If you run a "local AI" tool and want to prove it's actually offline, here's the definitive verification method using Wireshark (Windows/macOS/Linux).
Why this matters
Many tools claim to be "private" or "local" but still phone home for:
- Telemetry and crash reporting
- License validation
- Analytics (Gradio does this by default)
- Model updates or sync
The only way to know for certain is to watch the network.
Step 1: Install Wireshark
Download from wireshark.org. Free, open source.
Step 2: Start a capture
- Open Wireshark
- Select your active network interface (Ethernet or Wi-Fi)
- Click the blue shark fin icon to start capturing
Step 3: Apply the filter that matters
In the display filter bar, type:
not (ip.dst == 127.0.0.1 or ip.dst == ::1 or ip.src == 127.0.0.1 or ip.src == ::1)
This filters OUT localhost traffic and shows ONLY external network calls.
Step 4: Run your AI tool and process a document
Now open your "local AI" tool and process something — a PDF, an image, a text file. Let it run to completion.
What you should see
Truly offline tool: zero packets in the filtered view.
Tool that phones home: you'll see packets to external IPs. Right-click any → "Follow TCP Stream" to see what data was sent.
Applying this to Ollama + Gradio
When running an Ollama-based app, you'll typically see:
-
127.0.0.1:11434— Ollama API calls (localhost, expected) -
127.0.0.1:7860— Gradio UI (localhost, expected)
If you see anything else, the app has external dependencies.
Disabling Gradio's default analytics
Gradio sends analytics to HuggingFace by default. To disable:
app.launch(
server_name="127.0.0.1", # bind to localhost only
share=False, # disable Gradio tunnel
analytics_enabled=False # disable phone-home
)
Without these settings, you'll see outbound traffic to huggingface.co during app startup.
Windows alternative: Resource Monitor
If you don't want to install Wireshark:
- Open Task Manager → Performance tab → "Open Resource Monitor"
- Go to the Network tab
- Expand "Network Activity"
- Filter for your Python/Ollama process
This shows active connections per process — easier than Wireshark for a quick check.
The verification script
I built a small Python script that automates this check and generates a report:
import subprocess
import re
def check_external_connections(duration_seconds=30):
"""Monitor network connections during AI processing."""
import psutil
import socket
external_connections = []
for conn in psutil.net_connections(kind='inet'):
if conn.raddr and conn.status == 'ESTABLISHED':
remote_ip = conn.raddr.ip
if not remote_ip.startswith('127.') and remote_ip != '::1':
external_connections.append({
'remote_ip': remote_ip,
'remote_port': conn.raddr.port,
'pid': conn.pid
})
return external_connections
This is included in the Offline PDF Summarizer product — you can run your own network audit any time.
Summary
| Method | Setup time | Detail level |
|---|---|---|
| Wireshark | 5 min | Full packet capture |
| Resource Monitor | 0 min (built-in) | Per-process connections |
| Python psutil script | 2 min | Scriptable, automated |
The Wireshark method is definitive. Use it to verify any tool that claims to be "offline" before trusting it with confidential documents.
Building privacy-first tools for professionals who can't use cloud AI.
Top comments (1)
Great guide! For added confidence, capturing local traffic with Wireshark can also help verify no external calls are being made during model inference. Have you tried comparing baseline network activity before and after running your AI tool?