#sockets #libbpf #traffic #monitor #networking #host #filter

socket_filter

A simple bpf program to monitor host's net traffic

10 releases

0.2.2 Oct 23, 2024
0.2.1 Oct 15, 2024
0.1.10 Oct 2, 2024
0.1.4 Sep 27, 2024

#713 in Network programming

Download history 165/week @ 2024-09-21 258/week @ 2024-09-28 35/week @ 2024-10-05 333/week @ 2024-10-12 222/week @ 2024-10-19 31/week @ 2024-10-26

273 downloads per month

LGPL-2.1-only OR BSD-2-Clause

605KB
177 lines

use epbf program type BPF_PROG_TYPE_SOCKET_FILTER to monitor the network traffic of the host.

Example

use std::mem::MaybeUninit;

pub fn main() -> Result<(), Box<dyn std::error::Error>> {
    let mut open_object = MaybeUninit::uninit(); // make the ebpf prog lives as long as the process.
    let socket_filter =
        socket_filter::TransmitCounter::new(&mut open_object, socket_filter::IGNORED_IFACE)?;
    loop {
        println!(
            "current bytes: {} {}",
            socket_filter.get_egress(),
            socket_filter.get_ingress()
        );
        std::thread::sleep(std::time::Duration::from_secs(1));
    }
}


lib.rs:

socket_filter

socket_filter is a library to monitor the network traffic of a network interface. By passing a list of interface names to this library, it will attach to the interfaces and monitor the network traffic of the interfaces.

Dependencies

~15MB
~312K SLoC