Coder Social home page Coder Social logo

netman's Introduction

netman

Network Management, Monitoring, and Limiting

netman is a userland network manager, with monitoring and limiting capabilities for macOS. See below for example use-cases.

Installation and Usage

  1. make
  2. make install
  3. netman --help

Note: some of netman's functionality requires elevated privileges

Use Cases

Command Data Limiting

 sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor

The above command will limit the wget https://example.com/script | sh command to 25MB system wide. After that, the command will be terminated.

Command Chaining

Example One

 sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor && sudo netman down

The above command is similiar to the ''Command Data Limiting'' example, but afterwards it will shutdown all network interfaces.

Example Two

 netman down && netman up en0 && sudo netman --command="wget https://example.com/script | sh" --limit=25 -H monitor && sudo netman down

The above command is similiar to example one except the command will only use the en0 network interface.

Example Three

 netman --limit=100 -H && kill -9 6543

The above command is similiar to using the --command flag except after 100MB the process with the id 6543 is terminated.

Technical Details

Network Interfaces

Interfaces are retrieved from getifaddrs (3). Interfaces are stored in a custom interface struct.

 struct interface {
 	char *name;
 	struct sockaddr *if_addr;
 	u_long obytes;
 	u_long ibytes;
 };
 typedef struct interface interface;

The alternative method is to use ioctl with the SIOCGIFCONF flag.

Testing

Using a modified version of MinUnit -- a minimal unit testing framework for C.

For debug mode, make with DEBUG=1. To run tests, make with TEST=1

BFP - Berkley Packet Filter

The logging of used bytes is done using Berkley Packet Filters (bfp) with no filters applied.

Basic examples of bfps:

Limitations

macOS does not have eBPFs yet so netman cannot monitor specific sockets for specific applications, only interfaces. What does this mean? Well if multiple applications are the network then your byte limit may be reached much faster. Socket filters would be a logical next step.

License

See LICENSE.

Disclaimer

See DISCLAIMER.

netman's People

Contributors

iadgovuser20 avatar iadgovadmin avatar

Watchers

Alin avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.