A cross-platform, modular desktop packet sniffer and analyzer written in Go, featuring a modern Fyne GUI, AI-powered filtering via Google Gemini, and high-speed packet decoding with gopacket.
- 🚦 Live packet capture from any local interface using libpcap (via cgo)
- 🖥️ Native GUI (Fyne) – fast, cross-platform, and beautiful
- 📋 Protocol decoding with gopacket (Ethernet, IPv4/6, TCP, UDP, etc.)
- 🧠 AI-powered filtering: enter natural language prompts (“only DNS”, “TCP SYN floods”) and see only matching packets (via Google Gemini)
- 🔌 Plugin architecture: filter and enrich packets using the Strategy and Decorator patterns
- 🧪 Unit and UI tests – including headless Fyne test driver for CI
- 🤖 GitHub Actions CI: builds, vets, and tests on push
You will need the following installed to build and run FyneWire:
- Go 1.21+: Download from go.dev.
- A C Compiler: Such as GCC, Clang, or the Xcode Command Line Tools.
- On macOS:
xcode-select --install - On Debian/Ubuntu:
sudo apt-get install build-essential
- On macOS:
libpcapDevelopment Libraries: This is required for packet capture.- On macOS:
brew install libpcap - On Debian/Ubuntu:
sudo apt-get install libpcap-dev - On Fedora/RHEL:
sudo dnf install libpcap-devel
- On macOS:
- Google Gemini API Key (Optional): Required only for the AI filtering feature. You can get a key from Google AI Studio.
-
Clone the repository:
git clone [https://github.com/arya2004/fynewire.git](https://github.com/arya2004/fynewire.git) cd fynewire -
Build the application: The
makecommand compiles the required C library and builds the Go application.make
-
Run the application: Packet sniffing requires elevated privileges.
sudo ./fynewire
- To use the AI filtering features, you must set your API key as an environment variable first. Use the
-Eflag withsudoto preserve the variable.export GEMINI_API_KEY="your-api-key" sudo -E ./fynewire
- To use the AI filtering features, you must set your API key as an environment variable first. Use the
- Multi-layered: C only exposes raw capture; all parsing/logic is in Go.
- Strategy pattern: Swap filtering logic (pass-through, Gemini/AI, or custom code) at runtime.
- Decorator pattern: Enrich packets (GeoIP, TLS SNI, etc.) by stacking decorators with zero copy.
- gopacket: Efficient protocol parsing in pure Go.
- Fyne: Responsive, cross-platform UI. Data binding keeps lists live.
- cgo: Clean, minimal, and cross-platform for direct libpcap access.
- Unit tests: Run with
go test ./... - GUI tests: Headless mode via Fyne’s test driver.
- Continuous Integration: GitHub Actions builds and tests on every push.
- Fork and branch!
- Run
make vetandgo test ./...before opening PRs. - For new features, keep C glue minimal; extend Go strategies or decorators.
- For Gemini/AI features, be mindful of API quotas and errors.