Simple network monitoring agent tool. Powered by eBPF ๐
Kernel and user space code written entirely in Rust โค
Nflux is a network agent tool that monitors incoming traffic on a Linux system by
attaching a XDP (Express Data Path) program using eBPF technology.
The nflux program attaches directly to the physical network interface, enabling packet processing at a very low level, right at the network driver. It supports both IPv4 and IPv6 packet processing, as well as core protocols such as TCP, UDP, and ICMP.
XDP can be used to redirect packets or drop them at the network interface. However, this software is not designed to act as a firewall or to redirect packets at this time. Its sole purpose is to monitor incoming traffic, allowing all packets to pass through without interference.
Multiple attachmentto different interfaces is not yet supported.
Note
Egress traffic monitoring was available in earlier versions of nflux (prior to 1.0.0). For versions 1.0.0 and above, it is currently not included, as the main focus of this software is tracking incoming connections of servers which typically handle inbound traffic (e.g, web servers, etc).
https://nflux.containerscrew.com
nflux is distributed under the terms of the GPL3 license.