Wireshark

The second life of the packet analysis tool formerly known as , which reached 1.0 on Mar 31st, 2008.

Resources

  • Termshark, a Go-based terminal UI for tshark

Basic vim folding for text dumps (basically fold on any line beginning with a space, one level only):

:set foldexpr=getline(v:lnum)[0]==\"\ \"
:set foldmethod=expr

Under , Wireshark can be built from MacPorts, and it should be done using:

$ sudo port install wireshark +ipv6

This avoids, among other things, a couple of bugs that may cause the application to crash. (setting X11 to thousands of colors also helps).

This page is referenced in: