/usr/share/wireshark/help/overview.txt is in libwireshark-data 1.6.7-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | Wireshark is a GUI network protocol analyzer.
It lets you interactively browse packet data from a live network or from a previously saved capture file.
See: http://www.wireshark.org for new versions, documentation, ...
Wireshark's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools. So Wireshark can read capture files from:
-libpcap/WinPcap, tcpdump and various other tools using tcpdump's capture format
-snoop and atmsnoop
-Shomiti/Finisar Surveyor captures
-Novell LANalyzer captures
-Microsoft Network Monitor captures
-AIX's iptrace captures
-Cinco Networks NetXRay captures
-Network Associates Windows-based Sniffer captures
-Network General/Network Associates DOS-based Sniffer (compressed or uncompressed) captures
-AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/PacketGrabber captures
-RADCOM's WAN/LAN analyzer captures
-Network Instruments Observer version 9 captures
-Lucent/Ascend router debug output
-files from HP-UX's nettl
-Toshiba's ISDN routers dump output
-the output from i4btrace from the ISDN4BSD project
-traces from the EyeSDN USB S0.
-the output in IPLog format from the Cisco Secure Intrusion Detection System
-pppd logs (pppdump format)
-the output from VMS's TCPIPtrace/TCPtrace/UCX$TRACE utilities
-the text output from the DBS Etherwatch VMS utility
-Visual Networks' Visual UpTime traffic capture
-the output from CoSine L2 debug
-the output from Accellent's 5Views LAN agents
-Endace Measurement Systems' ERF format captures
-Linux Bluez Bluetooth stack hcidump -w traces
There is no need to tell Wireshark what type of file you are reading; it will determine the file type by itself. Wireshark is also capable of reading any of these file formats if they are compressed using gzip. Wireshark recognizes this directly from the file; the '.gz' extension is not required for this purpose.
|