github domcyrus/rustnet v0.2.0
on GitHub

latest releases: v0.15.0, v0.14.0, debian/0.14.0...
2 months ago

[0.2.0]

Added

  • Enhanced PKTAP Support on macOS: Comprehensive process identification using macOS PKTAP (Packet Tap) headers
    • Direct extraction of process names and PIDs from kernel packet metadata
    • Robust handling of 20-byte PKTAP process name fields with proper normalization
    • Support for both pth_comm and pth_e_comm (effective command name) fields
    • Fallback to lsof system commands when PKTAP data is unavailable
  • Process Data Immutability System: Once process information is set from any source, it becomes immutable to prevent display inconsistencies
  • Advanced Process Name Normalization: Handles all types of whitespace, control characters, and padding in process names
  • Comprehensive Debug Logging: Extensive logging for PKTAP header processing, process name extraction, and data flow tracking

Fixed

  • Process Display Stability on macOS: Fixed issue where process names would change format during UI scrolling (e.g., "firefox (123)" → "firefox (123)")
  • PKTAP Header Processing: Improved parsing of raw PKTAP packet headers with better error handling and validation
  • Process Name Consistency: Eliminated race conditions and data inconsistencies in process name display
  • Whitespace Normalization: Fixed handling of tabs, multiple spaces, unicode whitespace, and control characters in process names

Changed

  • Process Enrichment Logic: Modified to respect existing PKTAP data and only fill in missing information from lsof
  • UI Rendering Optimization: Simplified process name rendering to use pre-normalized data from sources
  • Error Handling: Enhanced error reporting for PKTAP processing and process lookup failures

Technical Details

  • Implemented extract_process_name_from_bytes() function for robust PKTAP process name extraction
  • Added immutability enforcement in connection merge logic with violation detection
  • Enhanced macOS process lookup with normalize_process_name_robust() function
  • Improved byte-level debugging and logging for process identification troubleshooting

Platform-Specific Improvements

  • macOS: PKTAP now provides primary process identification with significant performance and accuracy improvements over lsof-only approach
  • Linux: Process enrichment logic updated to work consistently with new immutability system
Check out latest releases or
releases around domcyrus/rustnet v0.2.0

Don't miss a new rustnet release

NewReleases is sending notifications on new releases.

Get notifications