first stab at implementing configurable columns for termshark's packet list view. If you have time, would you mind giving it a try and letting me know what you think? Any feedback at all would be great. There's a new field that you can set in termshark.toml
to configure the columns. Here's my config:
[main]
column-format = ["%m", "%Yut", "%s", "%d", "%p", "%L", "%i", "%B"]
You can see these tokens if you run:
tshark -G column-formats
Termshark will run that behind the scenes to generate the list of all valid token names for columns. At startup, termshark will check your columns against this master list and discard any that are invalid, with a warning in the logs. If all are invalid, it will fall back to a safe set of columns (those that termshark uses now).
You can give the columns your own short names like this:
[main]
column-format = ["%m No.", "%Yut Time", "%s Src", "%d Dst", "%p Proto", "%L Len", "%i Info", "%V vsan", "%B cumb"]
Here's how to build:
git clone https://github.com/gcla/termshark
cd termshark
git checkout configcolumns
export GO111MODULE=on
go install ./...
Then the binary will be ~/go/bin/termshark
. Or you can get prebuilt binaries from these links:
There's no GUI support yet for configuring these columns. I'm not sure if it's needed. What do you think?
from termshark.
Hi. By some reason it doesn't work for me, I don't see any difference when I change columns
% ./termshark -v
termshark v2.2.0+
I tried to modify this configuration file ~/.config/termshark/termshark.toml
from termshark.
Sorry @zoulja , I'm not sure what went wrong. I just tried with a freshly created Linux user and the Linux binary above. Here's the config termshark wrote out with my extra field added. I added two '%Yut' fields so I could see the difference quickly:
[main]
color-tsharks = ["/usr/bin/tshark"]
column-format = ["%m", "%Yut", "%Yut", "%s", "%d", "%p", "%L", "%i", "%B"]
last-used-tshark = "/usr/bin/tshark"
recent-files = ["/tmp/mix2.pcap"]
validated-tsharks = ["/usr/bin/tshark"]
Would you mind pasting the relevant part of your toml config file?
from termshark.
Oh - the log file might say something useful e.g. if the column formats are incorrect in some way. You can find that at ~/.cache/termshark/termshark.log
on Linux, or from termshark type :logs
.
from termshark.
Ah, my bad. I've rechecked it carefully and it's ok now actually.
Abt GUI - maybe you can add 'Import Wireshark profiles column settings' to simplify migration(even I'm not sure how termshark handles setup which is too long to fit the screen)?
Probably it can be the simplest approach for the beginning(use Wireshark itself as GUI)
from termshark.
Hi @zoulja - I've implemented your suggestion in the configcolumns
branch. If you run the minibufffer :columns
command - or choose "Edit Columns" from the main menu - termshark will open a dialog to let you choose and rearrange the columns in the packet list view. Here's what it looks like:
There is a button provided to import the column preferences from Wireshark, if termshark can find the Wireshark config file.
Here are some pre-built binaries, if you'd like to try it:
Bug reports or suggestions most welcome! :-)
from termshark.
Bug reports or suggestions most welcome! :-)
Hi!
That looks really nice and I have several questions
- Is it possible to add Show/Hide checkbox in Columns editor?
- By some reason Columns configuration imported from Wireshark doesn't work.
Looks like termshark detects it properly(for the test I added Windows size and Checksum status in Wireshark, using Apply as column)
but just can't apply and after pressing Ok I still see default columns - For the next step - any chance to organize columns sets into profiles(HTTP/SNMP/etc)?
- Is it possible to re-implement "Apply as column" feature from Wireshark?
from termshark.
Thanks @zoulja for the excellent suggestions. I'll work on these as soon as I can, hopefully at the weekend!
from termshark.
Hi @zoulja , a clarifying question for me - did you mean profiles consisting of column sets only, or a more general configuration profile like Wireshark?
from termshark.
Currently only about column sets.
Step by step 🙂
from termshark.
Hi @zoulja ,
I've pushed some more updates to the configcolumns branch. Would you mind retrying the "Import from Wireshark" button?
Here's what the latest work looks like:
I didn't include support for custom columns last time, so I've added that, along with hidden columns. In the packet struct view, there is a new button that opens a very simple menu to apply the field as a custom column:
I'll work on your columns sets suggestion next.
Before you test, please could you do the following because I changed the internals a little:
- edit
~/.config/termshark/termshark.toml
and removecolumn-format
andcolumn-format-bak
- remove
~/.cache/termshark/tsharkcolumnsv2.gob.gz
Here are links to some pre-built binaries:
Thanks for trying it out!
from termshark.
I've merged this back to master now. Sorry for the churn, but once again anyone using the builds from this branch should once again edit ~/.config/termshark/termshark.toml
and remove column-format and column-format-bak.
I will open a separate issue for @zoulja's suggestion of storing column preferences, and maybe more, in Wireshark-like profiles.
from termshark.
Related Issues (20)
- Consider using sharkd when it's available
- Consider SIP callflow HOT 7
- New installation fails to launch HOT 1
- Guide for performing a termshark upgrade to latest version
- help
- doesn't work: The termshark UI will start when packets are detected on eth0... HOT 4
- Support decrypting HTTPS/TLS traffic via SSLKEYLOGFILE
- pkg/system/dumpcapext.go build constraints are not specific enough
- Go to packet
- Invisible packets list HOT 2
- panic: runtime error: index out of range [70] with length 70
- High CPU usage when scrolling, or when a lot of packets get received
- Wierd UI looking
- Error starting UI: character set not supported
- Vulnerability of dependency "golang.org/x/net" HOT 2
- [Packet Index, Packet Data] Pair do not match what is seen in Wireshark form Exported PCap file.
- Use Croc in lieu of Wormhole?
- Support vi-style binds in copy mode
- Unable to Quit (from long-running sessions) HOT 1
- Easy transparent background support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from termshark.