frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Interop 2025: A Year of Convergence

https://webkit.org/blog/17808/interop-2025-review/
1•ksec•7m ago•0 comments

JobArena – Human Intuition vs. Artificial Intelligence

https://www.jobarena.ai/
1•84634E1A607A•10m ago•0 comments

Concept Artists Say Generative AI References Only Make Their Jobs Harder

https://thisweekinvideogames.com/feature/concept-artists-in-games-say-generative-ai-references-on...
1•KittenInABox•14m ago•0 comments

Show HN: PaySentry – Open-source control plane for AI agent payments

https://github.com/mkmkkkkk/paysentry
1•mkyang•16m ago•0 comments

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

https://moli-green.is/
1•ShinyaKoyano•26m ago•0 comments

The Crumbling Workflow Moat: Aggregation Theory's Final Chapter

https://twitter.com/nicbstme/status/2019149771706102022
1•SubiculumCode•30m ago•0 comments

Pax Historia – User and AI powered gaming platform

https://www.ycombinator.com/launches/PMu-pax-historia-user-ai-powered-gaming-platform
2•Osiris30•31m ago•0 comments

Show HN: I built a RAG engine to search Singaporean laws

https://github.com/adityaprasad-sudo/Explore-Singapore
1•ambitious_potat•37m ago•0 comments

Scams, Fraud, and Fake Apps: How to Protect Your Money in a Mobile-First Economy

https://blog.afrowallet.co/en_GB/tiers-app/scams-fraud-and-fake-apps-in-africa
1•jonatask•37m ago•0 comments

Porting Doom to My WebAssembly VM

https://irreducible.io/blog/porting-doom-to-wasm/
1•irreducible•37m ago•0 comments

Cognitive Style and Visual Attention in Multimodal Museum Exhibitions

https://www.mdpi.com/2075-5309/15/16/2968
1•rbanffy•39m ago•0 comments

Full-Blown Cross-Assembler in a Bash Script

https://hackaday.com/2026/02/06/full-blown-cross-assembler-in-a-bash-script/
1•grajmanu•44m ago•0 comments

Logic Puzzles: Why the Liar Is the Helpful One

https://blog.szczepan.org/blog/knights-and-knaves/
1•wasabi991011•56m ago•0 comments

Optical Combs Help Radio Telescopes Work Together

https://hackaday.com/2026/02/03/optical-combs-help-radio-telescopes-work-together/
2•toomuchtodo•1h ago•1 comments

Show HN: Myanon – fast, deterministic MySQL dump anonymizer

https://github.com/ppomes/myanon
1•pierrepomes•1h ago•0 comments

The Tao of Programming

http://www.canonical.org/~kragen/tao-of-programming.html
2•alexjplant•1h ago•0 comments

Forcing Rust: How Big Tech Lobbied the Government into a Language Mandate

https://medium.com/@ognian.milanov/forcing-rust-how-big-tech-lobbied-the-government-into-a-langua...
3•akagusu•1h ago•0 comments

PanelBench: We evaluated Cursor's Visual Editor on 89 test cases. 43 fail

https://www.tryinspector.com/blog/code-first-design-tools
2•quentinrl•1h ago•2 comments

Can You Draw Every Flag in PowerPoint? (Part 2) [video]

https://www.youtube.com/watch?v=BztF7MODsKI
1•fgclue•1h ago•0 comments

Show HN: MCP-baepsae – MCP server for iOS Simulator automation

https://github.com/oozoofrog/mcp-baepsae
1•oozoofrog•1h ago•0 comments

Make Trust Irrelevant: A Gamer's Take on Agentic AI Safety

https://github.com/Deso-PK/make-trust-irrelevant
7•DesoPK•1h ago•4 comments

Show HN: Sem – Semantic diffs and patches for Git

https://ataraxy-labs.github.io/sem/
1•rs545837•1h ago•1 comments

Hello world does not compile

https://github.com/anthropics/claudes-c-compiler/issues/1
35•mfiguiere•1h ago•20 comments

Show HN: ZigZag – A Bubble Tea-Inspired TUI Framework for Zig

https://github.com/meszmate/zigzag
3•meszmate•1h ago•0 comments

Metaphor+Metonymy: "To love that well which thou must leave ere long"(Sonnet73)

https://www.huckgutman.com/blog-1/shakespeare-sonnet-73
1•gsf_emergency_6•1h ago•0 comments

Show HN: Django N+1 Queries Checker

https://github.com/richardhapb/django-check
1•richardhapb•1h ago•1 comments

Emacs-tramp-RPC: High-performance TRAMP back end using JSON-RPC instead of shell

https://github.com/ArthurHeymans/emacs-tramp-rpc
1•todsacerdoti•1h ago•0 comments

Protocol Validation with Affine MPST in Rust

https://hibanaworks.dev
1•o8vm•1h ago•1 comments

Female Asian Elephant Calf Born at the Smithsonian National Zoo

https://www.si.edu/newsdesk/releases/female-asian-elephant-calf-born-smithsonians-national-zoo-an...
5•gmays•2h ago•1 comments

Show HN: Zest – A hands-on simulator for Staff+ system design scenarios

https://staff-engineering-simulator-880284904082.us-west1.run.app/
1•chanip0114•2h ago•1 comments
Open in hackernews

Show HN: Pcapsql – SQL interface for PCAP analysis

https://github.com/mtottenh/pcapsql
1•__padding•1mo ago
I was chatting with a colleague a while ago, and they wanted to run some SQL queries against a PCAP – aggregate by source IP, that sort of thing. They went looking and found PacketQ (DNS/ICMP only), Apache Drill's PCAP support (outer headers only), DuckDB has a PCAP reader community extension (same deal, limited to outer headers). You can always write a one-off script with scapy or gopacket, but it gets old fast.

We deal a lot with tunneled traffic, none of those tools really seemed very feature rich on that front, e.g. for VXLAN every tool just showed UDP/4789, not the encapsulated packets.

So as a weekend project that got a bit out of hand, I built what they were asking for. Protocol layers become tables, you query with SQL, it parses through tunnels:

      -- Traffic inside VXLAN tunnels
      SELECT ip4_to_string(src_ip) as src, ip4_to_string(dst_ip) as dst, COUNT(*)
      FROM ipv4
      WHERE tunnel_type = 'vxlan'
      GROUP BY 1, 2;

      -- Top talkers
      SELECT ip4_to_string(src_ip) as src, SUM(total_length) as bytes
      FROM ipv4
      GROUP BY 1
      ORDER BY bytes DESC
      LIMIT 10;
Also handles TLS decryption (SSLKEYLOGFILE), HTTP/2 frame parsing, GRE/MPLS/GTP, export to Parquet, and querying directly from S3.

Built with Rust on Apache Arrow and DataFusion.

https://github.com/mtottenh/pcapsql

Comments

__padding•1mo ago
Some fun stuff you can do - RTT analysis, just using SQL :-) :

  -- RTT Analysis using TCP timestamp echo
  -- Measures actual network RTT by tracking when our ts_val gets echoed back
  -- For client-side captures: dst_port in (80,443) = outbound, src_port in (80,443) = inbound


  WITH outbound AS (
      -- Packets TO server (dst_port is well-known)
      SELECT
          t.frame_number,
          f.timestamp as send_ts,
          t.dst_port as server_port,
          t.ts_val,
          i.src_ip as local_ip,
          t.src_port as local_port,
          i.dst_ip as remote_ip
      FROM tcp t
      JOIN ipv4 i ON t.frame_number = i.frame_number
      JOIN frames f ON t.frame_number = f.frame_number
      WHERE t.ts_val IS NOT NULL
         AND t.dst_port IN (80, 443, 8080, 8443)
  ),
  inbound AS (
      -- Packets FROM server (src_port is well-known)
      SELECT
          t.frame_number,
          f.timestamp as recv_ts,
          t.src_port as server_port,
          t.ts_ecr,
          i.dst_ip as local_ip,
          t.dst_port as local_port,
          i.src_ip as remote_ip
      FROM tcp t
      JOIN ipv4 i ON t.frame_number = i.frame_number
      JOIN frames f ON t.frame_number = f.frame_number
      WHERE t.ts_ecr IS NOT NULL
        AND t.ts_ecr > 0
        AND t.src_port IN (80, 443, 8080, 8443)
  ),
  -- Match: find when our ts_val was echoed back by the server
  rtt_samples AS (
      SELECT
          o.frame_number as send_frame,
          MIN(i.frame_number) as recv_frame,
          o.server_port,
          o.send_ts,
          MIN(i.recv_ts) as recv_ts
      FROM outbound o
      JOIN inbound i
          ON o.local_ip = i.local_ip
          AND o.local_port = i.local_port
          AND o.remote_ip = i.remote_ip
          AND o.server_port = i.server_port
          AND i.ts_ecr = o.ts_val
          AND i.frame_number > o.frame_number
      GROUP BY o.frame_number, o.server_port, o.send_ts
  ),
  rtt_values AS (
      SELECT
          server_port,
          EXTRACT(EPOCH FROM (recv_ts - send_ts)) * 1000.0 as rtt_ms
      FROM rtt_samples
      WHERE recv_ts > send_ts
  )
  SELECT
      server_port,
      hdr_count(hdr_histogram(rtt_ms)) as samples,
      ROUND(hdr_min(hdr_histogram(rtt_ms)), 2) as min_ms,
      ROUND(hdr_percentile(hdr_histogram(rtt_ms), 0.50), 2) as p50_ms,
      ROUND(hdr_percentile(hdr_histogram(rtt_ms), 0.75), 2) as p75_ms,
      ROUND(hdr_percentile(hdr_histogram(rtt_ms), 0.95), 2) as p95_ms,
      ROUND(hdr_percentile(hdr_histogram(rtt_ms), 0.99), 2) as p99_ms,
      ROUND(hdr_max(hdr_histogram(rtt_ms)), 2) as max_ms,
      ROUND(hdr_mean(hdr_histogram(rtt_ms)), 2) as mean_ms
  FROM rtt_values
  WHERE rtt_ms > 0 AND rtt_ms < 30000
  GROUP BY server_port
  ORDER BY samples DESC;
Results from my local machine to a speedtest server:

  +-------------+---------+--------+--------+--------+--------+--------+--------+---------+
     | server_port | samples | min_ms | p50_ms | p75_ms | p95_ms | p99_ms | max_ms | mean_ms |
     +=======================================================================================+
     | 443         | 315     | 1.0    | 75.0   | 263.0  | 349.0  | 3007.0 | 3007.0 | 177.27  |
     |-------------+---------+--------+--------+--------+--------+--------+--------+---------|
     | 80          | 6       | 70.0   | 71.0   | 72.0   | 72.0   | 72.0   | 72.0   | 71.17   |
     +-------------+---------+--------+--------+--------+--------+--------+--------+---------+