UPGRADE YOUR SKILLS: Learn advanced Swift and SwiftUI on Hacking with Swift+! >>

"Etherdump" family of open source packet capture applications and Swift Packages

Forums > App Announcements
@darrellroot  

I’ve released a family of open source Swift SwiftUI apps and packages for Ethernet Frame / Network Packet capture and analysis.

You don’t need to do low-level network programming in C. You can do it in Swift!

Available in the MacOS App store, “Etherdump Lite” decodes .pcap and .pcapng packet captures made with other tools (such as tcpdump or Wireshark). This version does not directly capture packets (per Mac App Store sandbox restrictions). https://apps.apple.com/us/app/etherdump-lite/id1501736329?ls=1

The full version, “Etherdump”, supports direct packet captures (assuming your user account has read-access to /dev/bpf*, see the help for details). The binary is notarized by Apple and free for download at https://networkmom.net/etherdump/

Etherdump and Etherdump Lite are implemented in Swift and SwiftUI. Source code is at https://github.com/darrellroot/Etherdump

PackageEtherCapture is a Swift package for MacOS which wraps the C PCAP libraries, allowing convenient capture of ethernet frames and network packets from a Swift MacOS Application (non-sandboxed). It vends a Frame hierarchical data structure with the network protocols decoded. https://github.com/darrellroot/PackageEtherCapture

PackageSwiftPcapng : A swift package for parsing .pcap and .pcapng files (the standard output format generated by packet capture tools such as tcpdump and Wireshark). PackageSwiftPcapng is designed to make it easy to get the packet data out of the .pcap/.pcapng files for protocol decode by PackageEtherCapture. https://github.com/darrellroot/PackageSwiftPcapng

At this time the following protocol decodes are supported:

  • Layer 2: Ethernet, 802.3, 802.2 SNAP
  • Layer 2+: ARP, BPDU, CDP, LLDP
  • Layer 3: IPv4, IPv6
  • Layer 4: TCP, UDP, ICMPv4, ICMPv6

Additional decodes are under active development. Warning: The Frame data structure vended by PackageEtherCapture is constantly changing, so develop against a specific package version rather than “latest version”.

Darrell

email: feedback AT networkmom.net

Etherdump Full Version Screenshot

3      

@twostraws  Site AdminHWS+

Great job! That's a really powerful app 👍

4      

Hacking with Swift is sponsored by Essential Developer

SPONSORED Join a FREE crash course for mid/senior iOS devs who want to achieve an expert level of technical and practical skills – it’s the fast track to being a complete senior developer! Hurry up because it'll be available only until April 28th.

Click to save your free spot now

Sponsor Hacking with Swift and reach the world's largest Swift community!

Archived topic

This topic has been closed due to inactivity, so you can't reply. Please create a new topic if you need to.

All interactions here are governed by our code of conduct.

Swift breaks down barriers between ideas and apps, and I want to break down barriers to learning it. I’m proud to make hundreds of tutorials that are free to access, and I’ll keep doing that whatever happens. But if that’s a mission that resonates with you, please support it by becoming a HWS+ member. It’ll bring you lots of benefits personally, but it also means you’ll directly help people all over the world to learn Swift by freeing me up to share more of my knowledge, passion, and experience for free! Become Hacking with Swift+ member.
Click here to visit the Hacking with Swift store >>
 
Unknown user

You are not logged in

Log in or create account
 

Link copied to your pasteboard.