Skip to content
/ nflux Public

Network monitoring tool & TLS/SSL sniffer using eBPF 🐝

License

AGPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

containerscrew/nflux

BranchesTags

Repository files navigation

The nflux project

Network monitoring tool & TLS/SSL sniffer using eBPF. Powered by Aya-rs 🐝

Kernel and user space code written entirely in Rust ❀

Rust License - MIT pre-commit Code Size Test Pipeline Build Pipeline Release Pipeline Release GitHub Releases Stats

$ nflux netrace

netrace-example

$ nflux tlstrace

tlstrace-example

What is nflux?

Nflux is an eBPF-based tool that currently serves two purposes:

  • netrace: monitors incoming/outgoing traffic on a Linux system by attaching a TC (Traffic Control) program using eBPF technology. It can be attached to both physical and virtual interfaces (wireguard), allowing us to obtain networking data at a very low level. Supports only Ipv4 packet sniffing (Ipv6 is being implemented).

  • tlstrace: sniffs read/write traffic before it is encrypted by libraries such as OpenSSL. In other words, it allows reading data from the buffer of libraries like OpenSSL. (A simple curl command, for example, uses this library to encrypt its data before sending it to the destination). Supports only HTTP1.1 (HTTPS2 HPACK decompression is being implemented).

Installation

Read the installation doc.

Usage

Read the usage doc.

License

nflux is distributed under the terms of the AGPL3 license.

About

Network monitoring tool & TLS/SSL sniffer using eBPF 🐝

Topics

linux tls rust security networking kernel openssl tracing aya ebpf openssl-library sniffing bpf

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v0.2.1 Latest
Mar 27, 2025
+ 2 releases

Contributors 3

  •  
  •  
  •  

Languages