Skip to content

zz85/packet_radar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

118 Commits

html

html

 
 

src

src

 
 

.gitignore

.gitignore

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

Repository files navigation

Packet Radar

Packet Radar is an experimental realtime network traffic visualization.

It captures packets like pcap and displays the information in various ways like wireshark.

  • packet fight viz - visualizes and animates packets transferring between hosts.
  • packet stats - a dashboard showing real-time network telemetry like data rates.
  • packet top - shows top connections
  • packet tail - a simple packet log viewer

This started as a weekend project project for

  • playing around with rust
  • exploring and understanding some network protocol details
  • playing around with visualizations, animations and simulations

If you like this, you may also be interested in Space Rader, a disk space visualization app.

Server uses rust, UI is done with Canvas + JS.

Server

### If you need to install rust
curl https://sh.rustup.rs -sSf | sh

### Compile and run
cargo run

### On Linux Kernel >= 2.2
cargo build
sudo setcap cap_net_raw,cap_net_admin=eip target/debug/packet_radar
cargo run

(s/debug/release if --release)

### Or if you require sudo
cargo build
sudo target/debug/packet_radar -m

(s/debug/release if `--release`)

Visualization

open `html/packet_viz.html` in your browser

Contributors

  • Joshua Koo
  • Yang Bin Kwok

Related projects

ChangeLog

May 24, 2024 - Ability to read from pcap file or stdin (eg. sudo tcpdump -w - | sudo packet_radar -p - ). On macs, tcpdump using pktap will provide process id information during packet capture. This method requires sudo, but for unprivileged users, the lsof method will be the fallback,

IDEAs / TODO

  • DNS resolution
  • Find local addresses
  • Ping / ICMP Traceroute probes
  • TCP/UDP trace probes
  • Traffic categorization (UDP, TCP,..
  • TLS, QUIC)
  • DNS capture
  • RTT / light distance Analysis
  • Packet replay
  • Terminal interface
  • Visual traceroute
  • [-] Geoip / ASN breakdown
  • Whois / What's my ip whatsmyip
  • SSL Key log decoding
  • TLS Parsing and Fingerprinting
    • JA4 Fingerprinting stats by processes
    • TLS Stats
  • [-] Quic Packet Parsing
  • Sankey diagrams
  • Netstat / Socket listings
  • Break connections by processes - Top process bandwidth
  • Top connection/processes by bandwidth
  • Viz: breakdown by processes
  • Metadata mapping
  • Plugable architecture

About

Realtime Network Analysis and Visualization

Topics

visualization rust network realtime packet

Resources

Readme
Activity

Stars

7 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages