Technology and Creativity

Drawing Pcaps With Graphviz

Posted by Niclas Wilhelm Hirschfeld on

Playing around with network dumps in Wireshark, I often was confused, when I had to understand the task of the network devices in a unknown network. Wouldn’t it be nice to have a simple map of all this devices and their connections?

After the only free tool I could find was etherape, primary makes the packet transfer visible, I started to write a small script using Graphviz to display the connections from my PCAP files.

For now my script works very well with small PCAP files but complex maps with more than 20 nodes are still very confusing. The code will go to GitHub after fixing this.