Comment by wonger_
12 hours ago
I am in the target audience of "would like to see network activity and debug occasional traffic but totally overwhelmed by termshark." So I appreciate the "what should I click?" thing, and offering weird flows to investigate.
---
Some UX bits I noticed after playing around for a few minutes:
- Esc for backwards navigation was not obvious for me. Maybe emphasize that somehow, and/or support Backspace too for backnav?
- Enter on Domains menu item does not work
- don't mention clicking if mouse is not supported. "Select" would be more appropriate
- packets screen is truncated vertically and horizontally. Probably should be scrollable
- "weird stuff" options are numbered 1-5, but pressing those keys has no effect. There's lots of little polish fixes like this.
---
And then things I wonder about as a novice user:
- Is it possible to see domain names instead of IP addresses while e.g. looking at packets?
- What does it mean to f stream?
- How do I inspect packets? Especially compressed or encrypted data? This is more a knowledge gap, like "what am I supposed to look for", "what could be in a packet", and I guess involves reverse engineering sometimes, but it's also a tooling question.
Thanks a lot for trying. My experience with packet inspection is similar and that's what resulted in me trying to build a simpler plain language UI companion.
• Back navigation: good call. I'll make "Esc back" more explicit everywhere and add Backspace as an alias for back (and mention it in h help).
• Enter on Domains not working: it should drill down to flows. If you can share your OS/terminal + whether you installed from release vs cargo install, I'll try to reproduce and fix in the next release.
• "Clicking" wording: agreed — mouse isn't supported right now. I'll change Ul copy to say Select (and keep "Enter = drill down").
• Packets screen truncation: yep, needs scrolling/paging. On the list views I already do r/; l'll add page scroll and horizontal handling where it makes sense.
• Numbered weird options: great idea - I'll map 1..9 to jump-select and Enter (or open directly).
• Domain names in packets: yes, I want that. I already collect DNS/SNI/HTTP host hints; next step is showing hostname labels alongside IPs when I have more confident mapping.
• "f stream" definition: I'll clarify it as "Follow stream (reassembled payload)" and add a glossary/help entry.
• Inspecting encrypted/compressed data: totally fair. The tool can't decrypt TLS without keys, but it can make it clearer what's happening (SNI/ ALPN, sizes, timing, resets/retransmits). I'Il improve "Explain" to say what's possible vs not.
Super useful feedback thanks!
All this has been pushed to main. Thanks again!
Another UI question: is there a reason the options are all upper case letters? It took me a minute to even consider why "w" wasn't working.
Sorry that was a miss on my part. I fixed it in the latest main. Will recognize both in the next release.