https://github.com/pythops/oryx
π΅οΈββοΈ TUI for sniffing network traffic using eBPF on Linux
https://github.com/pythops/oryx
bpf ebpf firewall kernel linux network observability ratatui rust security sniffing sysadmin tui
Last synced: about 15 hours ago
JSON representation
π΅οΈββοΈ TUI for sniffing network traffic using eBPF on Linux
- Host: GitHub
- URL: https://github.com/pythops/oryx
- Owner: pythops
- License: gpl-3.0
- Created: 2024-09-01T17:28:50.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2025-03-19T19:50:09.000Z (26 days ago)
- Last Synced: 2025-04-14T01:54:57.443Z (about 15 hours ago)
- Topics: bpf, ebpf, firewall, kernel, linux, network, observability, ratatui, rust, security, sniffing, sysadmin, tui
- Language: Rust
- Homepage:
- Size: 215 KB
- Stars: 1,031
- Watchers: 13
- Forks: 24
- Open Issues: 2
-
Metadata Files:
- Readme: Readme.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-tuis - oryx
- awesome-ratatui - oryx - A TUI for sniffing network traffic using eBPF. (π» Apps / π Networking and Internet)
README
TUI for sniffing network traffic using eBPF
## πΈ Demo
## β¨ Features
- Real-time traffic inspection and visualization.
- Comprehensive Traffic Statistics.
- Firewall functionalities.
- Metrics explorer.
- Fuzzy search.
## π‘ Prerequisites
A Linux based OS.
> [!NOTE]
> You might need to install [nerdfonts](https://www.nerdfonts.com/) for the icons to be displayed correctly.
## π Installation
### π₯ Binary release
You can download the pre-built binaries from the release page [release page](https://github.com/pythops/oryx/releases)
### π§Arch Linux
You can install `oryx` from the [AUR](https://aur.archlinux.org/packages/oryx) with using an [AUR helper](https://wiki.archlinux.org/title/AUR_helpers).
```bash
paru -S oryx
```
### βοΈ Build from source
To build `oryx`:
#### 1. Install Rust nightly toolchain
```
rustup toolchain install nightly --component rust-src
```
#### 2. Install [bpf-linker](https://github.com/aya-rs/bpf-linker)
Check [bpf-linker Installation section](https://github.com/aya-rs/bpf-linker?tab=readme-ov-file#installation) .
#### 3. Build
```
cargo xtask build --release
```
This will produce an executable file at `target/release/oryx` that you can copy to a directory in your `$PATH`.
## πͺ Usage
Run the following command to start `oryx`:
```
sudo oryx
```
> [!NOTE]
> You can start `oryx` with args as well. Check `oryx --help` to see the available options
## β¨οΈ Key Bindings
`?`: Show help.
`Tab` or `Shift + Tab`: Switch between different sections.
`j` or `Down` : Scroll down.
`k` or `Up`: Scroll up.
`esc`: Dismiss the different pop-ups and modes.
`q` or `ctrl + c`: Quit the app.
`Space`: Select/Deselect interface or filter.
`f`: Update the applied filters.
`ctrl + r`: Reset the app.
`ctrl + s`: Export the capture to `~/oryx/capture` file.
#### Inspection Section
`i`: Show more infos about the selected packet.
`/`: Start fuzzy search.
#### Firewall Section
`Space`: Toggle firewall rules status.
`n` : Add new firewall rule.
`e`: Edit a firewall rule.
`s`: Save firewall rules to `~/oryx/firewall.json`
`Enter`: Create or Save a firewall rule.
## βοΈ License
GPLv3