Manual Pages
The following man pages
are part of the Wireshark distribution. They are available via the
man command on
UNIX
androiddump -
Provide interfaces to capture from Android devices
capinfos -
Prints information about capture files
captype -
Prints the types of capture files
ciscodump -
Provide interfaces to capture from a remote Cisco device through SSH.
dftest -
Shows display filter byte-code, for debugging dfilter routines.
dumpcap -
Dump network traffic
editcap -
Edit and/or translate the format of capture files
etwdump -
Provide an interface to read Event Tracing for Windows (ETW)
extcap -
The extcap interface
idl2wrs -
CORBA IDL to Wireshark Plugin Generator
mergecap -
Merges two or more capture files into one
mmdbresolve -
Read IPv4 and IPv6 addresses and print their IP geolocation information.
randpkt -
Random packet generator
randpktdump -
Provide an interface to generate random captures using randpkt
rawshark -
Dump and analyze raw pcap data
reordercap -
Reorder input file by timestamp into output file
sshdump -
Provide interfaces to capture from a remote host through SSH using a remote capture binary.
text2pcap -
Generate a capture file from an ASCII hexdump of packets
tshark -
Dump and analyze network traffic
udpdump -
Provide a UDP receiver that gets packets from network devices (like Aruba routers) and exports them in PCAP format.
wifidump -
Provides an interface to capture Wi-Fi frames from a remote host through SSH.
wireshark-filter -
Wireshark display filter syntax and reference
wireshark -
Interactively dump and analyze network traffic
Capture filtering is handled by libpcap, and its documentation is part of the libpcap distribution.
pcap-filter -
Capture filter syntax