This Wireshark profile is designed to make Wi-Fi packet analysis is designed to focus on simplicity and readability. It is a fork of the MetaGeek Wireshark Configuration Profile.
It is based on the original frame colors from MetaGeek Eye P.A., with significant updates being added with the release of MetaGeek Tonic (now MetaGeek Chanalyzer 6).
Transform Wireshark from a boring white wall of test...
...to a clean and simple UI with industry-standard colors to identify each frame type.
On macOS:
- Download the .zip file the Releases page.
- Unzip the file, which will produce a PotatoFrames folder.
- Open Wireshark.
- Press
Command+Shift+A. - Click the directory path in the lower right to open the Profiles folder.
- Drag the PotatoFrames folder into the Profiles folder.
- Activate the profile in the lower right corner of Wireshark.
Management frames are colored purple, control frames are orange, and data frames are blue, making frame exchanges super mega easy to track.
Malformed frames and frames that fail checksums are colored red.
See frame Sub-Types in a clear and readible column.
The frame type column marks retries without changing the color.
"Hide Bad", "Hide Data", "Hide Management", and "Hide Control" shortcut buttons mean that there are 4 less regular expressions for you to remember and type.
Apply the AP/Client Conversation filter, and copy/paste in your AP and client MAC addresses to quickly filter down to a specific conversation.
Replace aa:aa:aa:aa:aa:aa with AP radio MAC address Replace cc:cc:cc:cc:cc:cc with client MAC address