I have Wireshark and have used tcpdump, but I was wondering if there was a nice GUI to capture and view packets on the Mac. Ideally, something that is protocol aware, so that it knows how to break up an HTTP request, is able to show SMTP information in a cleaner way than a tcp dump. I know there are a number of HTTP specific tools that fit this bill, but I’m looking for something that is more general.
Just to make sure you’re not missing the obvious…you’re aware that Wireshark does have a nice GUI, and is protocol aware? And has simple analysis features like “Follow TCP Stream” that making analyzing SMTP (and other text-based protocol transactions) so much easier?
Screenshots are here.
There are quite a few. The search on macupdate turns up some of them:
I’m a big fan of Charles, which isn’t exactly a packet sniffer but does the same thing by using an internal proxy. It has a fantastic GUI and is extremely intuitive. Unfortunately, it’s also $50, but has a 30-day trial.