- Great idea! This fills a real gap in network debugging workflows.
I can see this being particularly valuable for: - Debugging weird SSL/TLS handshake issues - Analyzing API response timing problems - Understanding network-level failures that don't show up in application logs
The reusable configs feature is especially clever - manually crafting tshark filters every time is such a pain. How complex can these configs get? Can you chain multiple filters together?
- Absolutely!
It's really a tshark wrapper to make it available for LLMs so any capture filter will work. The display filter also accepts any Wireshark accepted filter.
You can also "just" use it to analyse a pcap if you don't need to record traffic as well as pass an SSLKEYLOG file for the decryption.
