A Network Traffic Monitor built in Rust (work in progress) for learning purposes.

You can read the complete implementation guide here: [Implementing a Network Traffic Analyzer in Rust] (https://medium.com/dev-genius/implementing-a-network-traffic-analyzer-in-rust-50a772bb6564)

Overview

The tool captures packets, analyzes them, and offers various features like filtering, alerting, and flow analysis. It's built using Rust, leveraging libraries such as pcap, pnet, and notify-rust. Features

Packet Capturing: Capture and analyze packets on any network interface. Flow Analysis: Understand broader network traffic patterns. Alerts: Receive notifications based on specific network events.

Getting Started

Prerequisites

• Rust (latest stable version recommended)
• libpcap installed on your system
• Network interface for packet capturing (e.g., eth0)

Installation

• Clone the repository:

  git clone https://github.com/luishsr/rust-network-monitor.git
  

• Navigate to the directory:

  cd network-monitoring-rust
  

Build the project:

cargo build --release

The executable will be available in the target/release directory.

Note: You might need root access to run the application properly. If permission denied errors occur, grant access by doing:

  sudo setcap cap_net_raw=eip ./target/debug/{your_project_name}

Usage

• Run the tool:

  ./target/release/{your_project_name}
  

• Optional configurations:

  Use the config.toml within the root directory, as shown below, to customize a few parameters:

  [general]
  mode = "summary" # or "detailed"
  
  [alert]
  ip = "10.0.0.0"
  

  Mode: defines the level of logging shown in the console Alert: defines an alert to be shown whenever a packet arrives from a given IP address