manbo/WTFnet
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
28 Commits 1 Branch 1 Tag
v0.4.0
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
DaZuo0122 9bcb7549f3 Bump version to 0.4.0
2026-01-17 22:09:23 +08:00
.cargo
Add base subcrates
2026-01-16 00:38:03 +08:00
crates
Bump version to 0.4.0
2026-01-17 22:09:23 +08:00
docs
Update documents
2026-01-17 20:13:37 +08:00
.gitignore
Add base subcrates
2026-01-16 00:38:03 +08:00
Cargo.lock
Add: flag to make watch keep running
2026-01-17 20:07:13 +08:00
Cargo.toml
Add: dns leak detection
2026-01-17 18:45:24 +08:00
CMakeLists.txt
Add cmake/make for build system
2026-01-16 13:33:32 +08:00
Makefile
Add cmake/make for build system
2026-01-16 13:33:32 +08:00
README.md
Update documents
2026-01-17 20:13:37 +08:00

README.md

WTFnet

WTFnet is a pure CLI toolbox for diagnosing network problems on Linux and Windows.

Highlights

  • System snapshot: interfaces, IPs, routes, DNS config.
  • Ports, neighbors, and trusted root certificates.
  • Probing: ping, tcping, traceroute (best-effort).
  • DNS: query/detect/watch with GeoIP, DoT/DoH, and SOCKS5 support.
  • DNS leak detection with policy profiles and privacy modes (best-effort).
  • GeoIP offline lookup via GeoLite2 Country/ASN.
  • Subnet calculator: subnet/contains/overlap/summarize.
  • Discover: mDNS/SSDP plus LLMNR/NBNS.

Quickstart

cargo run -p wtfnet-cli -- sys ifaces
cargo run -p wtfnet-cli -- dns query example.com A
cargo run -p wtfnet-cli -- calc subnet 192.168.1.10 255.255.255.0

Usage examples

# System snapshot
wtfn sys ifaces
wtfn sys ip --all
wtfn sys route --ipv4
wtfn sys dns

# Ports and neighbors
wtfn ports listen --tcp
wtfn ports who 443
wtfn neigh list --ipv6

# GeoIP and probing
wtfn geoip lookup 8.8.8.8
wtfn probe ping example.com --count 4
wtfn probe tcping example.com:443 --count 4
wtfn probe tcping example.com:443 --socks5 socks5://127.0.0.1:10808
wtfn probe trace example.com:443 --max-hops 20

# DNS
wtfn dns query example.com A
wtfn dns query example.com AAAA --server 1.1.1.1
wtfn dns query example.com A --transport doh --server 1.1.1.1 --tls-name cloudflare-dns.com
wtfn dns query example.com A --transport dot --server 1.1.1.1 --tls-name cloudflare-dns.com --socks5 socks5://127.0.0.1:10808
wtfn dns detect example.com --transport doh --servers 1.1.1.1 --tls-name cloudflare-dns.com
wtfn dns watch --duration 10s --filter example.com
wtfn dns watch --follow
wtfn dns leak status
wtfn dns leak watch --duration 10s --profile proxy-stub
wtfn dns leak watch --follow
wtfn dns leak report report.json

# TLS
wtfn tls handshake example.com:443
wtfn tls handshake example.com:443 --socks5 socks5://127.0.0.1:10808
wtfn tls cert example.com:443
wtfn tls verify example.com:443
wtfn tls alpn example.com:443 --alpn h2,http/1.1

# Discover
wtfn discover mdns --duration 3s
wtfn discover ssdp --duration 3s
wtfn discover llmnr --duration 3s
wtfn discover nbns --duration 3s

# Diag
wtfn diag --out report.json --json
wtfn diag --bundle report.zip

# Calc
wtfn calc contains 192.168.0.0/16 192.168.1.0/24
wtfn calc overlap 10.0.0.0/24 10.0.1.0/24
wtfn calc summarize 10.0.0.0/24 10.0.1.0/24

Command reference

See docs/COMMANDS.md for the full list of commands and flags (with descriptions).

GeoIP data files

GeoLite2 mmdb files should live in data/. Lookup order:

  1. NETTOOL_GEOIP_COUNTRY_DB / NETTOOL_GEOIP_ASN_DB
  2. data/ next to the CLI binary
  3. data/ in the current working directory

Build and package

cmake -S . -B build
cmake --build build
cmake --build build --target package

Install:

cmake --build build --target install

HTTP/3 (experimental)

HTTP/3 support is feature-gated and incomplete. Do not enable it in production builds yet.

To enable locally for testing:

cargo run -p wtfnet-cli --features wtfnet-http/http3 -- http head https://cloudflare-quic.com --http3

Roadmap

v0.1 (MVP)

  • sys: ifaces/ip/route/dns
  • ports: listen/who
  • probe: ping + tcping
  • calc: subnet/contains/overlap
  • basic logging + --json everywhere

v0.2 (current requirements)

  • dns: query + detect + watch (best-effort)
  • geoip: local Country+ASN mmdb integration
  • http: head/get (HTTP/2 required; HTTP/3 best-effort optional)
  • tls: handshake/verify/cert/alpn
  • neigh: ARP/NDP snapshot
  • discover: mdns + ssdp (bounded)
  • diag: bundle export (zip)

v0.3 (future upgrades)

  • richer trace output (reverse lookup, per-hop loss, per-hop stats)
  • HTTP timing accuracy (connect/tls)
  • TLS extras: OCSP stapling indicator, richer cert parsing
  • ports conns improvements (top talkers / summary)
  • better baseline/diff for system roots
  • optional LLMNR/NBNS discovery
  • optional HTTP/3 (feature-gated; experimental, incomplete)

v0.4 (current requirements)

  • dns leak detection (passive watch + report)
  • process attribution (best-effort)
  • policy profiles + privacy modes

Current stage

Implemented:

  • Core CLI with JSON output and logging.
  • sys, ports, neigh, cert roots.
  • geoip, probe, dns query/detect/watch.
  • http head/get with timing and GeoIP.
  • tls handshake/verify/cert/alpn.
  • DoT/DoH + SOCKS5 proxy support.
  • discover mdns/ssdp/llmnr/nbns.
  • dns leak detection (status/watch/report).
  • diag report + bundle.
  • calc subcrate with subnet/contains/overlap/summarize.
  • CMake/Makefile build + package + install targets.
  • Basic unit tests for calc and TLS parsing.

In progress:

  • dns leak: DoH heuristic classification (optional).
  • dns leak: Leak-D mismatch correlation (optional).

See docs/implementation_status.md for a design-vs-implementation view.

License

MIT (see LICENSE).

Reference in New Issue View Git Blame Copy Permalink
Description
"Wtf with my network?" A toolbox helps you debug networking problems.
Readme 11 MiB
Releases 1
0.4.0 Latest
2026-01-17 22:44:40 +08:00
Languages
Rust 98.2%
Python 1.7%
Just 0.1%