Important
ZPortGuard requires permission to read active network connections and send signals to processes. On Linux this means running as a user with sufficient privileges (or granting the binary CAP_NET_ADMIN if needed). On macOS you will be prompted on first launch. On Windows run as a standard user — no elevation required for scan, elevation only needed for killing system-owned processes.
ZPortGuard sits in your system tray and watches every port your dev servers touch. The moment another process steals one, it either kills the offender automatically or surfaces a confirmation dialog — your call, per profile. No more EADDRINUSE at 2 AM.
Port 3000 → stolen by node (pid 18842) → auto-killed in <1 tick ✓
Port 5173 → stolen by python3 (pid 9041) → confirmation dialog ✓
Port 8080 → on whitelist → ignored ✓
| Feature | Detail |
|---|---|
| Per-profile contexts | Work · Testing · Side Project — each owns its port set, Auto-Fix rules, whitelist, and blacklist |
| Auto-Fix | Kill conflicting processes automatically; toggle per profile from the tray without opening the window |
| Whitelist / Blacklist | Exact name, glob, or full path — whitelist protects, blacklist bypasses confirmation entirely |
| Live polling | 500 ms – 5 s scan interval; changes apply without restart |
| Activity log | Every conflict, auto-kill, and dismissal persisted to SQLite with protocol + profile context |
| TCP / UDP / Both | Per-port protocol configuration |
| Tray icon | Glass popover shows live port status; toggle Auto-Fix without touching the main window |
| Debug suite | Built-in test harness for spawning mock port holders, validating rules, and benchmarking intervals |
| Layer | Technology |
|---|---|
| Desktop framework | Tauri v2 |
| Frontend | React 19 + TypeScript 5 + Vite 7 |
| Styling | Tailwind CSS v4 |
| State | Zustand |
| Backend | Rust — tokio, serde_json, netstat2, sysinfo |
| Storage | SQLite via tauri-plugin-sql |
| Charts | Recharts |
Note
The Rust backend handles all port scanning and process management natively — no shell-out to lsof, ss, or netstat. netstat2 reads /proc/net/tcp directly for sub-millisecond scans.
Pre-built binaries are available on zsync.eu/zportguard.
| OS | Format | Notes |
|---|---|---|
| Linux | .AppImage |
Portable, no install required |
| Linux | .deb |
Debian · Ubuntu · Mint |
| Linux | .rpm |
Fedora · RHEL · openSUSE |
| macOS | .dmg (aarch64) |
Apple Silicon — M1 / M2 / M3 / M4 |
| macOS | .dmg (x64) |
Intel — pre-2020 Macs |
| Windows | .exe (NSIS) |
Recommended — standard installer |
| Windows | .msi |
Enterprise / GPO deployment |
- Rust (stable toolchain)
- Node.js ≥ 18
- pnpm
- Linux (primary target; tested on Arch-based distros with LTS kernel)
Tip
First-time Tauri setup? Run cargo install tauri-cli once, then proceed below.
pnpm install
pnpm tauri devpnpm tauri build
# outputs: src-tauri/target/release/bundle/{deb,rpm,appimage}/Native build after a prior successful compile takes ~30–60 s.
|
TheHolyOneZ
|
Distributed under the GPL-3.0 license. See LICENSE for the full text.