netman is a userland network manager, with monitoring and limiting capabilities for macOS. See below for example use-cases.
makemake installnetman --help
Note: some of netman's functionality requires elevated privileges
sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor
The above command will limit the wget https://example.com/script | sh command to 25MB system wide. After that, the command will be terminated.
Example One
sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor && sudo netman down
The above command is similiar to the ''Command Data Limiting'' example, but afterwards it will shutdown all network interfaces.
Example Two
netman down && netman up en0 && sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor && sudo netman down
The above command is similiar to example one except the command will only use the en0 network interface.
Example Three
netman --limit=100 -H && kill -9 6543
The above command is similiar to using the --command flag except after 100MB the process with the id 6543 is terminated.
Interfaces are retrieved from getifaddrs (3). Interfaces are stored in a custom interface struct.
struct interface {
char *name;
struct sockaddr *if_addr;
u_long obytes;
u_long ibytes;
};
typedef struct interface interface;
The alternative method is to use ioctl with the SIOCGIFCONF flag.
Using a modified version of MinUnit -- a minimal unit testing framework for C.
For debug mode, make with DEBUG=1. To run tests, make with TEST=1
The logging of used bytes is done using Berkley Packet Filters (bfp) with no filters applied.
Basic examples of bfps:
- Michael Santos; Toronto, Canada
- Manuel Vonthron; Montréal, QC, Canada
macOS does not have eBPFs yet so netman cannot monitor specific sockets for specific applications, only interfaces. What does this mean? Well if multiple applications are the network then your byte limit may be reached much faster. Socket filters would be a logical next step.
See LICENSE.
See DISCLAIMER.