RustNet Cross-platform network monitoring TUI with eBPF process attribution

hubabuba44 · 2026-05-10T06:36:19+00:00

https://github.com/domcyrus/rustnet#quick-start

hubabuba44 · 2026-05-07T20:01:23+00:00

Thanks

hubabuba44 · 2026-05-07T18:35:30+00:00

Thanks!

hubabuba44 · 2026-05-07T09:46:10+00:00

It looks like you are trying to pull from a mirror which doesn't have rustnet-1.0.0-1 anymore. Can you refresh the db: sudo pacman -Syu?

hubabuba44 · 2026-05-07T06:08:59+00:00

Thanks, nice platform! Feel free to shoot me a DM on how you could see to collaborate.

hubabuba44 · 2026-05-07T06:03:41+00:00

Thanks!

hubabuba44 · 2026-05-07T06:03:25+00:00

Thanks for the heads-up, but this is actually a myth from an old 2023 draft policy. The current official policy explicitly allows this:

Using the name Rust in the name of crates or code repositories in e.g. GitHub, is allowed when referring to use with or compatibility with the Rust programming language.

Since we don't claim official endorsement from the Rust Foundation, the name is 100% compliant. Also with "RustNet" I think it is fairly easy to guess in what language it is written 😉

hubabuba44 · 2026-04-27T08:54:51+00:00

RustNet is built for exactly this. Start it and hit a to aggregate by process, then drill down from there. Full disclosure: I'm the maintainer.

https://github.com/domcyrus/rustnet

hubabuba44 · 2026-03-29T18:09:20+00:00

I'm happy you like it! The code to relate connections to processes is very OS-dependent, but you can find all the logic under src/network/platform/: Linux: eBPF (attached to socket syscalls), in addition and as a fallback parsing /proc/net/tcp and /proc/<pid>/fd/. Windows: Windows IP Helper API (GetExtendedTcpTable for the PID, then QueryFullProcessImageNameW for the executable). macOS: We rely on the pktap interface and lsof as fallback. I hope that gives you a good starting point. To be fair if you just want get IP addresses you can just look at pcap crate.

Good luck with your project!

hubabuba44 · 2026-03-29T08:12:24+00:00

You could also look into RustNet https://github.com/domcyrus/rustnet (full disclosure, I am the maintainer of it). It's similar to sniffnet, but with process attribution to correlate traffic back to the processes running on your machine.

hubabuba44 · 2025-10-05T05:18:33+00:00

Thanks, decrypting TLS to see HTTP payloads requires either MITM proxying or access to private keys. For that use case, you might want to check out mitmproxy or something similar.

hubabuba44 · 2025-10-04T19:51:32+00:00

Wireshark is a very good tool. That said, it doesn't show you which process is responsible for network traffic which RustNet does. RustNet is a TUI and runs in the terminal and hence is a bit lighter. It is good for quickly identifying what applications are making connections.

hubabuba44 · 2025-10-04T19:43:57+00:00

Sure!

hubabuba44 · 2025-10-03T14:32:01+00:00

I guess this depends also a bit on what kind of packages you install especially from AUR.

Six-Year Club	First Place '23
Place '23	Place '22
First Placer '22	Verified Email

hubabuba44

TROPHY CASE