wireshark_mcp

# Wireshark MCP Server This is an MCP (Model Context Protocol) server that connects to Wireshark, providing the following features: - Connect to a local Wireshark instance - Provide tools to run Wireshark commands - Include prompts for common data filtering tasks ## Installation 1. Create and activate a Python virtual environment (recommended): ```bash python -m venv venv source venv/bin/activate # Use: venv\Scripts\activate on Windows ``` 2. Install dependencies: ```bash pip install -r requirements.txt ``` 3. Ensure that Wireshark is installed and the tshark command is available: ```bash tshark --version ``` ## Usage ### Start the Server ```bash python wireshark_mcp_server.py ``` The server will start an SSE application, listening on `http://127.0.0.1:3001`, which can be connected to by an MCP-compatible LLM client. ### Test Client A simple test client is provided to verify the server's functionality: ```bash python example_client.py ``` ### Available Tools The server provides the following tools: 1. `wireshark_check_installation` - Check if Wireshark is installed 2. `wireshark_get_interfaces` - Get a list of available network interfaces 3. `wireshark_capture_packets` - Capture network packets 4. `wireshark_read_capture` - Read capture files 5. `wireshark_analyze` - Analyze capture files and provide statistics 6. `wireshark_get_prompts` - Get all prompts 7. `wireshark_get_prompt` - Get a specific prompt For detailed API documentation, please refer to the `DOCUMENTATION.md` file. ## Required Dependencies - Wireshark must be installed on the system - Python 3.10+ ## Frequently Asked Questions ### Missing Permissions On Linux/macOS, you may need to run with root privileges to capture packets: ```bash sudo python wireshark_mcp_server.py ``` Alternatively, grant appropriate permissions to the dumpcap command: ```bash sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap ``` ### tshark Command Not Found Ensure that Wireshark is correctly installed and that the tshark command is in the system PATH. ### Server Startup Error If you see error messages indicating that certain modules cannot be found, it may be due to incomplete dependency installation. Please ensure that all dependencies are correctly installed: ```bash pip install -r requirements.txt ```