Julia Evans explains how she uses Wireshark:
Usually I use Wireshark to debug networking problems in production. My Wireshark workflow is:
- Capture packets with tcpdump (typically something like
sudo tcpdump port 443 -w output.pcap- scp the pcap file to my laptop (
scp host:~/output.pcap .)- Open the pcap file in Wireshark (
wireshark output.pcap)That’s pretty simple! But once you have a pcap file with a bunch of packets on your laptop, what do you do with it?
Wireshark is my go-to tool for diagnosing networking issues.