Package: wnpp Severity: wishlist * Package name : termshark Version : 1.0.0 Upstream Author : gcla * URL : https://termshark.io/ * License : MIT/Expat? Programming Lang: Golang Description : simple terminal user-interface for tshark
A terminal user-interface for tshark, inspired by Wireshark. If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help! Features * Read pcap files or sniff live interfaces (where tshark is permitted). * Inspect each packet using familiar Wireshark-inspired views * Filter pcaps or live captures using Wireshark's display filters * Copy ranges of packets to the clipboard from the terminal * Written in Golang, compiles to a single executable on each platform - downloads available for Linux (+termux), macOS, FreeBSD, and Windows ---- I don't believe there's any tool as powerful to do packet analysis interactively without a graphical user interface, directly on the server. This has several benefits: * packet analysis can be done directly on the server, in real-time, without having to copy files over the a GUI-enabled machine, do X forwarding or other shenanigans * possible compromise through the packet analysis software doesn't contaminate external machines because of the "I need to load that pcap file on my desktop" vector * it makes Xorg and Wayland haters and greybeard UNIX hackers happier because they can look even more 133t by running even more stuff in a dark obscure terminal no one else can possibly understand (not that Wireshark was particularly intuitive itself, of course, but this is an added bonus) It has a bunch of dependencies: https://github.com/gcla/termshark/blob/master/go.mod This is an estimate of the work needed: $ dh-make-golang estimate github.com/gcla/termshark 2019/04/23 09:02:34 Bringing github.com/gcla/termshark to Debian requires packaging the following Go packages: github.com/gcla/termshark github.com/gcla/gowid github.com/go-test/deep gopkg.in/fsnotify.v1 github.com/gcla/deep I believe the `fsnotify` package is a false positive there, there is at least two versions of this in Debian already: https://tracker.debian.org/pkg/golang-fsnotify https://tracker.debian.org/pkg/golang-github-howeyc-fsnotify ... not sure what's up with that. I haven't found anything for go-test/deep or gcla/deep (are those the same thing?) or gcla/gowid either. The latter (gowid) might be especially problematic because there are *many* such libraries in the golang world: https://github.com/gcla/gowid#similar-projects https://appliedgo.net/tui/ ... and gowid is not a particularly popular one: https://libs.garden/go/terminal?sort=popular It might nevertheless not be a problem to have distinct codebases as long as they don't overlap, just like we have (say) GTK and QT. ;) I'd love if someone from the golang team would just tackle this, but I might do it myself if the needs becomes too pressing.
