Skip to content

ikegam/webshark

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
static
static
 
 
.gitignore
.gitignore
 
 
AGENTS.md
AGENTS.md
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
paper.md
paper.md
 
 

Repository files navigation

WebShark

🦈 A web-based network analysis tool for real-time packet visualization on Linux gateways.

Features

  • 🚀 Simple Setup: Single binary written in Rust
  • 📊 Real-time Visualization: Dynamic updates via WebSocket
  • 🔍 tshark Integration: Uses Wireshark's tshark command
  • 🎨 Beautiful UI: Modern web interface
  • 📈 Statistics: Protocol-wise and source/destination statistics
  • High Performance: Compressed WebSocket communication
  • 🔧 Flexible Filtering: tshark filter support and localhost toggle

Requirements

System Requirements

  • Linux OS (Ubuntu, CentOS, Debian, etc.)
  • Rust 1.70+
  • Wireshark (tshark command)

Installation

  1. Install Wireshark:

    # Ubuntu/Debian
sudo apt update
sudo apt install wireshark-common

# CentOS/RHEL
sudo yum install wireshark-cli

# or
sudo dnf install wireshark-cli

  2. Set Permissions (Important):

    # Add to wireshark group
sudo usermod -a -G wireshark $USER

# Or allow tshark to run without sudo
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/tshark

  3. Install Rust (if needed):

    curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source ~/.cargo/env

Build and Run

  1. Build the project:

    cargo build --release

  2. Run:

    # Run with administrator privileges (for network interface access)
sudo ./target/release/webshark

  3. Access via browser:

    http://localhost:3000

Usage

  1. Access http://localhost:3000 in your browser
  2. Click "Start" button to begin packet capture
  3. Real-time packet information will be displayed
  4. Statistics are automatically updated
  5. IPv6 and ARP addresses are also detected. If no address information is present, Unknown will be displayed.

Configuration Options

Interface Specification

By default, all interfaces (any) are monitored. To specify a particular interface, modify line 129 of src/main.rs:

.args(&[
    "-i", "eth0",  // Specific interface
    // ...
])

Port Change

To change the default port 3000, modify line 97:

let listener = tokio::net::TcpListener::bind("0.0.0.0:8080").await.unwrap();

Troubleshooting

1. tshark not found

Check with:

which tshark

Ensure the path is correct.

2. Permission errors

Run with:

sudo ./target/release/webshark

or perform the permission setup mentioned above.

3. Network interface not found

Check available interfaces with:

ip link show

4. WebSocket connection errors

Ensure port 3000 is open in the firewall:

sudo ufw allow 3000

Development

Log output

RUST_LOG=debug cargo run

Hot reload

cargo watch -x run

Security Notes

  • This tool requires administrator privileges to run
  • Set appropriate access restrictions in production environments
  • Consider privacy when monitoring network traffic

License

BSD 4-Clause License

Contributing

Please submit bug reports and feature requests via GitHub Issues.

About

Web network monitoring tool similar to Wireshark

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages