Main difference would be that LS being actively handling connections the list is always accurate whereas this appears to poll current connections using `ss` so it may miss some if they happen to be entirely between two refresh beats.
For this application, current best practice is using Electron stack, or better, cloning VSCode and relying on GeoLeoMaximusDYP v3.2 LLM for geo-location.
How can starting a browser be a best practice? This app is lightweight and does not even use a GUI toolkit. You would roughly use 20x more memory. How is that a best practice?
Others have mentioned it was a directory, but it sent me off on a nostalgia trip, so here is an "obituary" of sorts, that is itself getting rather old:
None of these really convey the cultural importance of Freshmeat to the opensource community at the time, though. For a while, Slashdot + Freshmeat were among the two first sites almost everyone I knew and worked with would open in the morning.
The thing that the responses are not capturing is that the stuff on freshmeat was often kind of frivolous desktop widgets or themes. People were excited about Linux desktops and lots of people were authoring small stuff to customize it.
Network monitoring/visualization widgets that sit on your WindowMaker dock or similar was a common theme.
I was about to mention Aminet[1] too as a joke of sorts (it's Amiga focused, but still updated, though it stores the actual archives more than focus on the "news"), but scanned the front page on freshcode first and one of first things that stood out was an Amiga program[2]... If anything makes Freshcode a successor to Freshmeat, the only thing missing is an Enlightenment theme being posted too.
This is some old school style bare bones C. popen with a big old pipe chain is pretty quick n dirty. I’d have gone digging around in proc for the active connections. Cool stuff though. I like that it’s so straightforward to read.
it's more like taking notes with pen and pencil, while other patrons of the coffee shop use an electron-based note-taking "app" on their macbooks that uploads each keypress to the cloud, helpfully adding a half-second lag
Nice. My only gripe is that the map is not very easy to read, especially on the smaller sizes. There are too many coast lines and borders, so it can be hard to locate countries, especially in the Mediterranean. Would it be possible to draw land masses in solid (white?), and leave borders in dark (background color?). Other than that, works fine on Debian Linux and KDE. The map shows up on all desktops, which I like (but others might not)
Another idea. Would it be possible to make the dots fade out, a little like in https://www.lightningmaps.org, so I could see some of the older traffic points as well?
Forgive my ignorance, but I'm not sure what this is showing me. I'm running it on my home linux system, which is connected to the Internet via Verizon FIOS. The map shows three red dots, none of which are near me.
It's only showing connections directly initiated by your computer. Not anything "upstream" of you like the FIOS router. It would also show any connections TO your computer, but being behind NAT on a normal home network, that would likely be nothing unless you've intentionally punched holes.
There is even a beautiful Debian-based Window Maker distribution, called Window Maker Live. I am using this in a professional music studio as mixing workstation.
https://wmlive.sourceforge.net/
Ah, cool, this should incorporate location data at least as good as what the networks self-report! (I suspect that these databases, on top of ingesting all geofeed data, do something similar to Wi-Fi positioning, i.e. correlate the IP address of various GPS-enabled devices with their physical location to try and deduce undocumented/non-public allocation patterns.)
While that's indeed a bug, for it to be a security vulnerability, wouldn't there also have to be a security boundary involved? Specifically, mapName is always either "w1000b.png" or "w1000.png", so the only way to trigger the buffer overflow would be through the HOME environment variable. But if an attacker can run commands as you with arbitrary environment variables, aren't you already pwned? What would anyone gain by running your program and exploiting it to do something, rather than just doing the thing directly? https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31...
Assuming that code is actually present in your app, env vars can hold more than 255 characters. Easy buffer overflow to trigger. Use length-bounded copies and concats...
That's just off the top of my head; I've not written in C in a while.
Yeah, that is not a helpful attitude to take when it comes to this sort of thing. If nothing else, a super-long home path can crash your app and leave your user scratching their head. In other words, this is a bug (as is the fact that paths are not necessarily limited to 255 characters in the first place; see the PATH_MAX constant, I think it is?).
As to what could be accomplished with an overflow? I don't know; I'm not in security, and I don't sit around thinking of possible uses for various bugs when it comes to compromising systems.
Perhaps the most important thing to realize, though, is that you're distributing software publicly. Your security situation may not be the same as your user's security situation. Assumptions should not be made.
As long as you’re fixing that bug, you should do it right. If the return value from snprintf if more than 256 but less than a few GB then you should malloc a buffer big enough to hold the string and then call snprintf again with the new buffer. Only if that or malloc fails would you print an error. (It’s really a shame that the C standard library requires so many extra steps to do things correctly; this ought to be way easier.)
Basically, any path longer than 256 characters for `mapFilename` would cause a buffer overrun.
An unprivileged app could run your app (say, with more privileges), with a very long `HOME` environment path, causing a buffer overflow, and potentially exploit it to use your app's privileges to do more stuff than it was supposed to.
Basically, you should never use strcpy and strcat and but use the secure alternatives like strcpy_s and strcat_s, even when you know the source buffer would never exceed the destination size.
Sure, but since there's no enforced standard for how privileges are configured on a system, there's always the possibility that your app to be the only escape ticket.
You can dismiss that possibility of course. But, as a general habit, it's best to use secure alternatives instead of mulling over probabilities every other line.
As a positive side-effect, the change would make your app not crash on systems with long HOME env paths.:)
I see you already addressed it but here let me give a scenario.
Say the program was installed and set so the user didn't have privs to modify the executable (so an attacker couldn't just change it to do what they want).
A buffer overflow could allow an attacker to gain control flow of the program and feed bogus data to the user allowing them to scrub their presence from the map.
LittleSnitch has such a map feature
https://help.obdev.at/littlesnitch6/lsm-map
Main difference would be that LS being actively handling connections the list is always accurate whereas this appears to poll current connections using `ss` so it may miss some if they happen to be entirely between two refresh beats.
This seems like it belonged on freshmeat ca. Y2K.
For this application, current best practice is using Electron stack, or better, cloning VSCode and relying on GeoLeoMaximusDYP v3.2 LLM for geo-location.
How can starting a browser be a best practice? This app is lightweight and does not even use a GUI toolkit. You would roughly use 20x more memory. How is that a best practice?
Using sarcasm. Sarcasm that you missed.
I stopped reading the rest. I just saw Electron is mentioned. Some people honestly think that is a good approach.
Well, it is extremely portable. Just also all the other things you mentioned.
Both Windows and macOS have X servers. Heck don’t they both ship with them nowadays?
not really that portable?
No, not rest API, electron.
What's that? Webarchive/google don't return much of anything.
Way to make us feel old :)
Others have mentioned it was a directory, but it sent me off on a nostalgia trip, so here is an "obituary" of sorts, that is itself getting rather old:
https://jeffcovey.net/2014/06/19/freshmeat-net-1997-2014/
And here's the HN discussion from back then:
https://news.ycombinator.com/item?id=7925135
(including a couple of my own comments, which aren't all that intersting)
And the wikipedia entry:
https://en.wikipedia.org/wiki/Freecode
None of these really convey the cultural importance of Freshmeat to the opensource community at the time, though. For a while, Slashdot + Freshmeat were among the two first sites almost everyone I knew and worked with would open in the morning.
http://freshmeat.net was a directory of open source software back in the 90's and noughts. It was one of the main ways to discover software.
But what is X11? Is that like Wayland? ;-)
Yep, my "package repo", if you will, for pretty much everything I installed on Slackware back in the day.
The thing that the responses are not capturing is that the stuff on freshmeat was often kind of frivolous desktop widgets or themes. People were excited about Linux desktops and lots of people were authoring small stuff to customize it.
Network monitoring/visualization widgets that sit on your WindowMaker dock or similar was a common theme.
So that is sort of the reference being made here
A modern equivalent is <https://freshcode.club/>
I was about to mention Aminet[1] too as a joke of sorts (it's Amiga focused, but still updated, though it stores the actual archives more than focus on the "news"), but scanned the front page on freshcode first and one of first things that stood out was an Amiga program[2]... If anything makes Freshcode a successor to Freshmeat, the only thing missing is an Enlightenment theme being posted too.
[1] https://aminet.net/
[2] https://freshcode.club/projects/apccomm
Like product hunt but OSS.
Imagine if GitHub release authors publicized releases in a timeline view.
v.0.1 of this or v3.0 of that had the same exposure.
One site. Daily fix.
must have at least once
This is some old school style bare bones C. popen with a big old pipe chain is pretty quick n dirty. I’d have gone digging around in proc for the active connections. Cool stuff though. I like that it’s so straightforward to read.
> This is some old school style bare bones C.
Which has now become some kind of meta-ironic fashion statement. It's 2025's going to the coffee shop with a typewriter.
it's more like taking notes with pen and pencil, while other patrons of the coffee shop use an electron-based note-taking "app" on their macbooks that uploads each keypress to the cloud, helpfully adding a half-second lag
Nice. My only gripe is that the map is not very easy to read, especially on the smaller sizes. There are too many coast lines and borders, so it can be hard to locate countries, especially in the Mediterranean. Would it be possible to draw land masses in solid (white?), and leave borders in dark (background color?). Other than that, works fine on Debian Linux and KDE. The map shows up on all desktops, which I like (but others might not)
Another idea. Would it be possible to make the dots fade out, a little like in https://www.lightningmaps.org, so I could see some of the older traffic points as well?
Thanks for feedback! Will make it much more configurable as soon as I have time.
Forgive my ignorance, but I'm not sure what this is showing me. I'm running it on my home linux system, which is connected to the Internet via Verizon FIOS. The map shows three red dots, none of which are near me.
Those 3 dots are your peers, the other end of the TCP connection :)
So you basically have some apps running in the background (or foreground) that are making those connections.
I'm colorblind and had to change the dots color. Might be a nice config option.
There's a 'good first issue'-labeled issue for this from 2023: https://github.com/h2337/connmap/issues/14
Maybe they were expecting first hops like from traceroute. Maybe traceroute is an interesting way to continue developing.
Okay, got it, thanks. I suppose it could also be the FIOS router itself making those connections, or any of the other systems on my local network.
It's only showing connections directly initiated by your computer. Not anything "upstream" of you like the FIOS router. It would also show any connections TO your computer, but being behind NAT on a normal home network, that would likely be nothing unless you've intentionally punched holes.
No, for normal network configurations they wouldn't show. It's most likely your system connmap is running on making those connections.
You might be surprised how much traffic every device makes.
Impressive that the thing is less than 500 lines of pretty readable C
Pretty cool! Reminds me of the game Uplink.
Uplink! I loved that game. I should find it again.
One step closer to those futuristic screen interfaces you see in Hollywood blockbusters!
make sure interNIC is your first hop! LogDeleter is not optional <3
What's a network peer?
Yeah from an extremely quick read of the code, I agree with atworkc. It's showing any IP address you have an established network connection to.
edit: ssOutput is a global variable which is read elsewhere.Servers / Computers your device is currently communicating with, e.g. github servers when you load the link (well probably a cdn edge one)
Works also great with WindowMaker. I've added it to ~/GNUstep/Library/WindowMaker/autostart
Using windowmaker in 2025 is certainly an ...interesting choice, though I admit the app probably looks like it fits right in with that aesthetic
There is even a beautiful Debian-based Window Maker distribution, called Window Maker Live. I am using this in a professional music studio as mixing workstation. https://wmlive.sourceforge.net/
Are you using any old school audio software in your setup? How about outboard gear?
This doesnt pick up short lived connections or sneaky udp connections right?
Of course this was made by an i3wm user. Nicely done!
That's a really neat idea, damn.
I thought of doing something similar, it looks pretty cool. What about showing lines going through the various traceroute hops?
Might add that soon as configurable option, thanks for suggestion!
Someone should make a windowmaker dockapp out of this.
Neat! This runs fully offline (i.e. without calls to a GeoIP database), right?
From what I was able to tell looking at the code, yes.
The database is embedded in the program. Specifically, it is this file:
https://github.com/h2337/connmap/blob/master/connmap/resourc...
Presumably generated by the author with this Python script
https://github.com/h2337/connmap/blob/master/tools/get-ip-da...
Ah, cool, this should incorporate location data at least as good as what the networks self-report! (I suspect that these databases, on top of ingesting all geofeed data, do something similar to Wi-Fi positioning, i.e. correlate the IP address of various GPS-enabled devices with their physical location to try and deduce undocumented/non-public allocation patterns.)
Correct! GeoIP database is local.
Nice! Where is it from, and do you know if it incorporates geofeed [1] data for networks that publish it?
[1] https://ipregistry.co/blog/geofeeds
Of course it works fully offline, since then you don't have any network peers to draw on the map.
Localhost has to be somewhere too :)
[flagged]
In the fonction IpRangeVector_resize() in ip.c, you have a bug, that's not how realloc are supposed to be used.
Thanks for reporting. Will look into it soon.
connmap wouldn't run on my retrocomputer with ancient Xorg 1.7.6 so I vibe coded a janky perl gtk2 version and it works.
http://superkuh.com/connmap-perl-gtk2.pl.txt + http://tuvixdiedforoursins.org/w1000-old.png (baked black background map)
It looks pretty similar: http://tuvixdiedforoursins.org/connmap-perl-gtk2-screenshot.... vs http://tuvixdiedforoursins.org/connmap-original-screenshot.j...
And gtk3 for those running newer distros that kneecap themselves by not having gtk2 distributables, http://superkuh.com/connmap-perl-gtk3.pl.txt
Very cool! I made something similar 12 years ago. https://github.com/waerhert/ikna/blob/master/screenshot.png
No basically secure:
char mapFilename[256]; strcat(strcpy(mapFilename, getenv("HOME")), RESOURCES); strcat(mapFilename, mapName);
While that's indeed a bug, for it to be a security vulnerability, wouldn't there also have to be a security boundary involved? Specifically, mapName is always either "w1000b.png" or "w1000.png", so the only way to trigger the buffer overflow would be through the HOME environment variable. But if an attacker can run commands as you with arbitrary environment variables, aren't you already pwned? What would anyone gain by running your program and exploiting it to do something, rather than just doing the thing directly? https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31...
While exploitation is unlikely I think such things are still best avoided because multiple such things can sometimes be chained together.
What's insecure? Can you explain what's the vulnerability here and how and by whom can it be exploited?
Assuming that code is actually present in your app, env vars can hold more than 255 characters. Easy buffer overflow to trigger. Use length-bounded copies and concats...
That's just off the top of my head; I've not written in C in a while.
Why would you want to trigger a buffer overflow in user application if you can already control HOME envvar?
Yeah, that is not a helpful attitude to take when it comes to this sort of thing. If nothing else, a super-long home path can crash your app and leave your user scratching their head. In other words, this is a bug (as is the fact that paths are not necessarily limited to 255 characters in the first place; see the PATH_MAX constant, I think it is?).
As to what could be accomplished with an overflow? I don't know; I'm not in security, and I don't sit around thinking of possible uses for various bugs when it comes to compromising systems.
Perhaps the most important thing to realize, though, is that you're distributing software publicly. Your security situation may not be the same as your user's security situation. Assumptions should not be made.
Something to keep in mind.
Thanks for the discussion. Fix is already committed.
As long as you’re fixing that bug, you should do it right. If the return value from snprintf if more than 256 but less than a few GB then you should malloc a buffer big enough to hold the string and then call snprintf again with the new buffer. Only if that or malloc fails would you print an error. (It’s really a shame that the C standard library requires so many extra steps to do things correctly; this ought to be way easier.)
Not sure offhand how portable it is, but asprintf() handles automatic buffer allocation, thus not requiring any extra steps afaik.
It does exit on MacOS and Linux, at the very least.
Those are so unportable that I’d completely forgotten about them :)
But my man pages say that they exist on BSD in addition to GNU, so that’s pretty good these days. I say go for it.
No problem. =)
Basically, any path longer than 256 characters for `mapFilename` would cause a buffer overrun.
An unprivileged app could run your app (say, with more privileges), with a very long `HOME` environment path, causing a buffer overflow, and potentially exploit it to use your app's privileges to do more stuff than it was supposed to.
Basically, you should never use strcpy and strcat and but use the secure alternatives like strcpy_s and strcat_s, even when you know the source buffer would never exceed the destination size.
> (say, with more privileges)
Isn't it a moot point if unprivileged app can already run anything with more privileges? In normal operation, connmap requires no special privileges.
Sure, but since there's no enforced standard for how privileges are configured on a system, there's always the possibility that your app to be the only escape ticket.
You can dismiss that possibility of course. But, as a general habit, it's best to use secure alternatives instead of mulling over probabilities every other line.
As a positive side-effect, the change would make your app not crash on systems with long HOME env paths.:)
I see you already addressed it but here let me give a scenario.
Say the program was installed and set so the user didn't have privs to modify the executable (so an attacker couldn't just change it to do what they want).
A buffer overflow could allow an attacker to gain control flow of the program and feed bogus data to the user allowing them to scrub their presence from the map.
Also, awesome project!
Using strcat to a fixed size buffer is like using a gun to kill flies in a crowded flophouse while on crystal meth.
Thanks for noticing! Fix pushed.
very cool. works like a charm also on Sway
in ~/.config/sway/config:
cat ~/.config/connmap/connmaprc bonus: connect it to a right-click event either on the vpn or the network module in waybarOpenBSD devs did the same with either XPlanet or Xearth, can't rememeber. Now they use a GeoJson format.
Then you can import it under geo/viking port:
Open Viking and just load the geo.json file fromDam! Great tool. Very clean. Thank you.