Childflow

Per-command network sandbox for Linux — force proxy, DNS, and packet capture for one process tree

Serviceprototypefreeglobal

A Rust-based per-command-tree network sandbox for Linux that runs a command and its child processes in an isolated network context, applying DNS, hosts, forced proxying, packet capture, and structured flow logging to that process tree without changing the host session. It helps enforce per-command outbound allow/deny CIDR policies and capture network traffic for a single process, aimed at Linux developers, security engineers, pentesters, and DevOps teams; it is open-source and rootless by default.

Website

Full match profile

Behind the summary, Matchbox keeps a richer profile of Childflow - the signals our matcher actually reads to decide when to surface it. It stays private; claim the listing to see and control it.

Problem & pain-point mapping
Who we surface it to (audience fit)
What it's a strong alternative to
Trust & credibility signals

Claim Childflow to unlock →

Try Matchbox with your own problem

Describe what is not working - we’ll show you whether Childflow (or something else) actually fits.

Try a problem