portwatch

Minimal listening-port change detector for Linux.

Problem

When installing or updating software, it is easy to miss that something opened a new port. ss -tlnp shows the current state but not changes over time. portwatch records a baseline and diffs it.

Usage

portwatch snapshot --out /var/lib/portwatch/baseline.json
portwatch diff --baseline /var/lib/portwatch/baseline.json
portwatch watch --baseline /var/lib/portwatch/baseline.json --interval 30s

Output

+ 0.0.0.0:9090  (prometheus, pid 2847)
- [::]:8080     (was: dev-server, gone)

← All projects