Packet Radar is an experimental realtime network traffic visualization.
It captures packets like pcap and displays the information in various ways like wireshark.
- packet fight viz - visualizes and animates packets transferring between hosts.
- packet stats - a dashboard showing real-time network telemetry like data rates.
- packet top - shows top connections
- packet tail - a simple packet log viewer
This started as a weekend project project for
- playing around with rust
- exploring and understanding some network protocol details
- playing around with visualizations, animations and simulations
If you like this, you may also be interested in Space Rader, a disk space visualization app.
Server uses rust, UI is done with Canvas + JS.
### If you need to install rust
curl https://sh.rustup.rs -sSf | sh
### Compile and run
cargo run
### On Linux Kernel >= 2.2
cargo build
sudo setcap cap_net_raw,cap_net_admin=eip target/debug/packet_radar
cargo run
(s/debug/release if --release)
### Or if you require sudo
cargo build
sudo target/debug/packet_radar -m
(s/debug/release if `--release`)
open `html/packet_viz.html` in your browser
- Joshua Koo
- Yang Bin Kwok
May 24, 2024 - Ability to read from pcap file or stdin (eg. sudo tcpdump -w - | sudo packet_radar -p - ). On macs, tcpdump using pktap will provide process id information during packet capture. This method requires sudo, but for unprivileged users, the lsof method will be the fallback,
- DNS resolution
- Find local addresses
- Ping / ICMP Traceroute probes
- TCP/UDP trace probes
- Traffic categorization (UDP, TCP,..
- TLS, QUIC)
- DNS capture
- RTT / light distance Analysis
- Packet replay
- Terminal interface
- Visual traceroute
- [-] Geoip / ASN breakdown
- Whois / What's my ip whatsmyip
- SSL Key log decoding
- TLS Parsing and Fingerprinting
- JA4 Fingerprinting stats by processes
- TLS Stats
- [-] Quic Packet Parsing
- Sankey diagrams
- Netstat / Socket listings
- Break connections by processes - Top process bandwidth
- Top connection/processes by bandwidth
- Viz: breakdown by processes
- Metadata mapping
- Plugable architecture