All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Wireshark 4.6.0 Adds macOS pktap Metadata Support for Process-Level Network Analysis

By

c0nsumer

7mo ago· 2 min readenNews
Bagel score 75 of 100
75/100
Toasty
Bagelometer

Not artisan, but a perfectly fine bagel. Hits the spot.

Score75TypenewsSentimentpositive

Summary

Wireshark 4.6.0 now supports parsing macOS pktap metadata including process ID and process name information, enabling network administrators to capture and analyze network traffic with detailed process-level information. The article explains how to use the pktap interface parameter with tcpdump to capture on multiple interfaces simultaneously, providing a practical example of capturing on loopback and en0 interfaces.

Key quotes

· 4 pulled
Four years after my post on doing network captures on macOS with Process ID, Wireshark 4.6.0 has been released which includes support for parsing this extra metadata, including the process info.
So how do you do it? Easy! You just need the pktap interface parameter.
Alternatively, to capture on more than one interface at a time, one may use "pktap" as the interface parameter followed by an optional list of comma separated interface names to include.
For example, to capture on the loopback and en0 interface: tcpdump -i pktap,lo0,en0
Snippet from the RSS feed
Four years after my post on doing network captures on macOS with Process ID, Wireshark 4.6.0 has been released which includes support for parsing this extra metadata, including the process info.

You might also wanna read

AgentSwift: An Autonomous AI Coding Agent for Apple Platform Development

AgentSwift is a native macOS application that runs an autonomous AI coding agent specifically designed for Apple platform development. It us

github.com·1mo ago

Package Mate: Open-Source macOS Development Environment Manager for Apple Silicon

Package Mate is an open-source macOS development environment manager built in Go for Apple Silicon. It simplifies macOS dev setup by allowin

Product Hunt·1mo ago

macOS 26.3.1 Update Breaks /etc/resolver/ DNS Configuration for Custom TLDs

A detailed bug report documenting a regression in macOS 26.3.1 where the /etc/resolver/ mechanism for custom TLD DNS resolution has stopped

gist.github.com·2mo ago

Safehouse: macOS Kernel-Level Sandboxing for Secure Local AI Agent Development

Safehouse is a macOS-native sandboxing solution for local AI agents that provides kernel-level enforcement to prevent destructive actions. I

agent-safehouse.dev·2mo ago

Accessing Apple Silicon MacBook Accelerometer and Gyroscope via IOKit HID

This article documents a GitHub project that enables reading the undocumented MEMS accelerometer and gyroscope sensors in Apple Silicon MacB

github.com·3mo ago

Developer Tests Apple's Fix for macOS Window-Resizing Bug in 26.3 Release Candidate

A developer investigates Apple's claim that a window-resizing bug in macOS 26.3 Release Candidate has been fixed. The developer created a te

noheger.at·3mo ago