Thank you for your review
$29 99
Email me when discounted: 

PacketStream provides point-and-click activation of the Mac's built-in network monitoring program, which is usually available only from the command line. By clicking a few buttons, you can monitor data as it streams over your network--especially useful for checking Web traffic, network bottlenecks, or even suspicious network activity. All network data is displayed in the application itself, and you can save the data to a file for further analysis later.

PacketStream provides a user-friendly way to configure and use the Mac's network monitoring tools. It is easier than typing in cryptic commands in Terminal. It is more...

What's New

Version 6.1.0:
  • Improvements in Sparkle update engine
  • Updates to support tcpdump changes on OS X 10.9
  • Fix OS X 10.9 bug with running command with elevated privileges
  • UI improvements


  • OS X 10.9 or later

Similar Software

Open Comparison
Suggest Other Similar Software
Leave a Review

PacketStream User Discussion

Nobody has reviewed or commented on this app yet. Add your own comment and get a discussion going!
Sort by: Time | Smiles
Skeller Member IconReview+16

Packet Peeper is free and much more useful.
PacketStream doesn't show anything more than raw data.

Reply0 replies
Version 5.0.0
paulsrandall@mac.com Member IconComment+24

I downloaded this and tried monitoring ports, but see just a blank screen. I also tried Cocoa Packet Analyzer and it shows a wealth of information. I've checked settings and everything looked fine. I know that I have port activity because both Hands Off! and Little Snitch show lots of activity in their monitor windows.

Reply2 replies
Version 5.0.0
Wordtech Communications Llc (Developer)

Please e-mail me directly for support/troubleshooting...nothing we can do here at MacUpdate to see what is going on.

Wordtech Communications Llc (Developer)

Any errors logged to console? Are you running it as an admin? Have you set the correct network interface?

Sgginc Member IconComment+226

Download link not working.

Thanks ... Ken

Reply1 reply
Version 5.0.0
Wordtech Communications Llc (Developer)

Download link fixed, thanks for the heads up.

Wordtech Communications Llc (Developer) Member IconDev+37
Wordtech Communications Llc (Developer)

From the developer:

This new release adds some nice polish to PacketStream by modernizing the UI with a native Cocoa toolbar; it also fixes some bugs in the print engine, and improves the documentation. It's worth a look.

Reply0 replies
Version 4.0.0
Codebykevin Member IconComment+37

From the developer:

This new release of PacketStream addresses many of the issues raised in previous reviews, including Keychain integration to avoid prompting the user repeatedly for a password when running a network scan. It also exposes more of tcpdump's options to the user, specifically the ability to display actual packet data in the main interface. Finally, with support for AppleScript (you can call PacketStream with an AppleScript) and the Services menu, PacketStream now offers a greater degree of Mac system integration/inter-application communication than before.

Regarding what PacketStream is and isn't: it's designed to be an easy-to-use wrapper of tcpdump's functionality, exposing a good deal of tcpdump's functionality, in a way that is simple, elegant, and Mac-like. If you are a command-line power user who wants to be able to toggle every flag/switch in tcpdump's output, PacketStream isn't for you. If you want every tcpdump option in the GUI, try WireShark (a powerful but ugly Gtk application that isn't the least bit Mac-like). On the other hand, PacketStream has come a long way since its earliest design (when all it did was "spit out the output of tcpdump into a window"), and it offers a lot of power in an inexpensive package. (Other commercial Mac networking tools, which include wrappers for tcpdump as well as other network tools, cost more than twice what PacketStream does.) I hope you'll give it a try.

Reply0 replies
Version 3.3
Psychos Member IconReview+285

My first impression on opening this program is confusion with the UI; you have to hover over the buttons at the top to see the help text and figure out what they do. (A little globe to start, an "x" to stop which makes sense, and what appears to be a fish to clear the buffer.) Once I did start the monitor, performance was EXTREMELY slow. Part of this I traced back by looking at the tcpdump command being called:

root 6198 0.0 0.1 2440168 4816 ?? S 4:48PM 0:00.10 /usr/sbin/tcpdump -i en1 -v

Calling tcpdump in this fashion forces all addresses to be resolved, and that make tcpdump stall while waiting for anything to be resolved. Even so, performance is still extremely slow (especially while initially capturing.) I suspect that the program is doing a read from tcpdump such that enough data has to be queued up before it's sent over the pipe.

On first enabling the monitor, I'm asked for my password. If I stop and restart the monitor, I'm asked for my password again. This is potentially quite cumbersome if one wants to tweak options and run many tcpdumps.

I experienced some weird behavior, including beachballing, as well as not seeing any output until I stopped the program. I also noted multiple dead tcpdump processes .

The release notes mention filtering; however, you can only filter by port, and you're limited to the small number of included ports; there's no way to specify them on your own. Also, the port numbers are not listed for these ports, and the port names do not all match the port names in the output (those being ones generated by tcpdump doing a service name lookup.) You also cannot specify source or destination ports, which the help does not mention; tcpdump supports these options, but this program just uses the option that lets either the source or destination port match.

Next, I went to do a Search. Normally, when one clicks in a Search box, the initial placeholder "Search" text goes away. Not in this case; I had to manually select and delete the actual text "Search" before entering my search. The release notes speak of "filters", which I had assumed might actually let one filter based on TCP/IP parameters; however, these "filters" appear to just be this Search box. And when you do a search, it just seems to highlight the matching text in the output. You need to hit return after entering search text for it to trigger, which is not at all intuitive. (And if you don't, whatever your previous search was just remains up.)

Any sort of "filter" should make it possible to only see relevant traffic, not have all traffic (or possibly limited to a given port) shown with a simple text search highlighting words; often one may have thousands of packets per second being output, and only want to see a few of those, which can't be accomplished with the above.

Finally, I read through the help. The only relevant part (e.g., not pages about how to install it, contact the author, version info, etc.) was the section on "Using PacketStream for Network Analysis." The section on interpreting output is basic and not very useful. It basically explains how to tell which side of the output is the sending host and which is the receiving host. There's some info on the limited number of ports available, but much of the info is lacking or incorrect.

For example, how do I interpret "18:56:09.156166 IP6 (hlim 64, next-header TCP (6) payload length: 44) lucid.61462 > neural.ssh: Flags [S], cksum 0x8c3f (correct), seq 453830739, win 65535, options [mss 1440,nop,wscale 2,nop,nop,TS val 407968415 ecr 0,sackOK,eol], length 0"? The program gives me absolutely no idea how to interpret even the most basic part of that data. While much of it is indeed advanced data that the average user doesn't need to know about, it is data that's included, so one would expect the help to at least provide a little assistance. At the very least, some basic data should be decoded: for example, at the very least, this program might indicate that this is a SYN packet, which is an attempt to open a TCP connection, in this case to a server on the ssh port.

Somewhat amusingly, at the bottom of the Network Analysis section, the help tells you that for further information you should run Terminal.app and do a "man tcpdump" there! (Which of course give you a ton of options that PacketStream doesn't provide any access to.) I thought the purpose of this program was to avoid the Terminal.

All in all: this is a very simple wrapper for tcpdump, and it's not very well written. It basically just spits out the output of tcpdump into a window with some very basic additional functionality (copying text, printing, all things I can do from the terminal or other programs...) It's big (176.6MB), slow, and buggy. It provides little guidance to the user in interpreting its output.

If this was a free program, I could possibly recommend it as a simple tcpdump tool for basic needs (if bugs were fixed), but it's not, thus I believe the significant flaws and lack of features far outweigh the price.

Reply0 replies
Version 3.1
Psychos Member IconComment+285

More ripoff-ware by this author. All this program is doing is running tcpdump.

Basically, it is the same as if you ran Terminal, and typed either 'sudo tcpdump' to get all data, or 'sudo tcpdump port ' to pick a specific port as shown.

There are filters, which are basically just the very simple command line arguments that you can give to tcpdump.

The only little bit this adds is automatically determining what the primary port should be.

Of course, the developer will just say people don't want to be burdened by the command line, and that's true for many people. But there are quite a few other FREE programs that do what this does, and more.

It's not like the program even interprets the output in any useful fashion for you. Does it tell you what all those cryptic fields in the output mean? Of course not, because that would require more work than a simple GUI wrapper! Actual work!

A frontend for running a simple command line tool for $24.95? Go find a better, free alternative instead (I'm sure others can suggest GUI ones, I just use tcpdump myself), and donate $25 to a charity instead of this greedy developer.

Reply4 replies
Version 3.1

Brief searching shows a couple of other excellent FREE alternatives: WireShark and CocoaPacketAnalyzer. (And I'm sure there are others.)

WireShark is a wonderful open-source cross-platform tool, with quite advanced functionality beyond simple dumping of packets.

CocoaPacketAnalyzer is a simpler, less-complicated program; it does similar to what PacketStream does, but it actually ANALYZES the output, and tells you what the different fields and codes mean, rather than just printing raw output. For free.

Wordtech Communications Llc (Developer)

Psychos: You seem to have a philosophical bias against paying for software. I'd be curious to see you compare PacketStream to other, more expensive commercial network tools on the Mac, such as IPNetworkMonitorX. Both Wireshark and Cocoa Packet Analyzer are free, and powerful tools, but both have their drawbacks as well. While Wireshark is indisputably more powerful than PacketStream, it is also an X11/Gtk-based application, like Gimp; building and installing it is a very complicated process, and it offers nothing approaching a Mac-native user experience. Cocoa Packet Analyzer seems to offer its own packet-sniffing implementation wrapped in a Cocoa-native interface, but even though it's a "true" Cocoa application I consider its UI to be more complex, less intuitive, than PacketStream's: it exposes a lot of the internal complexity of the Mac's network interfaces, and it also does not support real-time packet sniffing (you have to write the data to a file and then load it into the analyzer tool). PacketStream errs on the side of simplicity in the UI (and explains a lot of the networking stuff in the user docs). Obviously, if you don't want to pay money for software, then use one of the free tools that's out there; there are plenty. But these tools may require you to invest time, instead of money, to get them running in a useful manner.


I have no philosophical bias against paying for software; my bias is against paying for software when there's other software that does the same or more that's either cheaper, or free. Another issue I have is seeing repeated minor upgrades on the front page of this site, basically providing free advertising for a product that I consider unfair to the purchaser.

Finally, I have some issues with co-opting existing free software and reselling it with minor tweaks. Don't get me wrong here; I'm an open source proponent, but I have no issues with things like BSD-licensed software that's had real work done on it being sold commercially. My issue is taking something like tcpdump and slapping a 5 minute wrapper on it, and then charging exorbitantly for it.

The examples I gave you were just quick ones I got on a 30 second search. I do agree that X11-dependent software isn't for the average user, and that real-time display is obviously a big plus. However, I'm pretty certain there are other packages out there that do what something like CocoaPacketAnalyzer does, for free.

Now, I went ahead and downloaded your software so I can properly review it, so since you don't seem to be able to provide ratings in a reply, I'll write that up separately.

Wordtech Communications Llc (Developer)

Psychos: I'll look forward to your review of PacketStream, but I also want to respond a few of your comments:

1. "Another issue I have is seeing repeated minor upgrades on the front page of this site, basically providing free advertising for a product that I consider unfair to the purchaser."

-PacketStream hasn't been updated since October 2009; this release is a big update. I wonder if you're referring to another product of mine released this week, which you also panned, and which had also been updated more recently; that update fixed a serious bug. I don't make a rule of spamming download sites with minute updates to drive traffic and downloads (I know there are some apps that do this on a weekly basis). If I release something, it's because there are some real new features or a serious bug fix. Because I develop several apps, sometimes I make multiple releases in a week, but there may be several months with no releases at all.

2. "My issue is taking something like tcpdump and slapping a 5 minute wrapper on it, and then charging exorbitantly for it."

- PacketStream has been in development since January 2007. It certainly doesn't have a "5-minute wrapper on it." I think $24.95 is a reasonable price for providing a simple, intutive GUI for a complex command-line app; a lot of work has gone into this over the past three years. Again, I wonder if you are thinking of another product of mine, also released this week, that is more of a simple GUI wrapper of a command-line tool, but which in turn is priced much lower, $12.95, precisely because it does much less.

I'm certainly receptive to criticism of my apps, and will try to incorporate suggestions that will improve the app, but it's helpful for such comments to be rooted in a factual basis.

Igaucho Member IconComment+43

Can't open the file. I tried downloading it twice and each time I was told there is no mountable file system.

Reply2 replies
Version 2.3

Remove the .bz2 suffix from the downloaded file and the .dmg wil mount.


Thanks. That took care of it.

indiekiduk Member IconReview+4

Tried it on Tiger a while ago and it didn't work - nothing appears when a scan is started. Tried now on Leopard and same thing.

So I'm still waiting for a GUI app to capture WiFi traffic promiscuously.

Reply0 replies
Version 2.2
tas50 Member IconComment+17

How is this program so big? What keeps it from being anything less than 500k if it's just a front for some *nix commands.

Reply0 replies
Version 1.0
user icon+43
Version 6.1.0
> 3 4


Current Version (6.x)


Downloads 7,927
Version Downloads 214
License Shareware
Date 13 Apr 2014
Platform Intel 64 / OS X
Price $29.99
Learn how MacUpdate Desktop makes installing apps from MacUpdate.com one-click easy.
Next time, install PacketStream with 1-click

Learn how MacUpdate Desktop can install apps on MacUpdate with the simple click of the Install apps with MacUpdate Desktop icon. Plus, keep all your apps updated. Play video...