Show HN: Childflow – command-tree network control(proxy/DNS/capture) for Linux
Childflow is a command-tree network sandbox for Linux that allows users to run commands in an isolated network context. It provides control over DNS, proxy behavior, and traffic capture specifically for the command tree, rather than the entire host session. The tool is designed to enhance network management for applications that do not consistently respect proxy environment variables.
- ▪Childflow runs commands in an isolated network context, applying specific controls to only that command tree.
- ▪It can enforce DNS, proxying, and traffic capture without relying on traditional environment variables.
- ▪The tool has two backends: rootless-internal for everyday use and rootful for host-integrated behavior.
Opening excerpt (first ~120 words) tap to expand
childflow childflow is a per-command-tree network sandbox for Linux. Run one command and its child processes in an isolated network context, control DNS / hosts / proxy behavior, apply outbound policy, capture only that tree's traffic, and emit structured flow logs for that tree. About childflow runs one command tree in an isolated network context and applies DNS, hosts, proxy, sandbox, policy, and capture controls only to that tree. This is useful for tools that do not honor proxy environment variables consistently. childflow forces the proxy at the command tree's network path instead of relying on HTTP_PROXY, HTTPS_PROXY, or LD_PRELOAD-style interception.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.