Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Show HN: Network Monitor – a GUI to spot anomalous connections on your Linux
76 points by grigio 6 days ago | 26 comments

A real-time network connection monitoring tool built with Rust and GTK4, displaying active connections with live I/O statistics in a modern graphical interface. https://github.com/grigio/network-monitor

jrm4 3 hours ago | parent | next [-]

Fantastic, more of this. I don't know if I'm just missing it or what, but I'd love a GUI thing that showed all the devices on my network maybe even with a graph view.

I'm using an Eero router out of laziness and even it has some features here that I'd like to see more of in polished "home-user" style network tools; especially since it seems as if more are getting into the "homelab"/"selfhosted" thing.

0134340 27 minutes ago | parent | next [-]

Do you mean something like nmap's network topolgy view? https://nmap.org/book/zenmap-topology.html

Just for visualizing network topology on Linux, there's a lot of tools.

bongodongobob 33 minutes ago | parent | prev [-]

That's impossible to do reliably without using agents, SNMP, or some other kind of communication protocol that you'll have to set up on each device. If you're ok with that, use SNMP. If you want topology, you'll have to have an agent that logs into all your networking gear and parses the configs.

neilv 19 minutes ago | parent | prev | next [-]

Thanks especially for using GTK with Rust to do this. We need to keep desktop Linux GUI libraries alive and viable (as an alterative to Web site GUI frameworks, Electron apps with Web frameworks, and proprietary mobile app platforms).

mordechai9000 4 hours ago | parent | prev | next [-]

Nice work!

I do want to say, I don't like having to rely on scraping ss output. But that's not a comment on this project - I have done the exact same thing. It just proved to be the most expedient way given the constraints I was under. I suspect there is a lot of devops and CI/CD code out there that relies on the output format of ss. My concern is that parsing text intended for human readability and not machine processing is brittle and prone to failure due to unforeseen circumstances, or a package upgrade that changes the behavior.

mbana 38 minutes ago | parent [-]

I was going to say the same thing.

I really like the eBPF approach as pointed out to by the other comments. I feel like this is the ideal approach, please correct me if I'm wrong.

A callback based approach as opposed to (constantly) polling the output of some command is ideal.

mroche 4 hours ago | parent | prev | next [-]

Cool project! As a more advanced form, I think it should be possible to get all this information via eBPF rather than ss output and scraping /proc.

Food for thought!

rlmp_89 2 hours ago | parent | next [-]

https://github.com/pythops/oryx

-> voila!

arcanemachiner an hour ago | parent | next [-]

The OP's project shows process names, which I do not see in this program.

mentalgear 2 hours ago | parent | prev [-]

BTW: This is also a TUI - much preferred !

oneshtein 2 hours ago | parent | prev [-]

eBPF doesn't work on locked down kernels (stock kernels in Secure Boot mode).

SlavikCA 4 hours ago | parent | prev | next [-]

That screenshot / video on README page is mostly unreadable. Can't get anything out of it.

voodooEntity 4 hours ago | parent | next [-]

Same for me.

What info does it show more than a:

"netstat -tulpn"

Wrote myself a script years ago that basically loops netstat -tulpn watch like for the same purpose - just wondering if your tool shows me more than that.

Simon-curtis 4 hours ago | parent [-]

modern graphical interface, for a start

voodooEntity 4 hours ago | parent [-]

I was asking which information it shows not what output it uses to display that information....

IshKebab 3 hours ago | parent | prev | next [-]

This app is clearly a demonstration of GTK4's light/dark transition animation. Looks like it works perfectly to me!

hamburglar 3 hours ago | parent | prev [-]

Come on, now. You can see that it supports today’s most critical feature: it has dark mode and light mode.

/s

noir_lord 3 hours ago | parent [-]

If you live in the terminal it's all dark mode*

* unless you are one of those weirdo's who has a black on white terminal in which case you should be on a watch list (/s in case wasn't immediately obvious).

hamburglar 38 minutes ago | parent [-]

I am exactly that kind of weirdo, but then again I’ve been reading black on white books for my entire life and I never thought to complain about it.

XiS 42 minutes ago | parent | prev | next [-]

So nethogs, but with a gui?

WD-42 4 hours ago | parent | prev | next [-]

Nice work. I’ve been writing an app using the same stack. The gtk-rs bindings are actually pretty productive once you get used to it! And it’s so fast.

jdthedisciple 3 hours ago | parent | prev | next [-]

Is there a version of this for the CLI?

dwattttt 3 hours ago | parent [-]

bandwhich[0] is a recent one I'm familiar with

[0] https://github.com/imsnif/bandwhich

pm2222 3 hours ago | parent | prev | next [-]

eBPF/XDP is nice and hard to use. Packet capture is so common that I wish that there were a simpler way like pcap.

rlmp_89 2 hours ago | parent [-]

https://github.com/pythops/oryx

lone-cloud 38 minutes ago | parent | prev [-]

The code is partly refined AI generated slop and the UX is lacking. The functionality is very basic and needs to be more thoroughly tested. This type of project is half a work day tops for a senior+ dev to create with agentic coding.