Skip to content
/ packet-capture Public

A Bash script for real-time packet capture and analysis using tshark. Monitor network traffic, capture packets, and analyze retransmissions and resets. Perfect for network troubleshooting and security assessments.

License

MIT license
14 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FReak4L/packet-capture

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github
.github
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
packet_capture.sh
packet_capture.sh
 
 

Repository files navigation

Network Packet Capture & Analysis Script

Overview

This Bash script leverages the power of tshark for real-time network packet capture and analysis. Designed for network engineers and security professionals, it streamlines monitoring network traffic, detecting anomalies, and troubleshooting issues.

Key Features

  • Real-time Packet Capture: Capture packets on specified network interfaces for a user-defined duration.
  • Detailed Analysis: Evaluate captured packets for retransmissions, resets, and other critical metrics.
  • User-Friendly Interface: Interactive prompts make it easy to navigate, suitable for users of all skill levels.
  • Efficient Reporting: Generates a concise summary of the captured data, highlighting key performance indicators.

Execute the Script

run the script directly using wget : 

wget "https://raw.githubusercontent.com/FReak4L/packet-capture/main/packet_capture.sh" -O packet_captrue.sh && sed -i 's/\r$//' packet_captrue.sh && bash packet_captrue.sh

How It Works

  1. Start the Script: The command fetches the script and pipes it directly into bash for execution.
  2. User Inputs: You will be prompted to enter:
    • The network interface (e.g., eth0, wlan0).
    • The capture duration in seconds.
    • The maximum number of packets to capture.

Logic & Calculations

  • Packet Capture: Uses tshark to capture packets from the specified network interface based on user-defined parameters.
  • Data Analysis: After capturing, the script processes the data:
    • Total Packets: Counts all captured packets.
    • Retransmissions & Resets: Identifies and quantifies any retransmissions and TCP reset packets.
    • Loss Rate Calculation: Placeholder values are set for lost packets and out-of-order calculations, laying the groundwork for advanced reporting.

Conclusion

With its intuitive interface and robust functionality, this packet capture script is an essential tool for diving deeper into network diagnostics and performance tuning. Whether you're troubleshooting connectivity issues, analyzing traffic patterns, or enhancing network security, this script is your go-to solution.

Harness the power of tshark and elevate your network management strategy today!

About

A Bash script for real-time packet capture and analysis using tshark. Monitor network traffic, capture packets, and analyze retransmissions and resets. Perfect for network troubleshooting and security assessments.

Resources

Readme

License

MIT license
Activity

Stars

14 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 1

V 1 Latest
Sep 25, 2024

Sponsor this project

Packages

No packages published

Languages