Wireshark
Wireshark is a powerful open-source network protocol analyzer used for capturing, inspecting, and analyzing network traffic in real time. It is widely used by network engineers, security professionals, and developers for troubleshooting, protocol analysis, and network forensics.
Packet Flow Graph​
[Your Device] <---> [Switch/Router] <---> [Internet]
| |
[Wireshark] [Wireshark]
(Capturing traffic) (Capturing traffic)
Wireshark can capture traffic on any device/interface where it is installed and has the necessary permissions.
Commands​
sudo tshark -i en0 -f "tcp port 21" -w packet_capture.pcap
sudo tcpdump -i en0 icmp