Comment by qwertox

3 days ago

Wireshark seems a bit misleading. More like a "network inspector" if one leans towards the browser's network tab in the inspector?

But it really looks useful and I'll definitely play with it to see if I put it into my toolbox.

6 comments

qwertox

Reply
adtac  3 days ago

Thanks!

re the Wireshark analogy: the reason I used that was because: (1) Subtrace operates at roughly the same level in the operating system stack, (2) has similar capabilities, (3) has an overlap in use-cases, and (4) has been the most effective at communicating what Subtrace is in my experience so far. I can see why the analogy is not a perfect 1:1 mapping (obligatory xkcd: https://xkcd.com/624), but naming things is hard and taglines are just names in idea space :)

  • jolmg  3 days ago

    My first impression with "Wireshark for Docker containers" is "... Well, Wireshark already works with Docker containers, so if your goal is to be Wireshark for Docker containers, you'll just fail by definition. Can't beat Wireshark at being Wireshark."

    I'm saying this just FYI. I haven't actually looked at what your product does, but if it were to matter to me, it'd be based on what it can offer that Wireshark can't, rather than how similar it is to Wireshark.

    • beardedwizard  2 days ago

      I'm struggling to understand why I wouldn't just use wireshark and specify the interface as well. Reading docs shows you need to invoke your container with this as a wrapper which to me is quite a bit scarier than attaching to an interface.

  • conradev  3 days ago

    Can I download a pcap file? Being able to view and debug the application protocol is one thing, but I can use Wireshark to view and debug TCP itself.

    Reading the documentation makes it sound like this sits one or two levels above where Wireshark usually operates, which is why I think the analogy is tough.

  • Mekoloto  2 days ago

    Wireshark is a weird choice in my opinion because you know, why would i use Subtrace if i can use Wireshark?

    and People who don't know how to use Wireshark want probably a better motivation to use Subtrace than 'its like wireshark' because there is a reason why they don't use it.

chatmasta  2 days ago

I can already use Wireshark itself with docker containers.

IMO the real UX problem is that there’s nothing in between “Wireshark” and “DevTools.”

What would be cool is a program that renders the real DevTools UI from a .pcap file (or stdin).

There’s a lot of use cases where I can capture all the traffic with Wireshark but I just want a basic DevTools interface.