Skip to main content

Initiate wireshark remote capture (SSH or AVM FRITZ!Box)

Project description

Build Status Coverage Status PyPI Version

wireshark_remote - Initiate wireshark remote capture (SSH or AVM FRITZ!Box)

This project provides the wireshark-ssh and wireshark-fritzbox wrapper scripts that simplify executing Wireshark to remotely capture network traffic.

Installation

wireshark_remote (and its dependencies) can be installed from PyPI with: python -m pip install wireshark_remote

In addition the following programs need to be available an in PATH. The corresponding packages have to be installed through your distro's package manager.

wireshark-ssh requires on the host:

  • wireshark
  • ssh

and on the remote machine (besides having an SSH server running):

  • tcpdump
  • sudo (optional)

wireshark-fritzbox requires on the host:

  • wireshark
  • wget

Usage

wireshark-ssh

Usage: wireshark-ssh.py [OPTIONS] HOST [EXPRESSION]...

  Launches wireshark locally and runs tcpdump on the remote [USER@]HOST via
  SSH. An optional tcpdump filter EXPRESSION allows to prefilter the captured
  packets.

Options:
  -i, --interface TEXT  The interface to capture from (default any).
  -s, --sudo            Run tcpdump via sudo.
  --help                Show this message and exit.

The following example shows how to remotely capture DNS network traffic on any interface over SSH (tcpdump is executed with sudo on the remote host):

wireshark-ssh --sudo <user>@<host> port 53

wireshark-fritzbox

Usage: wireshark-fritzbox.py [OPTIONS] [HOST]

  Launches wireshark locally and captures from the AVM FRITZ!Box webinterface.

Options:
  -i, --interface TEXT  The interface to capture from (default 3-0).
  -U, --username TEXT   [required]
  -P, --password TEXT   [required]
  --help                Show this message and exit.

The following example shows how to remotely capture all network traffic on the Routing Interface (3-0) of the AVM FRITZ!Box on fritz.box:

wireshark-fritzbox -U <username> -P <password>

License

This projected is licensed under the terms of the MIT license.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

wireshark_remote-0.1.0.tar.gz (9.0 kB view hashes)

Uploaded Source

Built Distribution

wireshark_remote-0.1.0-py3-none-any.whl (7.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page