Application to comfortably monitor your Internet traffic
Multithreaded, cross-platform, reliable
🌐 www.sniffnet.net

Graphical interface translated in:
🇬🇧  🇩🇪  🇬🇷  🇪🇦  🇫🇮  🇫🇷  🇮🇹  🇰🇷  🇵🇱  🇵🇹  🇷🇴  🇷🇺  🇸🇪  🇹🇷  🇺🇦  🇨🇳

Help fund Sniffnet's development 💖

Sniffnet is completely free, open-source software which needs lots of effort and time to develop and maintain.

If you appreciate Sniffnet, consider sponsoring: your support will allow me to dedicate more and more time to this project, constantly expanding it including new features and functionalities.

A special mention goes to these awesome organizations and folks who are sponsoring Sniffnet:

GitHub   Cthulu201   Tiansheng Li

Installation

You can install Sniffnet in one of the following ways:

from GitHub releases 

You can download the latest version of Sniffnet through the installers available below.
Choose from a Windows Installer, an Apple Disk Image, a DEB package, or an RPM package (depending on your operating system).

Note

If you are unsure which package to download, you should probably choose the first from your operating system list.

### Windows

from Crates.io 

Follow this method only if you have Rust installed on your machine.
In this case, the application binary can be built and installed with:

sh cargo install sniffnet

from Homebrew

You can install Sniffnet Homebrew package with:

sh brew install sniffnet

on Arch Linux

You can install Sniffnet community package via pacman:

sh pacman -S sniffnet

on FreeBSD

You can install Sniffnet port with:

sh pkg install sniffnet

on NetBSD

You can install Sniffnet from the official repositories via pkgin:

sh pkgin install sniffnet

Required dependencies

Depending on your operating system, you may need to install some dependencies to run Sniffnet:

Windows dependencies 

In order to correctly build and run Sniffnet on Windows systems you need to:

Note

If you just need to run the app, perform only the first step (second and third steps are required only for the build).

Linux dependencies 

Note

If you just need to run the app, the -dev / -devel part of the dependencies is not needed (it's required only for the build).

Note that if you are not running as root, you need to set capabilities to inspect a network adapter:

sh sudo setcap cap_net_raw,cap_net_admin=eip <your/Sniffnet/executable/path>

Alternatively you can run the app with sudo privileges:

sh sudo sniffnet

MacOS dependencies 

MacOS natively has all the dependencies you need to build and run Sniffnet!
However, remember to run the app with administrator privileges: this is needed to analyse the activity of your network device.

Features

IP geolocation and network providers (ASN)

See details


Geolocation and network providers (ASN) refer to the remote IP address of each connection. They are retrieved performing lookups against MMDB files:

Note

The MMDB (MaxMind database) format has been developed especially for IP lookup.
It is optimized to perform lookups on data indexed by IP network ranges quickly and efficiently.
It permits the best performance on IP lookups, and it's suitable for use in a production environment.

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com

This file format potentially allows Sniffnet to execute hundreds of different IP lookups in a matter of a few milliseconds.

Supported application layer protocols

See details


Application layer protocols are inferred from the transport port numbers, following the convention maintained by IANA.

Please, remember that this is just a convention:

Warning

The Internet Assigned Numbers Authority (IANA) is responsible for maintaining the official assignments of port numbers for specific uses.
However, many unofficial uses of well-known port numbers occur in practice.

The following table reports the port-to-service mappings used by Sniffnet, chosen from the most common assignments by IANA.

|Port number(s)|Application protocol | Description | |--|--|--| | 20, 21 | FTP |File Transfer Protocol | |22|SSH |Secure Shell | |23|Telnet |Telnet | |25|SMTP |Simple Mail Transfer Protocol | |49|TACACS |Terminal Access Controller Access-Control System | |53|DNS |Domain Name System | |67, 68|DHCP |Dynamic Host Configuration Protocol | |69|TFTP |Trivial File Transfer Protocol | |80, 8080|HTTP |Hypertext Transfer Protocol | |109, 110|POP |Post Office Protocol | |123|NTP |Network Time Protocol | |137, 138, 139|NetBIOS |NetBIOS | |143, 220|IMAP |Internet Message Access Protocol | |161, 162, 199|SNMP |Simple Network Management Protocol | |179|BGP |Border Gateway Protocol | |389|LDAP |Lightweight Directory Access Protocol | |443|HTTPS |Hypertext Transfer Protocol over SSL/TLS | |636|LDAPS |Lightweight Directory Access Protocol over TLS/SSL | |989, 990|FTPS |File Transfer Protocol over TLS/SSL | |993|IMAPS |Internet Message Access Protocol over TLS/SSL | |995|POP3S |Post Office Protocol 3 over TLS/SSL | |1900|SSDP |Simple Service Discovery Protocol | |5222|XMPP |Extensible Messaging and Presence Protocol | |5353|mDNS |Multicast DNS |

Keyboard shortcuts

See details


Some keyboard shortcuts are available to improve the efficiency of use and the overall user experience.

If you want to suggest a different key combination for one of the existing shortcuts or if you want to propose a new shortcut, have a look at this issue.

The currently usable hotkeys are reported in the following.

Note

On macOS, use the cmd key instead of ctrl

| Event | Shortcut keys | |--|--| | Quit the application | `ctrl+Q` | | Open full report | `ctrl+O` | | Open settings | `ctrl+,` | | Clear all notifications | `ctrl+D` | | Interrupt the ongoing analysis | `ctrl+backspace` | | Start the analysis and confirm modal actions | `enter` | | Close settings and modal popups | `esc` | | Switch from a tab to the next (or previous) one | `tab` (or `shift+tab`) | | Change inspect connections page to the next (or previous) one | `ctrl+rightArrow` (or `ctrl+leftArrow`) |

Troubleshooting

See details

Missing dependencies

Most of the errors that can occur are likely due to your system missing required pcap dependencies, necessary to correctly analyze a network adapter.
Check the required dependencies section for instructions on how to proceed, depending on your operating system.

Rendering problems

In some circumstances, especially if you are running on an old architecture or your graphical drivers are not up-to-date, the wgpu default renderer used by iced may cause problems (some icons are completely black, or the interface may glitch).
In these cases, you can try building the application from the tiny-skia-renderer branch, which is based on tiny-skia, a CPU-only software renderer that should work properly on every environment (remember to build it in release mode, since it's less performant than wgpu).
If you are unable to build it yourself, contact me, and I'll provide you a copy.

In any case don't hesitate to open an issue, and I will do my best to help you!

Acknowledgements