[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-6287":3},{"id":4,"name":5,"fullName":6,"owner":5,"repo":5,"description":7,"homepage":8,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":28,"readmeContent":29,"aiSummary":30,"trendingCount":15,"starSnapshotCount":15,"syncStatus":14,"lastSyncTime":31,"discoverSource":32},6287,"wireshark","wireshark\u002Fwireshark","Read-only mirror of Wireshark's Git repository at https:\u002F\u002Fgitlab.com\u002Fwireshark\u002Fwireshark. You're welcome to submit pull requests there.","https:\u002F\u002Fwww.wireshark.org",null,"C",9455,2154,295,2,0,5,24,145,25,41,"GNU General Public License v2.0",false,"master",[25,26,27,5],"packet-capture","stratoshark","tshark","2026-06-12 02:01:17","General Information\n-------------------\n\nWireshark is a network traffic analyzer, or \"sniffer\", for Linux, macOS,\n\\*BSD and other Unix and Unix-like operating systems and for Windows.\nIt uses Qt, a graphical user interface library, and libpcap and npcap as\npacket capture and filtering libraries.\n\nThe Wireshark distribution also comes with TShark, which is a\nline-oriented sniffer (similar to Sun's snoop or tcpdump) that uses the\nsame dissection, capture-file reading and writing, and packet filtering\ncode as Wireshark, and with editcap, which is a program to read capture\nfiles and write the packets from that capture file, possibly in a\ndifferent capture file format, and with some packets possibly removed\nfrom the capture.\n\nThe official home of Wireshark is https:\u002F\u002Fwww.wireshark.org.\n\nThe latest distribution can be found in the subdirectory https:\u002F\u002Fwww.wireshark.org\u002Fdownload\n\n\nInstallation\n------------\n\nThe Wireshark project builds and tests regularly on the following platforms:\n\n  - Linux (Ubuntu)\n  - Microsoft Windows\n  - macOS \u002F {Mac} OS X\n\nOfficial installation packages are available for Microsoft Windows and\nmacOS.\n\nIt is available as either a standard or add-on package for many popular\noperating systems and Linux distributions including Debian, Ubuntu, Fedora,\nCentOS, RHEL, Arch, Gentoo, openSUSE, FreeBSD, DragonFly BSD, NetBSD, and\nOpenBSD.\n\nAdditionally it is available through many third-party packaging systems\nsuch as pkgsrc, OpenCSW, Homebrew, and MacPorts.\n\nIt should run on other Unix-ish systems without too much trouble.\n\nIn some cases the current version of Wireshark might not support your\noperating system. This is the case for Windows XP, which is supported by\nWireshark 1.10 and earlier. In other cases the standard package for\nWireshark might simply be old. This is the case for Solaris and HP-UX.\n\nPython 3 is needed to build Wireshark. AsciiDoctor is required to build\nthe documentation, including the man pages. Perl and flex are required\nto generate some of the source code.\n\nYou must therefore install Python 3, AsciiDoctor, and GNU \"flex\" (vanilla\n\"lex\" won't work) on systems that lack them. You might need to install\nPerl as well.\n\nFull installation instructions can be found in the INSTALL file and in the\nDeveloper's Guide at https:\u002F\u002Fwww.wireshark.org\u002Fdocs\u002Fwsdg_html_chunked\u002F\n\nSee also the appropriate README._OS_ files for OS-specific installation\ninstructions.\n\nUsage\n-----\n\nIn order to capture packets from the network, you need to make the\ndumpcap program set-UID to root or you need to have access to the\nappropriate entry under `\u002Fdev` if your system is so inclined (BSD-derived\nsystems, and systems such as Solaris and HP-UX that support DLPI,\ntypically fall into this category).  Although it might be tempting to\nmake the Wireshark and TShark executables setuid root, or to run them as\nroot please don't.  The capture process has been isolated in dumpcap;\nthis simple program is less likely to contain security holes and is thus\nsafer to run as root.\n\nPlease consult the man page for a description of each command-line\noption and interface feature.\n\n\nMultiple File Types\n-------------------\n\nWireshark can read packets from a number of different file types.  See\nthe Wireshark man page or the Wireshark User's Guide for a list of\nsupported file formats.\n\nWireshark can transparently read compressed versions of any of those files if\nthe required compression library was available when Wireshark was compiled.\nCurrently supported compression formats are:\n\n- GZIP\n- LZ4\n- ZSTD\n\nGZIP and LZ4 (when using independent blocks, which is the default) support\nfast random seeking, which offers much better GUI performance on large files.\nAny of these compression formats can be disabled at compile time by passing\nthe corresponding option to cmake, i.e., `cmake -DENABLE_ZLIB=OFF`,\n`cmake -DENABLE_LZ4=OFF`, or `cmake -DENABLE_ZSTD=OFF`.\n\nAlthough Wireshark can read AIX iptrace files, the documentation on\nAIX's iptrace packet-trace command is sparse.  The `iptrace` command\nstarts a daemon which you must kill in order to stop the trace. Through\nexperimentation it appears that sending a HUP signal to that iptrace\ndaemon causes a graceful shutdown and a complete packet is written\nto the trace file. If a partial packet is saved at the end, Wireshark\nwill complain when reading that file, but you will be able to read all\nother packets.  If this occurs, please let the Wireshark developers know\nat wireshark-dev@wireshark.org; be sure to send us a copy of that trace\nfile if it's small and contains non-sensitive data.\n\nSupport for Lucent\u002FAscend products is limited to the debug trace output\ngenerated by the MAX and Pipeline series of products.  Wireshark can read\nthe output of the `wandsession`, `wandisplay`, `wannext`, and `wdd`\ncommands.\n\nWireshark can also read dump trace output from the Toshiba \"Compact Router\"\nline of ISDN routers (TR-600 and TR-650). You can telnet to the router\nand start a dump session with `snoop dump`.\n\nCoSine L2 debug output can also be read by Wireshark. To get the L2\ndebug output first enter the diags mode and then use\n`create-pkt-log-profile` and `apply-pkt-lozg-profile` commands under\nlayer-2 category. For more detail how to use these commands, you\nshould examine the help command by `layer-2 create ?` or `layer-2 apply ?`.\n\nTo use the Lucent\u002FAscend, Toshiba and CoSine traces with Wireshark, you must\ncapture the trace output to a file on disk.  The trace is happening inside\nthe router and the router has no way of saving the trace to a file for you.\nAn easy way of doing this under Unix is to run `telnet \u003Cascend> | tee \u003Coutfile>`.\nOr, if your system has the \"script\" command installed, you can save\na shell session, including telnet, to a file. For example to log to a file\nnamed tracefile.out:\n\n~~~\n$ script tracefile.out\nScript started on \u003Cdate\u002Ftime>\n$ telnet router\n..... do your trace, then exit from the router's telnet session.\n$ exit\nScript done on \u003Cdate\u002Ftime>\n~~~\n\n\nName Resolution\n---------------\n\nWireshark will attempt to use reverse name resolution capabilities\nwhen decoding IPv4 and IPv6 packets.\n\nIf you want to turn off name resolution while using Wireshark, start\nWireshark with the `-n` option to turn off all name resolution (including\nresolution of MAC addresses and TCP\u002FUDP\u002FSMTP port numbers to names) or\nwith the `-N mt` option to turn off name resolution for all\nnetwork-layer addresses (IPv4, IPv6, IPX).\n\nYou can make that the default setting by opening the Preferences dialog\nusing the Preferences item in the Edit menu, selecting \"Name resolution\",\nturning off the appropriate name resolution options, and clicking \"OK\".\n\n\nSNMP\n----\n\nWireshark can do some basic decoding of SNMP packets; it can also use\nthe libsmi library to do more sophisticated decoding by reading MIB\nfiles and using the information in those files to display OIDs and\nvariable binding values in a friendlier fashion.  CMake  will automatically\ndetermine whether you have the libsmi library on your system.  If you\nhave the libsmi library but _do not_ want Wireshark to use it, you can run\ncmake with the `-DENABLE_SMI=OFF` option.\n\nHow to Report a Bug\n-------------------\n\nWireshark is under constant development, so it is possible that you will\nencounter a bug while using it. Please report bugs at https:\u002F\u002Fgitlab.com\u002Fwireshark\u002Fwireshark\u002F-\u002Fissues.\nBe sure you enter into the bug:\n\n1. The complete build information from the \"About Wireshark\"\n   item in the Help menu or the output of `wireshark -v` for\n   Wireshark bugs and the output of `tshark -v` for TShark bugs;\n\n2. If the bug happened on Linux, the Linux distribution you were\n   using, and the version of that distribution;\n\n3. The command you used to invoke Wireshark, if you ran\n   Wireshark from the command line, or TShark, if you ran\n   TShark, and the sequence of operations you performed that\n   caused the bug to appear.\n\nIf the bug is produced by a particular trace file, please be sure to\nattach to the bug a trace file along with your bug description.  If the\ntrace file contains sensitive information (e.g., passwords), then please\ndo not send it.\n\nIf Wireshark died on you with a 'segmentation violation', 'bus error',\n'abort', or other error that produces a UNIX core dump file, you can\nhelp the developers a lot if you have a debugger installed.  A stack\ntrace can be obtained by using your debugger ('gdb' in this example),\nthe wireshark binary, and the resulting core file.  Here's an example of\nhow to use the gdb command 'backtrace' to do so.\n\n~~~\n$ gdb wireshark core\n(gdb) backtrace\n..... prints the stack trace\n(gdb) quit\n$\n~~~\n\nThe core dump file may be named \"wireshark.core\" rather than \"core\" on\nsome platforms (e.g., BSD systems).  If you got a core dump with\nTShark rather than Wireshark, use \"tshark\" as the first argument to\nthe debugger; the core dump may be named \"tshark.core\".\n\nLicense\n-------\n\nWireshark is distributed under the GNU GPLv2. See the file COPYING for\nthe full text of the license. When in doubt the full text is the legally\nbinding part. These notes are just to make it easier for people that are not\nfamiliar with the GPLv2.\n\nThere are no restrictions on its use. There are restrictions on its distribution\nin source or binary form.\n\nMost parts of Wireshark are covered by a \"GPL version 2 or later\" license.\nSome files are covered by different licenses that are compatible with\nthe GPLv2.\n\nAs a notable exception, some utilities distributed with the Wireshark source are\ncovered by other licenses that are not themselves directly compatible with the\nGPLv2. This is OK, as only the tools themselves are licensed this way, the\noutput of the tools is not considered a derived work, and so can be safely\nlicensed for Wireshark's use. An incomplete selection of these tools includes:\n - the pidl utility (tools\u002Fpidl) is licensed under the GPLv3+.\n\nParts of Wireshark can be built and distributed as libraries. These\nparts are still covered by the GPL, and NOT by the Lesser General Public\nLicense or any other license.\n\nIf you integrate all or part of Wireshark into your own application and you\nopt to publish or release it then the combined work must be released under\nthe terms of the GPLv2.\n\n\nDisclaimer\n----------\n\nThere is no warranty, expressed or implied, associated with this product.\nUse at your own risk.\n\n\nGerald Combs \u003Cgerald@wireshark.org>\n\nGilbert Ramirez \u003Cgram@alumni.rice.edu>\n\nGuy Harris \u003Cgharris@sonic.net>\n","Wireshark是一款网络流量分析工具，适用于Linux、macOS、*BSD及Windows等操作系统。它使用Qt作为图形界面库，并基于libpcap和npcap实现数据包捕获与过滤功能。核心组件包括提供GUI的Wireshark、命令行工具TShark以及用于编辑捕获文件的editcap。Wireshark支持多种协议解析，能够帮助用户深入理解网络通信细节，是网络故障排查、安全审计和教育研究的理想选择。该项目采用GPLv2许可证开源，活跃于多个平台之上，拥有广泛的社区支持和丰富的文档资源。","2026-06-11 03:06:15","top_language"]