14

I have Wireshark and have used tcpdump, but I was wondering if there was a nice GUI to capture and view packets on the Mac. Ideally, something that is protocol aware, so that it knows how to break up an HTTP request, is able to show SMTP information in a cleaner way than a tcp dump. I know there are a number of HTTP specific tools that fit this bill, but I'm looking for something that is more general.

Tim
  • 1,387
  • 3
  • 16
  • 14

3 Answers3

8

Just to make sure you're not missing the obvious...you're aware that Wireshark does have a nice GUI, and is protocol aware? And has simple analysis features like "Follow TCP Stream" that making analyzing SMTP (and other text-based protocol transactions) so much easier?

Screenshots are here.

larsks
  • 4,053
  • 28
  • 36
  • I totally agree. For example CocoaPacketAnalyzer from http://www.tastycocoabytes.com/cpa/ might look better for some, but it's so much harder to do proper filtering once one knows what Wireshark can do. – Arjan Nov 29 '09 at 20:29
  • Yes. I'm really looking for alternatives to Wireshark, though with a similar set of features. I can usually get Wireshark to do what I need, but it always takes a while to get there, especially if I haven't used it in a while. I was hoping for something simpler to use, even if a bit less powerful. – Tim Nov 29 '09 at 20:36
  • 3
    to be clear wireshark has a crappy GUI – Ben Glasser Aug 07 '14 at 23:25
4

There are quite a few. The search on macupdate turns up some of them:

Community
  • 1
Georg Schölly
  • 1,248
  • 5
  • 18
  • 36
3

I'm a big fan of Charles, which isn't exactly a packet sniffer but does the same thing by using an internal proxy. It has a fantastic GUI and is extremely intuitive. Unfortunately, it's also $50, but has a 30-day trial.

Zac
  • 183
  • 5