A while ago, I have linked an interesting story about the ethereal name change to wireshark. If you are a tethereal user (the console version of ethereal) and using Debian testing (like I am) you will notice that the Debian developers have pushed the new version with the changed name into Etch repositories. If for ethereal the correspondent is wireshark, for tethereal this is tshark (and not twireshark as you might have expected). When you will install the new version this will remove the ethereal package and we will remain with wireshark.
In order to perform this upgrade you have to run:
apt-get install tshark
Here is the exact output taken from a live system:
apt-get install tshark wireshark-common Reading package lists... Done Building dependency tree... Done Recommended packages: wireshark The following packages will be REMOVED ethereal-common tethereal The following NEW packages will be installed tshark wireshark-common 0 upgraded, 2 newly installed, 2 to remove and 10 not upgraded. Need to get 0B/7112kB of archives. After unpacking 676kB of additional disk space will be used. Do you want to continue [Y/n]? (Reading database ... 34065 files and directories currently installed.) Removing tethereal ... Removing ethereal-common ... Selecting previously deselected package wireshark-common. (Reading database ... 33880 files and directories currently installed.) Unpacking wireshark-common (from .../wireshark-common_0.99.2-5_i386.deb) ... Selecting previously deselected package tshark. Unpacking tshark (from .../tshark_0.99.2-5_i386.deb) ... Setting up wireshark-common (0.99.2-5) ... Setting up tshark (0.99.2-5) ...
Once this is completed you can run tshark using the same syntax as you would have done with tethereal. For example:
tethereal -npi eth0 port 25
tshark -npi eth0 port 25