top of page
Search

A Comprehensive Guide to Sniffnet: The Ultimate Network Monitoring Tool for Linux

  • Writer: Ray Knights
    Ray Knights
  • Jul 26
  • 3 min read

Updated: Aug 11

When I started looking for a clean and simple way to monitor network traffic on Linux, I found that most tools were either too complex or outdated. I didn’t want to spend hours digging through terminal commands or configuring dozens of settings just to see what my network was doing.


That’s when I discovered Sniffnet—and now I use it regularly. It’s lightweight, open-source, and has a great graphical interface that just works. In this post, I’ll walk you through how I installed it on Linux and how I use it day-to-day. If you’re just getting started with network tools, this one’s genuinely easy to pick up.


What Sniffnet Is (and Why I Use It)


Sniffnet is a real-time network monitoring tool written in Rust. It’s cross-platform, open-source, and has a modern, beginner-friendly interface. It allows me to quickly see:


  • Which protocols are being used (like DNS, HTTP, HTTPS)

  • Where connections are going

  • Live traffic levels and stats

  • Geolocation for IP connections


I like it because I don’t need to spend time setting it up. I open it, choose my network interface, and I’m immediately seeing useful data. It helps me check on bandwidth, monitor unusual traffic from smart devices, or just get a live view of what’s going on across my network.


What I Needed Before Installing


To get Sniffnet working on my Linux system, here’s what I needed:


  • A Linux distro (I’ve tested this on Ubuntu and Debian, but it works on others too)

  • libpcap (already installed in most systems)

  • Root access (for monitoring network interfaces)

  • Optionally, Rust if installing from source


How I Installed Sniffnet on Linux


Method 1: Installing the .deb File (Ubuntu, Debian, Mint, etc.)


This is how I first installed it on my main machine.


Step 1: I went to the Sniffnet GitHub Releases page and downloaded the latest .deb package. For example:

`sniffnet_1.3.0_amd64.deb`


Step 2: I opened the terminal, navigated to my Downloads folder, and ran:

```bash

sudo dpkg -i sniffnet_1.3.0_amd64.deb

sudo apt-get install -f

```

That installed the app and automatically fixed any missing dependencies.


Method 2: Running the AppImage (Portable, No Install Needed)


On another system, I tested the AppImage version because it doesn’t require installation and works on nearly every Linux distro.


Step 1: I downloaded the .AppImage file from the GitHub Releases page.

Example: `sniffnet-1.3.0-x86_64.AppImage`


Step 2: I made it executable:

```bash

chmod +x sniffnet-1.3.0-x86_64.AppImage

```


Step 3: Then I ran it:

```bash

./sniffnet-1.3.0-x86_64.AppImage

```

No install. No hassle. That’s it.


How I Use Sniffnet Day to Day


When I launch Sniffnet, I run it as root (or use a permission workaround, which I’ll explain later). The interface is clean, responsive, and easy to understand.


Step 1: Choosing the Interface


The first thing Sniffnet asks is which network interface I want to monitor. I usually pick wlan0 (my Wi-Fi) or eth0 (my Ethernet).


Step 2: Real-Time Traffic Dashboard


Once I start monitoring, I get a live dashboard with:


  • Protocol usage graphs

  • Traffic by IP

  • Connection locations on a map

  • Bandwidth stats and packet counts


Step 3: Filtering by Protocol


I often filter traffic to focus on DNS or HTTPS, depending on what I’m testing. The filters are all clickable in the sidebar—no need to learn any commands.


Step 4: Exploring Traffic Stats


Hovering over any connection gives me detailed info like source and destination IPs, ports, packet count, and country of origin. It updates in real-time, so I often leave it running while I test network tools, run updates, or stream content just to see what’s using bandwidth.


Running Sniffnet Without Sudo (Optional)


By default, Sniffnet requires sudo because it needs raw socket access to capture packets. But if I want to run it without typing sudo every time, I use this command:

```bash

sudo setcap cap_net_raw,cap_net_admin=eip $(which sniffnet)

```

This allows the binary to access the necessary privileges without full root access. Just be cautious when granting capabilities like this.


Summary Table


Task

Command or Action

Download Sniffnet

GitHub Releases: https://github.com/GyulyVGC/sniffnet/releases

Install .deb package

sudo dpkg -i sniffnet_x.y.z_amd64.deb

Fix dependencies

sudo apt-get install -f

Make AppImage executable

chmod +x sniffnet-x.y.z-x86_64.AppImage

Run AppImage

./sniffnet-x.y.z-x86_64.AppImage

Run without sudo (optional)

sudo setcap cap_net_raw,cap_net_admin=eip $(which sniffnet)


Final Thoughts


Sniffnet has become one of my go-to tools when I want to get a quick overview of what’s happening on my network. It’s simple enough for beginners to use but powerful enough to be useful in a home lab or professional environment.


Whether I’m troubleshooting slow speeds, monitoring bandwidth, or investigating unusual traffic, Sniffnet gives me the information I need with minimal effort. If you’re looking for a fast, visual, and easy-to-use network monitoring tool for Linux, I highly recommend giving Sniffnet a try.

 
 
 

Comments

bottom of page