mirror of
https://github.com/domcyrus/rustnet.git
synced 2025-12-30 18:39:52 -06:00
5a059a3a12
* feat: add Landlock sandbox and capability dropping for Linux - Restrict filesystem access to /proc only after initialization - Block TCP bind/connect on kernel 6.4+ (network sandbox) - Drop CAP_NET_RAW after pcap handle opened - Add --no-sandbox and --sandbox-strict CLI options - Show privilege info on non-Linux platforms in UI - Add SECURITY.md documentation * fix: remove unused set_sandbox_info and hide Landlock line on non-Linux * fix: gate SandboxInfo to Linux only to fix clippy warnings * fix: add is_admin() function for Windows builds The Windows build was failing because ui.rs called crate::is_admin() but the function didn't exist. Added the implementation using Windows Security API to check if the process has elevated privileges. Also added Win32_Security feature to windows crate dependencies. * fix: add is_admin() to main.rs for Windows binary crate The previous fix added is_admin() to lib.rs but ui.rs is compiled as part of the binary crate (main.rs), not the library crate. Added the function to main.rs so crate::is_admin() resolves correctly.
177 lines
5.3 KiB
TOML
177 lines
5.3 KiB
TOML
[package]
|
|
name = "rustnet-monitor"
|
|
version = "0.16.1"
|
|
authors = ["domcyrus"]
|
|
edition = "2024"
|
|
rust-version = "1.88.0" # Let-chains require Rust 1.88.0+
|
|
description = "A cross-platform network monitoring terminal UI tool built with Rust"
|
|
repository = "https://github.com/domcyrus/rustnet"
|
|
homepage = "https://github.com/domcyrus/rustnet"
|
|
documentation = "https://docs.rs/rustnet-monitor"
|
|
readme = "README.md"
|
|
license = "Apache-2.0"
|
|
keywords = ["network", "monitoring", "tui", "terminal", "packet-capture"]
|
|
categories = ["command-line-utilities", "network-programming", "visualization"]
|
|
exclude = [".github/", "scripts/", "tests/", "*.log", "target/", ".gitignore"]
|
|
|
|
[lib]
|
|
name = "rustnet_monitor"
|
|
path = "src/lib.rs"
|
|
|
|
[[bin]]
|
|
name = "rustnet"
|
|
path = "src/main.rs"
|
|
|
|
[dependencies]
|
|
anyhow = "1.0"
|
|
arboard = "3.6"
|
|
crossterm = "0.29"
|
|
crossbeam = "0.8"
|
|
dashmap = "6.1"
|
|
dns-lookup = "3.0"
|
|
log = "0.4"
|
|
num_cpus = "1.17"
|
|
pcap = "2.4.0"
|
|
pnet_datalink = "0.35"
|
|
clap = { version = "4.5", features = ["derive"] }
|
|
simple-logging = "2.0"
|
|
simplelog = "0.12"
|
|
chrono = "0.4"
|
|
ratatui = { version = "0.29", features = ["all-widgets"] }
|
|
ring = "0.17"
|
|
aes = "0.8"
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
|
|
[target.'cfg(target_os = "linux")'.dependencies]
|
|
procfs = "0.18"
|
|
libbpf-rs = { version = "0.25", optional = true }
|
|
bytes = { version = "1.11", optional = true }
|
|
libc = { version = "0.2", optional = true }
|
|
landlock = { version = "0.4", optional = true }
|
|
caps = { version = "0.5", optional = true }
|
|
|
|
[target.'cfg(any(target_os = "macos", target_os = "freebsd"))'.dependencies]
|
|
libc = "0.2"
|
|
|
|
[target.'cfg(windows)'.dependencies]
|
|
windows = { version = "0.62", features = [
|
|
"Win32_Foundation",
|
|
"Win32_NetworkManagement_IpHelper",
|
|
"Win32_NetworkManagement_Ndis",
|
|
"Win32_Networking_WinSock",
|
|
"Win32_Security",
|
|
"Win32_System_LibraryLoader",
|
|
"Win32_System_Threading",
|
|
] }
|
|
|
|
# FreeBSD support uses the system's sockstat command for process lookup
|
|
# and native libpcap (via pcap crate) for packet capture.
|
|
# No additional FreeBSD-specific dependencies required at this time.
|
|
|
|
[build-dependencies]
|
|
anyhow = "1.0"
|
|
clap = { version = "4.5", features = ["derive"] }
|
|
clap_complete = "4.5"
|
|
clap_mangen = "0.2"
|
|
|
|
[target.'cfg(windows)'.build-dependencies]
|
|
http_req = "0.14"
|
|
zip = "6.0"
|
|
windows = { version = "0.62", features = [
|
|
"Win32_Foundation",
|
|
"Win32_NetworkManagement_IpHelper",
|
|
"Win32_NetworkManagement_Ndis",
|
|
"Win32_Networking_WinSock",
|
|
"Win32_Security",
|
|
"Win32_System_LibraryLoader",
|
|
"Win32_System_Threading",
|
|
] }
|
|
|
|
[target.'cfg(target_os = "linux")'.build-dependencies]
|
|
libbpf-cargo = { version = "0.25", optional = true }
|
|
|
|
[features]
|
|
# eBPF is enabled by default for enhanced performance on Linux.
|
|
# On non-Linux platforms, this feature has no effect as all eBPF code
|
|
# and dependencies are Linux-specific (guarded by target_os checks).
|
|
# Landlock provides security sandboxing on Linux 5.13+.
|
|
default = ["ebpf", "landlock"]
|
|
linux-default = ["ebpf"] # Deprecated: kept for backwards compatibility
|
|
ebpf = ["libbpf-rs", "bytes", "libc", "dep:libbpf-cargo"]
|
|
landlock = ["dep:landlock", "dep:caps"]
|
|
|
|
# Minimal cross configuration to override dependency conflicts
|
|
[workspace.metadata.cross.build.env]
|
|
passthrough = [
|
|
"CARGO_INCREMENTAL",
|
|
"CARGO_NET_RETRY",
|
|
"CARGO_NET_TIMEOUT",
|
|
]
|
|
|
|
[package.metadata.deb]
|
|
maintainer = "domcyrus <domcyrus@example.com>"
|
|
copyright = "2024, domcyrus <domcyrus@example.com>"
|
|
license-file = ["LICENSE", "4"]
|
|
extended-description = """\
|
|
A real-time network monitoring terminal UI tool built with Rust.
|
|
|
|
Features:
|
|
- Real-time network monitoring with detailed state information
|
|
- Deep packet inspection for HTTP/HTTPS, DNS, SSH, and QUIC
|
|
- Connection lifecycle management with configurable timeouts
|
|
- Process identification and service name resolution
|
|
- Advanced filtering with vim/fzf-style search
|
|
- Multi-threaded processing for optimal performance
|
|
- eBPF-enhanced process detection on Linux (with automatic fallback)
|
|
"""
|
|
depends = "libpcap0.8, libelf1"
|
|
section = "net"
|
|
priority = "optional"
|
|
assets = [
|
|
[
|
|
"target/release/rustnet",
|
|
"usr/bin/",
|
|
"755",
|
|
],
|
|
[
|
|
"README.md",
|
|
"usr/share/doc/rustnet-monitor/",
|
|
"644",
|
|
],
|
|
[
|
|
"assets/services",
|
|
"usr/share/rustnet-monitor/",
|
|
"644",
|
|
],
|
|
[
|
|
"resources/packaging/linux/graphics/rustnet.png",
|
|
"usr/share/icons/hicolor/256x256/apps/",
|
|
"644",
|
|
],
|
|
[
|
|
"resources/packaging/linux/rustnet.desktop",
|
|
"usr/share/applications/",
|
|
"644",
|
|
],
|
|
]
|
|
conf-files = []
|
|
|
|
[package.metadata.generate-rpm]
|
|
assets = [
|
|
{ source = "target/release/rustnet", dest = "/usr/bin/rustnet", mode = "755" },
|
|
{ source = "README.md", dest = "/usr/share/doc/rustnet-monitor/README.md", mode = "644" },
|
|
{ source = "assets/services", dest = "/usr/share/rustnet-monitor/services", mode = "644" },
|
|
{ source = "resources/packaging/linux/graphics/rustnet.png", dest = "/usr/share/icons/hicolor/256x256/apps/rustnet.png", mode = "644" },
|
|
{ source = "resources/packaging/linux/rustnet.desktop", dest = "/usr/share/applications/rustnet.desktop", mode = "644" },
|
|
]
|
|
[package.metadata.generate-rpm.requires]
|
|
libpcap = "*"
|
|
elfutils-libelf = "*"
|
|
|
|
[package.metadata.wix]
|
|
upgrade-guid = "455c823b-9665-43e0-baa4-bd0fcb762463"
|
|
path-guid = "d3a2452e-f04f-4d4f-becf-c3580f49f8fc"
|
|
license = false
|
|
eula = false
|