Show HN: RustNet, a network monitoring TUI with process identification
github.comHi HN! I built RustNet, a Terminal UI based network monitor written in Rust that shows real-time connections with process identification and protocol detection.
What may make it interesting:
• Deep packet inspection for HTTP, HTTPS/TLS (with SNI), DNS, and QUIC protocol detection
• Process identification using eBPF on Linux (experimental) and PKTAP on macOS which does also catch short-lived processes that polling procfs or lsof would miss
• Multi-threaded packet processing with lock-free data structures for the UI
• Cross-platform (Linux, macOS, Windows but process identification so far only on Linux/macOS)
The eBPF implementation was a bit more tricky to implement than using PKTAP, but it was very interesting to learn about how to hook into tcp_connect, udp_sendmsg, etc. in order to catch process info before connections disappear.
I built this as a lightweight Wireshark alternative for quick TUI based network inspection with process identification.
Install: cargo build --release, run with sudo or set capabilities. Homebrew tap also available.
Would love feedback on the project and any ideas for additional protocol detection or any other suggestions. Thanks
Amazing project; I love the ambition and the TUI is gorgeous. Very neat! Mind if I ask; does the project have some analytics functions for logging network data? Thanks!
Thank you very much!
There is no analytics function yet, but if you'd like, please open an issue or PR, I would very much appreciate that.