Last active
March 23, 2021 02:50
-
-
Save pocc/b2017eeb2609f80a38d8db811d1c6cb8 to your computer and use it in GitHub Desktop.
Use WSL tshark to colorize output and Windows tshark for everything else
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Copyright 2019 Ross Jacobs | |
| # | |
| # tshark --color on Windows is limited to 16 colors vs 24-bit "true color" | |
| # on other platforms. This script uses both WSL and Windows tshark in | |
| # order to get color parity on Windows. | |
| # | |
| # Install: | |
| # Add this function to your WSL ~/.bashrc and then `source ~/.bashrc` | |
| # | |
| # Description: | |
| # Use Windows as the default for capturing due to WSL limitations: | |
| # Capturing packets in WSL will not work with SOCK_RAW/SOCK_PACKET | |
| # not yet implemented (https://github.com/Microsoft/WSL/issues/1515) | |
| # Use Linux for reading because it can print ANSI escape codes | |
| function tshark { | |
| # Change these locations if these are not correct | |
| windows_tshark="/mnt/c/Program Files/Wireshark/tshark.exe" | |
| linux_tshark="/usr/bin/tshark" | |
| if ! [[ $(which "${windows_tshark}") ]] | |
| then echo "Windows tshark not found! Install with executable from Wireshark.org"; sleep 5; exit | |
| elif ! [[ $(which "${linux_tshark}") ]] | |
| then echo "WSL tshark not found! Install with `sudo apt install tshark`"; sleep 5; exit | |
| fi | |
| if [[ "$@" =~ "-r" ]] | |
| then "${linux_tshark}" "$@" --color | |
| elif ! [[ "$@" =~ "-w" || "$@" =~ "-D" || "$@" =~ "-L" || "$@" =~ "-h" || "$@" =~ "-v" ]] | |
| then "${windows_tshark}" -w - | "${linux_tshark}" "$@" -r - --color | |
| else | |
| "${windows_tshark}" "$@" | |
| fi | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment