This wiki is a community-maintained resource about everything there is to know about IPFire.
New add-on as of Core Update 132.
tshark is a network protocol analyzer. It has many possible uses, including capturing packet data from live connections, reading packets from a previously saved capture file, printing a decoded form of those packets to the standard output, and writing the packets to a file.
* Deep inspection of hundreds of protocols
* Live capture and offline analysis
* VoIP analysis
* Read/write different capture file formats
* Collection of various types of statistics
* Capture files compressed with gzip can be decompressed on the fly
* Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others
* Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
* Coloring can be applied for quick intuitive analysis
* Output can be exported to XML, PostScript®, CSV, or plain text
tshark can be installed with the Pakfire web interface or via the console:
pakfire install tshark
There is no web interface for this Addon. To run this Addon open the client console or terminal and access the IPFire box via SSH.
To obtain a list of possible commands and parameters use: