Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pythops/oryx

🕵️‍♂️ TUI for sniffing network traffic using eBPF on Linux
https://github.com/pythops/oryx

bpf ebpf firewall kernel linux network observability ratatui rust security sniffing sysadmin tui

Last synced: 8 days ago
JSON representation

🕵️‍♂️ TUI for sniffing network traffic using eBPF on Linux

Host: GitHub
URL: https://github.com/pythops/oryx
Owner: pythops
License: gpl-3.0
Created: 2024-09-01T17:28:50.000Z (4 months ago)
Default Branch: main
Last Pushed: 2024-12-09T09:12:22.000Z (12 days ago)
Last Synced: 2024-12-10T11:49:32.937Z (11 days ago)
Topics: bpf, ebpf, firewall, kernel, linux, network, observability, ratatui, rust, security, sniffing, sysadmin, tui
Language: Rust
Homepage:
Size: 196 KB
Stars: 867
Watchers: 12
Forks: 20
Open Issues: 2
Metadata Files:
- Readme: Readme.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

awesome-tuis - oryx
awesome-ratatui - oryx - A TUI for sniffing network traffic using eBPF. (💻 Apps / 🌐 Networking and Internet)

README

TUI for sniffing network traffic using eBPF

## 📸 Demo

![](https://github.com/user-attachments/assets/e64dc4b6-9143-4b05-b4a8-b5d0455e5d5e)

## ✨ Features

- Real-time traffic inspection and visualization.
- Comprehensive Traffic Statistics.
- Firewall functionalities.
- Fuzzy search.

## 💡 Prerequisites

A Linux based OS.

> [!NOTE]
> You might need to install [nerdfonts](https://www.nerdfonts.com/) for the icons to be displayed correctly.

## 🚀 Installation

### 📥 Binary release

You can download the pre-built binaries from the release page [release page](https://github.com/pythops/oryx/releases)

### 🐧Arch Linux

You can install `oryx` from the [AUR](https://aur.archlinux.org/packages/oryx) with using an [AUR helper](https://wiki.archlinux.org/title/AUR_helpers).

```bash
paru -S oryx
```

### ⚒️ Build from source

To build `oryx`:

#### 1. Install Rust nightly toolchain

```
rustup toolchain install nightly --component rust-src
```

#### 2. Install [bpf-linker](https://github.com/aya-rs/bpf-linker)

##### For `x86_64`

Simply run the following command:

```
cargo install bpf-linker
```

##### For `arm64`

For Debian based distributions, make sure you have the following dependencies installed:

- `llvm-19`
- `llvm-19-dev`
- `libpolly-19-dev`

then run the following command:

```
cargo install bpf-linker --no-default-features
```

> Check [bpf-linker Installation section](https://github.com/aya-rs/bpf-linker?tab=readme-ov-file#installation) for more infos.

#### 3. Build

```
cargo xtask build --release
```

This will produce an executable file at `target/release/oryx` that you can copy to a directory in your `$PATH`.

## 🪄 Usage

Run the following command to start `oryx`:

```
sudo oryx
```

## ⌨️ Key Bindings

`?`: Show help.

`Tab` or `Shift + Tab`: Switch between different sections.

`j` or `Down` : Scroll down.

`k` or `Up`: Scroll up.

`esc`: Dismiss the different pop-ups and modes.

`q` or `ctrl + c`: Quit the app.

`Space`: Select/Deselect interface or filter.

`f`: Update the applied filters.

`ctrl + r`: Reset the app.

`ctrl + s`: Export the capture to `~/oryx/capture` file.

#### Inspection Section

`i`: Show more infos about the selected packet.

`/`: Start fuzzy search.

#### Firewall Section

`Space`: Toggle firewall rules status.

`n` : Add new firewall rule.

`e`: Edit a firewall rule.

`s`: Save firewall rules to `~/oryx/firewall.json`

`Enter`: Create or Save a firewall rule.

## ⚖️ License

GPLv3