Comment by wonger_

17 hours ago

I am in the target audience of "would like to see network activity and debug occasional traffic but totally overwhelmed by termshark." So I appreciate the "what should I click?" thing, and offering weird flows to investigate.

---

Some UX bits I noticed after playing around for a few minutes:

- Esc for backwards navigation was not obvious for me. Maybe emphasize that somehow, and/or support Backspace too for backnav?

- Enter on Domains menu item does not work

- don't mention clicking if mouse is not supported. "Select" would be more appropriate

- packets screen is truncated vertically and horizontally. Probably should be scrollable

- "weird stuff" options are numbered 1-5, but pressing those keys has no effect. There's lots of little polish fixes like this.

---

And then things I wonder about as a novice user:

- Is it possible to see domain names instead of IP addresses while e.g. looking at packets?

- What does it mean to f stream?

- How do I inspect packets? Especially compressed or encrypted data? This is more a knowledge gap, like "what am I supposed to look for", "what could be in a packet", and I guess involves reverse engineering sometimes, but it's also a tooling question.

4 comments

wonger_

eigen-vector 17 hours ago

Thanks a lot for trying. My experience with packet inspection is similar and that's what resulted in me trying to build a simpler plain language UI companion.

• Back navigation: good call. I'll make "Esc back" more explicit everywhere and add Backspace as an alias for back (and mention it in h help).

• Enter on Domains not working: it should drill down to flows. If you can share your OS/terminal + whether you installed from release vs cargo install, I'll try to reproduce and fix in the next release.

• "Clicking" wording: agreed — mouse isn't supported right now. I'll change Ul copy to say Select (and keep "Enter = drill down").

• Packets screen truncation: yep, needs scrolling/paging. On the list views I already do r/; l'll add page scroll and horizontal handling where it makes sense.

• Numbered weird options: great idea - I'll map 1..9 to jump-select and Enter (or open directly).

• Domain names in packets: yes, I want that. I already collect DNS/SNI/HTTP host hints; next step is showing hostname labels alongside IPs when I have more confident mapping.

• "f stream" definition: I'll clarify it as "Follow stream (reassembled payload)" and add a glossary/help entry.

• Inspecting encrypted/compressed data: totally fair. The tool can't decrypt TLS without keys, but it can make it clearer what's happening (SNI/ ALPN, sizes, timing, resets/retransmits). I'Il improve "Explain" to say what's possible vs not.

Super useful feedback thanks!

eigen-vector 16 hours ago

All this has been pushed to main. Thanks again!
tclancy 14 hours ago
Another UI question: is there a reason the options are all upper case letters? It took me a minute to even consider why "w" wasn't working.
- eigen-vector 12 hours ago
  
  Sorry that was a miss on my part. I fixed it in the latest main. Will recognize both in the next release.