Skip to content

Commit b2bfe4d

Browse files
skhellskhell
committed
Initial commit
0 parents  commit b2bfe4d

18 files changed

Lines changed: 7265 additions & 0 deletions

CHANGELOG.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
# Change Log
2+
Please see https://github.com/elelabdev/wireshark-profile/releases for the latest release notes. The notes below have been kept for historical purposes.
3+
All notable changes to the "net-commander" extension will be documented in this file.
4+
5+
<br><br>
6+
7+
## 2025-05-21 - [0.0.1]
8+
### Added
9+
- Initial release

CODE_OF_CONDUCT.md

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
# Code of Conduct
2+
<br>
3+
4+
## Our Pledge
5+
6+
In the interest of fostering an open and welcoming environment, we as contributors and maintainers of **Net Commander** pledge to make participation in our project and our community a harassment‑free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio‑economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
7+
8+
## Our Standards
9+
10+
Examples of behavior that contributes to a positive environment for our community include:
11+
12+
- Using welcoming and inclusive language
13+
- Being respectful of differing viewpoints and experiences
14+
- Gracefully accepting constructive criticism
15+
- Focusing on what is best for the community and for the project
16+
- Showing empathy toward other community members
17+
18+
Examples of unacceptable behavior by participants include:
19+
20+
- The use of sexualized language or imagery and unwelcome sexual attention or advances
21+
- Trolling, insulting/derogatory comments, and personal or political attacks
22+
- Public or private harassment
23+
- Publishing others’ private information without explicit permission
24+
- Other conduct which could reasonably be considered inappropriate in a professional setting
25+
26+
## Enforcement Responsibilities
27+
28+
Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
29+
30+
Maintainers have the right and responsibility to:
31+
32+
- Remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct
33+
- Issue warnings or temporary bans to contributors for behavior they deem inappropriate, threatening, offensive, or harmful
34+
- Escalate serious or persistent violations to GitHub’s Trust & Safety team
35+
36+
## Scope
37+
38+
This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples include interacting in issue trackers, pull requests, community forums, chat channels, and social media.

CONTRIBUTING.md

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
# Contributing to Net Commander
2+
3+
First off, I would like to thank you so much for considering the extension helpful and contributing to **net‑commander**! 🎉 Your help makes this project better for everyone.
4+
5+
6+
## Table of Contents
7+
8+
1. [Reporting Issues](#reporting-issues)
9+
2. [Suggesting Enhancements](#suggesting-enhancements)
10+
3. [Your First Code Contribution](#your-first-code-contribution)
11+
4. [Development Setup](#development-setup)
12+
5. [Coding Style & Tests](#coding-style--tests)
13+
6. [Commit Messages](#commit-messages)
14+
7. [Pull Request Process](#pull-request-process)
15+
8. [Updating Documentation & Changelog](#updating-documentation--changelog)
16+
9. [Code of Conduct](#code-of-conduct)
17+
18+
---
19+
20+
## Reporting Issues
21+
22+
If you find a bug or unexpected behavior:
23+
24+
1. Check existing [Issues](https://github.com/elelabdev/net-commander/issues) to see if it’s already been reported.
25+
2. If not, open a new issue and include:
26+
- A clear and descriptive title.
27+
- Steps to reproduce.
28+
- What you expected vs. what happened.
29+
- Operating system and Node version (`node -v`).
30+
- Any relevant screenshots or logs.
31+
32+
Please use the **bug report** template when prompted.
33+
34+
---
35+
36+
## Suggesting Enhancements
37+
38+
Got an idea for a new feature or improvement?
39+
40+
1. Search existing issues to avoid duplicates.
41+
2. Open a new issue with:
42+
- A descriptive title (e.g. “Add dark‑mode theme support”).
43+
- A summary of the feature.
44+
- Any design ideas or mockups.
45+
- Why it would be useful.
46+
47+
Please use the **feature request** template when prompted.
48+
49+
---
50+
51+
## Your First Code Contribution
52+
53+
Unsure where to start? Look for issues labeled:
54+
- [`good first issue`](https://github.com/elelabdev/net-commander/labels/good%20first%20issue)
55+
- [`help wanted`](https://github.com/elelabdev/net-commander/labels/help%20wanted)
56+
57+
These are typically simpler tasks ideal for first‑time contributors.
58+
59+
---
60+
61+
## Development Setup
62+
63+
1. **Fork** the repo and **clone** your fork locally:
64+
```bash
65+
git clone https://github.com/<your‑username>/net‑commander.git
66+
cd net‑commander

Elelab Packet Drilldown Profile/addr_resolve_dns_servers

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
# This file is automatically generated, DO NOT MODIFY.

Elelab Packet Drilldown Profile/cfilters

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
##########################################################################
2+
# Wireshark Profile: Elelab Packet Drilldown Profile #
3+
# Author: elelabdev #
4+
# Description: For every Network Warrior this Wireshark profile #
5+
# aims to help making troubleshooting easier. #
6+
# #
7+
# Github: https://github.com/elelabdev/wireshark-profile #
8+
# #
9+
# Icon Author: elelab #
10+
# #
11+
# Copyright (C) 2025 elelab #
12+
# https://www.elelab.dev #
13+
# #
14+
# Licensed under the MIT License. See LICENSE file in the project #
15+
# root for details. #
16+
##########################################################################
17+
"Ethernet address 00:00:00:00:00:00" ether host 00:00:00:00:00:00
18+
19+
"Ethernet type 0x0806 (ARP)" ether proto 0x0806
20+
21+
"No Broadcast and no Multicast" not broadcast and not multicast
22+
23+
"No ARP" not arp
24+
25+
"No ARP and no DNS" not arp and port not 53
26+
27+
"Captures VLAN traffic for a particular host." vlan and host 10.0.0.1
28+
29+
"Captures VLAN traffic for a paticular host and a particular port (HTTP in the example)" vlan and (host 10.0.0.1 and port 80)
30+
31+
"Capture PPPOE traffic" pppoes and (host 10.0.0.1 and port 80)
32+
33+
"Captures PPPOE traffic for a paticular host and a particular port (HTTP in the example)" pppoes and host 10.0.0.1
34+
35+
"IPv4 only" ip
36+
37+
"IPv4 address 192.0.2.1" host 192.0.2.1
38+
39+
"Capture only traffic to or from a specific IP address" host 10.0.0.1
40+
41+
"Capture traffic to or from (sources or destinations) a range of IP addresses." net 10.0.0.1 mask 255.255.255.0
42+
43+
"Capture traffic to or from (sources or destinations) a range of IP addresses" src net 10.0.0.1/24
44+
45+
"Capture traffic to or from (sources or destinations) a range of IP addresses" dst net 10.0.0.1/24
46+
47+
"IPv6 only" ip6
48+
49+
"IPv6 address 2001:fr2::1" host 2003:fr2::1
50+
51+
"Capture IPv6 Native Traffic Only. This will exclude tunnelled IPv6" ip6 and not ip proto 41
52+
53+
"Capture only IPv6 over IPv4 Tunnelled Traffic" ip proto 41
54+
55+
"Capture traffic within a range of ports" tcp portrange 1800-1880
56+
57+
"Captures all IPv6 traffic within the local network that is multicast (such as Neighbor and Router advertisements)" dst host ff02::1
58+
59+
"TCP only" tcp
60+
61+
"UDP only" udp
62+
63+
"Non-DNS" not port 53
64+
65+
"TCP or UDP port 80 (HTTP)" port 80
66+
67+
"HTTP TCP port (80)" tcp port http
68+
69+
"Non-HTTP and non-SMTP to/from www.wireshark.org" not port 80 and not port 25 and host www.wireshark.org
70+
71+
"Capture only FTP Traffic" tcp portrange 20-21
72+
73+
"Captures VoIP SIP traffic using TCP" tcp port sip
74+
75+
"Captures VoIP SIP traffic using UDP" udp port sip

Elelab Packet Drilldown Profile/colorfilters

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
# This file was created by Wireshark. Edit with care.
2+
@CRITICAL - Malformed Packet @frame.protocols contains "malformed" @[56540,771,771][65535,65535,65535]
3+
@CRITICAL - Checksum Error @tcp.checksum.status==0 || udp.checksum.status==0 || ip.checksum.status==0 @[59367,15934,15934][65535,65535,65535]
4+
@CRITICAL - ICMP Errors @icmp.type==3||icmp.type==4||icmp.type==5||icmp.type==11||icmpv6.type==1||icmpv6.type==2||icmpv6.type==3||icmpv6.type==4 @[59624,25700,25700][65535,65535,65535]
5+
@CRITICAL - TCP Reset @tcp.flags.reset == 1 @[62451,34695,34695][65535,65535,65535]
6+
@CRITICAL - SCTP ABORT @sctp.chunk_type == ABORT @[60909,38550,38550][65535,65535,65535]
7+
@CRITICAL - Bad TCP Analysis @tcp.analysis.flags && !tcp.analysis.window_update @[61937,44461,44461][56540,771,771]
8+
@CRITICAL - TTL Expired/Unexpected @ip.ttl < 5 && !(ip.dst==224.0.0.0/4) @[60395,49344,49344][56540,771,771]
9+
@CRITICAL - IPv4 Fragmented @ip.flags.mf==1 || ip.frag_offset>0 @[61166,51400,51400][56540,771,771]
10+
@SECURITY-POLICY - TLS Fatal Alert @tls.alert_message.level == 2 @[62194,11822,53970][65535,65535,65535]
11+
@SECURITY-POLICY - IPsec IKE @isakmp @[61423,21074,54741][65535,65535,65535]
12+
@SECURITY-POLICY - SSH Auth-Fail @ssh.message_code == 30 @[62194,25957,56283][65535,65535,65535]
13+
@SECURITY-POLICY - DNS SERVFAIL @dns.flags.rcode == 2 @[61937,35723,57568][65535,65535,65535]
14+
@SECURITY-POLICY - DHCP NAK @bootp.option.dhcp == 6 @[61937,41120,58339][55769,7710,30069]
15+
@WARNINGS - TCP Retransmission @tcp.analysis.retransmission @[61680,44461,9766][65535,65535,65535]
16+
@WARNINGS - TCP Fast Retransmission @tcp.analysis.fast_retransmission @[60909,47031,19018][61937,61166,59881]
17+
@WARNINGS - TCP Spurious Retransmission @tcp.analysis.spurious_retransmission @[61423,50115,27499][65535,65535,65535]
18+
@WARNINGS - TCP Out-of-Order @tcp.analysis.out_of_order @[61937,51914,31611][46003,31097,1542]
19+
@WARNINGS - TCP Zero Window @tcp.analysis.zero_window @[61937,53713,37008][46003,31097,1542]
20+
@WARNINGS - TCP Window Full @tcp.analysis.window_full @[61680,55769,43947][41634,30069,0]
21+
@WARNINGS - TCP Expert Warning @tcp.analysis.flags && !(tcp.analysis.keep_alive || tcp.analysis.keep_alive_ack || tcp.analysis.window_update) @[61423,56797,47802][41634,30069,0]
22+
@WARNINGS - TCP Duplicate ACK @tcp.analysis.duplicate_ack @[61680,59367,54741][41634,30069,0]
23+
@WARNINGS - TCP SACK @tcp.options.sack.count == 1 @[61423,59624,56283][41634,30069,0]
24+
@WARNINGS - TCP Window < MSS @(tcp.window_size<1460) && !(tcp.flags.syn==1 || tcp.flags.reset==1) @[61937,61166,59881][41634,30069,0]
25+
@STATE-SESSION CHANGES - BGP Notification @bgp.type==3 @[8995,9509,22873][65535,52428,0]
26+
@STATE-SESSION CHANGES - TCP SYN (First) @tcp.flags.syn==1 && tcp.flags.ack==0 @[11565,12336,29555][65535,52428,0]
27+
@STATE-SESSION CHANGES - TCP FIN @tcp.flags.fin==1 @[13878,14649,35209][65535,52428,0]
28+
@STATE-SESSION CHANGES - HSRP State Change @hsrp.state not in {8,16} @[15420,16448,40092][65535,52428,0]
29+
@STATE-SESSION CHANGES - OSPF State Change @ospf.msg != 1 @[17219,18247,44461][65535,52428,0]
30+
@STATE-SESSION CHANGES - Spanning-Tree Topology Change @stp.flags.tc==1 || stp.flags.tcack==1 @[19275,20303,49601][65535,52428,0]
31+
@STATE-SESSION CHANGES - IGMP Membership @igmp.type==0x16 || igmp.type==0x17 || igmp.type==0x22 @[23644,24929,59624][65535,52428,0]
32+
@CONTROL-INFRASTRUCTURE - NetFlow / sFlow @cflow || sflow @[0,56283,59367][33153,15677,40092]
33+
@CONTROL-INFRASTRUCTURE - Routing Protocols @hsrp||eigrp||ospf||bgp||cdp||vrrp||carp||isis @[7710,55769,58596][33153,15677,40092]
34+
@CONTROL-INFRASTRUCTURE - Spanning-Tree Protocol @stp @[12850,56283,58853][33153,15677,40092]
35+
@CONTROL-INFRASTRUCTURE - LLDP @lldp @[21845,56283,58339][33153,15677,40092]
36+
@CONTROL-INFRASTRUCTURE - SNMP @snmp @[27756,57311,59110][33153,15677,40092]
37+
@CONTROL-INFRASTRUCTURE - NTP @ntp @[31611,57311,58853][33153,15677,40092]
38+
@CONTROL-INFRASTRUCTURE - GRE Tunnel @gre @[37522,57568,58853][33153,15677,40092]
39+
@CONTROL-INFRASTRUCTURE - VXLAN @vxlan @[45489,58339,59110][33153,15677,40092]
40+
@CONTROL-INFRASTRUCTURE - GTP (Mobile) @gtp @[48830,59367,59881][33153,15677,40092]
41+
@CONTROL-INFRASTRUCTURE - ARP @arp @[51400,58853,59367][33153,15677,40092]
42+
@CONTROL-INFRASTRUCTURE - DHCP / BOOTP @bootp @[52685,58853,59110][33153,15677,40092]
43+
@CONTROL-INFRASTRUCTURE - DNS @dns @[56283,60395,60395][33153,15677,40092]
44+
@CONTROL-INFRASTRUCTURE - mDNS / LLMNR @mdns || llmnr @[59367,61166,61423][33153,15677,40092]
45+
@APP-LEVEL-HANDSHAKES - TLS Handshake @tls.handshake.type @[29555,13878,26985][60652,57825,60138]
46+
@APP-LEVEL-HANDSHAKES - QUIC Traffic @quic @[30069,17219,28013][60652,57825,60138]
47+
@APP-LEVEL-HANDSHAKES - HTTP 4xx/5xx @http.response.code >= 400 @[29041,19275,27499][60652,57825,60138]
48+
@APP-LEVEL-HANDSHAKES - SMTP @smtp @[29555,21074,28013][60652,57825,60138]
49+
@APP-LEVEL-HANDSHAKES - SIP Signalling @sip @[31868,24415,30583][60652,57825,60138]
50+
@APP-LEVEL-HANDSHAKES - SMB / CIFS @smb || nbss || nbns @[36751,28013,35209][60652,57825,60138]
51+
@APP-LEVEL-HANDSHAKES - FTP Control @ftp @[39835,30840,38293][60652,57825,60138]
52+
@APP-LEVEL-HANDSHAKES - POP3 / IMAP @pop || imap @[44718,38550,43690][29555,13878,26985]
53+
@APP-LEVEL-HANDSHAKES - TFTP @tftp @[46774,42148,46003][29555,13878,26985]
54+
@APP-LEVEL-HANDSHAKES - MQTT @mqtt @[51143,47288,50372][29555,13878,26985]
55+
@APP-LEVEL-HANDSHAKES - AMQP @amqp @[52942,48573,52171][29555,13878,26985]
56+
@APP-LEVEL-HANDSHAKES - CoAP @coap @[59110,54998,58339][29555,13878,26985]
57+
@APP-LEVEL-HANDSHAKES - HTTP Requests @http.request @[60395,57825,60138][29555,13878,26985]
58+
@MEDIA-REALTIME - VoIP Calls @sip || rtp @[60652,57825,60138][29555,13878,26985]
59+
@MEDIA-REALTIME - RTP Streams @rtp @[60652,57825,60138][29555,13878,26985]
60+
@MEDIA-REALTIME - RTCP @rtcp @[60652,57825,60138][29555,13878,26985]
61+
@LOW-NOISE - TCP Keep-Alive @tcp.analysis.keep_alive || tcp.analysis.keep_alive_ack || tcp.analysis.window_update @[40092,37522,37522][60138,60138,60138]
62+
@LOW-NOISE - TCP Naked ACK @tcp.flags == 0x0010 && frame.len <= 64 @[49344,46517,46517][24158,23644,25700]
63+
@LOW-NOISE - QoS EF/CS6 @ip.dsfield.dscp==46 || ip.dsfield.dscp==48 @[51657,49344,49344][24158,23644,25700]
64+
@LOW-NOISE - UDP Bulk @udp @[55255,51914,51914][24158,23644,25700]
65+
@LOW-NOISE - Broadcast / Multicast @eth[0] & 1 @[57568,54484,54484][24158,23644,25700]
66+
@LOW-NOISE - VLAN Tagged @vlan @[60138,57311,57311][24158,23644,25700]
67+
@LOW-NOISE - IPv6 @ipv6 @[62451,60395,60395][24158,23644,25700]
68+
@Everything Else @frame @[65535,65535,65535][0,0,0]

Elelab Packet Drilldown Profile/decode_as_entries

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# "Decode As" entries file for Wireshark 4.4.6.
2+
#
3+
# This file is regenerated each time "Decode As" preferences
4+
# are saved within Wireshark. Making manual changes should be safe,
5+
# however.

0 commit comments

Comments
 (0)