aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;; Copyright © 2015, 2017, 2018, 2019 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016 Nikita <nikita@n0.is>
;;; Copyright © 2017 rsiddharth <s@ricketyspace.net>
;;; Copyright © 2017, 2019, 2023 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2020 Giacomo Leidi <goodoldpaul@autistici.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages haskell-crypto)
  #:use-module (gnu packages)
  #:use-module (gnu packages compression)
  #:use-module (gnu packages haskell)
  #:use-module (gnu packages haskell-check)
  #:use-module (gnu packages haskell-xyz)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages tls)
  #:use-module (guix build-system haskell)
  #:use-module (guix download)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix packages)
  #:use-module (guix utils))

(define-public ghc-asn1-types
  (package
    (name "ghc-asn1-types")
    (version "0.3.4")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "asn1-types" version))
              (sha256
               (base32
                "1a119qxhxhr0yn37r26dkydm6g5kykdkx98ghb59i4ipa6i95vkq"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "asn1-types")))
    (inputs
     (list ghc-memory ghc-hourglass))
    (home-page "https://github.com/vincenthz/hs-asn1-types")
    (synopsis "ASN.1 types for Haskell")
    (description
     "The package provides the standard types for dealing with the ASN.1
format.")
    (license license:bsd-3)))

(define-public ghc-asn1-encoding
  (package
    (name "ghc-asn1-encoding")
    (version "0.9.6")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "asn1-encoding" version))
              (sha256
               (base32
                "02nsr30h5yic1mk7znf0q4z3n560ip017n60hg7ya25rsfmxxy6r"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "asn1-encoding")))
    (inputs
     (list ghc-hourglass ghc-asn1-types))
    (native-inputs
     (list ghc-tasty ghc-tasty-quickcheck))
    (home-page "https://github.com/vincenthz/hs-asn1")
    (synopsis "ASN1 data reader and writer in RAW, BER and DER forms")
    (description
     "This package provides a reader and writer for ASN1 data in raw form with
supports for high level forms of ASN1 (BER, and DER).")
    (license license:bsd-3)))

(define-public ghc-asn1-parse
  (package
    (name "ghc-asn1-parse")
    (version "0.9.5")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "asn1-parse" version))
              (sha256
               (base32
                "17pk8y3nwv9b9i5j15qlmwi7fmq9ab2z4kfpjk2rvcrh9lsf27wg"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "asn1-parse")))
    (inputs
     (list ghc-asn1-types ghc-asn1-encoding))
    (home-page "https://github.com/vincenthz/hs-asn1")
    (synopsis "Simple monadic parser for ASN1 stream types")
    (description
     "This package provides a simple monadic parser for ASN1 stream types,
when ASN1 pattern matching is not convenient.")
    (license license:bsd-3)))

(define-public ghc-crypto-api
  (package
    (name "ghc-crypto-api")
    (version "0.13.3")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypto-api" version))
       (sha256
        (base32
         "19bsmkqkpnvh01b77pmyarx00fic15j4hvg4pzscrj4prskrx2i9"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypto-api")))
    (inputs (list ghc-cereal ghc-tagged ghc-entropy))
    (home-page "https://github.com/TomMD/crypto-api")
    (synopsis "Provides generic interface for cryptographic operations
for Haskell")
    (description "This Haskell package provides a generic interface for
cryptographic operations (hashes, ciphers, randomness).

Maintainers of hash and cipher implementations are encouraged to add instances
for the classes defined in @code{Crypto.Classes}.  @code{Crypto} users are
similarly encouraged to use the interfaces defined in the @code{Classes} module.

Any concepts or functions of general use to more than one cryptographic
algorithm (ex: padding) is within scope of this package.")
    (license license:bsd-3)))

(define-public ghc-crypto-api-tests
  (package
    (name "ghc-crypto-api-tests")
    (version "0.3")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypto-api-tests" version))
       (sha256
        (base32
         "0w3j43jdrlj28jryp18hc6q84nkl2yf4vs1hhgrsk7gb9kfyqjpl"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypto-api-tests")))
    (inputs (list ghc-test-framework-quickcheck2
                  ghc-crypto-api
                  ghc-cereal
                  ghc-test-framework
                  ghc-test-framework-hunit
                  ghc-hunit
                  ghc-quickcheck))
    (home-page "https://github.com/TomMD/crypto-api-tests")
    (synopsis "Test framework and KATs for cryptographic operations for Haskell")
    (description "This Haskell package provides a test framework for hash and
cipher operations using the crypto-api interface.  Known answer tests (KATs)
for common cryptographic algorithms are included.")
    (license license:bsd-3)))

(define-public ghc-cryptohash
  (package
    (name "ghc-cryptohash")
    (version "0.11.9")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cryptohash" version))
       (sha256
        (base32
         "1yr2iyb779znj79j3fq4ky8l1y8a600a2x1fx9p5pmpwq5zq93y2"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptohash")))
    (inputs
     (list ghc-byteable
           ghc-cryptonite
           ghc-memory
           ghc-hunit
           ghc-quickcheck
           ghc-tasty
           ghc-tasty-quickcheck
           ghc-tasty-hunit))
    (home-page "https://github.com/vincenthz/hs-cryptohash")
    (synopsis "Collection of cryptographic hashes in Haskell")
    (description
     "A collection of crypto hashes, with a practical incremental and one-pass,
pure APIs, with performance close to the fastest implementations available in
other languages.  The implementations are made in C with a haskell FFI wrapper
that hides the C implementation.")
    (license license:bsd-3)))

(define-public ghc-cryptohash-md5
  (package
    (name "ghc-cryptohash-md5")
    (version "0.11.101.0")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cryptohash-md5" version))
       (sha256
        (base32
         "018g13hkmq5782i24b4518hcd926fl6x6fh5hd7b9wlxwc5dn21v"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptohash-md5")))
    (native-inputs (list ghc-base16-bytestring ghc-puremd5 ghc-tasty
                         ghc-tasty-hunit ghc-tasty-quickcheck))
    (home-page "https://github.com/hvr/cryptohash-md5")
    (synopsis "MD5 implementation for Haskell")
    (description "This Haskell package provides implementation of MD5.")
    (license license:bsd-3)))

(define-public ghc-cryptohash-sha1
  (package
    (name "ghc-cryptohash-sha1")
    (version "0.11.101.0")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "cryptohash-sha1" version))
              (sha256
               (base32
                "0h9jl9v38gj0vnscqx7xdklk634p05fa6z2pcvknisq2mnbjq154"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptohash-sha1")))
    (native-inputs (list ghc-base16-bytestring ghc-sha ghc-tasty
                         ghc-tasty-quickcheck ghc-tasty-hunit))
    (arguments
     `(#:cabal-revision ("1"
                         "0bz9rfl7b2iwn45m0lxcmsyi5rrv3xdgzx2lzr79bds91dw6i25b")))
    (home-page "https://github.com/hvr/cryptohash-sha1")
    (synopsis "SHA-1 implementation for Haskell")
    (description
     "This Haskell package provides an incremental and one-pass,
pure API to the @uref{https://en.wikipedia.org/wiki/SHA-1, SHA-1 hash algorithm},
including @uref{https://en.wikipedia.org/wiki/HMAC, HMAC support}, with
performance close to the fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides
the C implementation.")
    (license license:bsd-3)))

(define-public ghc-cryptohash-sha256
  (package
    (name "ghc-cryptohash-sha256")
    (version "0.11.102.1")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cryptohash-sha256" version))
       (sha256
        (base32
         "1xkb7iqplbw4fy1122p79xf1zcb7k44rl0wmfj1q06l7cdqxr9vk"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptohash-sha256")))
    (arguments
     `(#:cabal-revision
       ("1" "1hyzqv30rpj920ddnr0zypyjjlh52vyp2d140pn2byayj820rkgs")
       #:tests? #f)) ; TODO: tasty ==1.1.*
    (native-inputs
     (list ghc-base16-bytestring ghc-sha ghc-tasty ghc-tasty-hunit
           ghc-tasty-quickcheck))
    (home-page "https://github.com/hvr/cryptohash-sha1")
    (synopsis "SHA-256 implementation for Haskell")
    (description "This Haskell package provides an incremental and
one-pass, pure API to the @uref{https://en.wikipedia.org/wiki/SHA-2,
SHA-256 cryptographic hash algorithm}, with performance close to the
fastest implementations available in other languages.

The implementation is made in C with a haskell FFI wrapper that hides
the C implementation.")
    (license license:bsd-3)))

(define-public ghc-cryptonite
  (package
    (name "ghc-cryptonite")
    (version "0.30")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "cryptonite" version))
              (sha256
               (base32
                "07bb97iszhnrfddh5ql6p3dqd0c13xycjw5n2kljw7d0ia59q2an"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptonite")))
    (inputs (list ghc-memory ghc-basement))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck ghc-tasty-hunit
                         ghc-tasty-kat))
    (home-page "https://github.com/haskell-crypto/cryptonite")
    (synopsis "Cryptography primitives")
    (description
     "This package is a repository of cryptographic primitives for Haskell.
It supports a wide range of symmetric ciphers, cryptographic hash functions,
public key algorithms, key derivation numbers, cryptographic random number
generators, and more.")
    (license license:bsd-3)))

(define-public ghc-curve25519
  (package
  (name "ghc-curve25519")
  (version "0.2.7")
  (source
   (origin
     (method url-fetch)
     (uri (hackage-uri "curve25519" version))
     (sha256
      (base32 "1p8b1lppkvc19974hr43lcqdi4nj55j2nf7gsnp8dn7gyf23aayq"))))
  (build-system haskell-build-system)
  (native-inputs
   (list ghc-hunit
         ghc-quickcheck
         ghc-tagged
         ghc-test-framework
         ghc-test-framework-hunit
         ghc-test-framework-quickcheck2))
  (inputs
   (list ghc-crypto-api))
  (properties '((upstream-name . "curve25519")))
  (home-page "https://github.com/acw/curve25519")
  (synopsis "Fast implementations of the curve25519 elliptic curve primitives.")
  (description
   "This module provides Haskell bindings and extensions to the curve25519-donna
codebase.  It's a pretty straightforward implementation of the basic
cryptographic routines you'd want from a project that uses curve25519: key
generation, and key agreement.  For further functionality, you'll want to look
elsewhere.")
  (license license:bsd-3)))

(define-public ghc-digest
  (package
    (name "ghc-digest")
    (version "0.0.1.7")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "digest" version))
       (sha256
        (base32 "02jzw0bsng87y1n2kgpy7vb30lvqsnpbfd8dpg4hmvbg9s06qgdj"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "digest")))
    (arguments
     `(#:extra-directories ("zlib")
       #:cabal-revision ("1"
                         "0wh34kyag2vhwvsdwv8qmvm13gy32nc94yfyqfdnl67nyc2sx8wl")))
    (inputs (list zlib))
    (native-inputs (list pkg-config))
    (home-page "http://hackage.haskell.org/package/digest")
    (synopsis "Various cryptographic hashes for bytestrings")
    (description
     "This package provides efficient cryptographic hash implementations for
strict and lazy bytestrings.  For now, CRC32 and Adler32 are supported; they
are implemented as FFI bindings to efficient code from zlib.")
    (license license:bsd-3)))

(define-public ghc-entropy
  (package
    (name "ghc-entropy")
    (version "0.4.1.10")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "entropy" version))
              (sha256
               (base32
                "1rbx4ydabrjs8kkdg9laznkh9nisiq6b5z93vnp9bh6iy59ivb45"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "entropy")))
    (home-page "https://github.com/TomMD/entropy")
    (synopsis "Provides platform independent entropy source for Haskell")
    (description "This Haskell package provides a platform independent method
to obtain cryptographically strong entropy.")
    (license license:bsd-3)))

(define-public ghc-pem
  (package
    (name "ghc-pem")
    (version "0.2.4")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "pem" version))
              (sha256
               (base32
                "1m7qjsxrd8m88cvkqmr8kscril500j2a9y0iynvksjyjkhdlq33p"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "pem")))
    (inputs
     (list ghc-basement ghc-memory))
    (native-inputs
     (list ghc-test-framework ghc-test-framework-quickcheck2
           ghc-test-framework-hunit ghc-hunit ghc-quickcheck))
    (home-page "https://github.com/vincenthz/hs-pem")
    (synopsis "Privacy Enhanced Mail (PEM) format reader and writer")
    (description
     "This library provides readers and writers for the @dfn{Privacy Enhanced
Mail} (PEM) format.")
    (license license:bsd-3)))

(define-public ghc-puremd5
  (package
    (name "ghc-puremd5")
    (version "2.1.4")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "pureMD5" version))
       (sha256
        (base32
         "0qwkvxwi9wh6knn69rg2hvc8ngmv1if77kmpcnp0xqr0l30fwavq"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "pureMD5")))
    (inputs (list ghc-cereal ghc-crypto-api ghc-tagged))
    (native-inputs (list ghc-crypto-api-tests ghc-quickcheck
                         ghc-test-framework ghc-test-framework-quickcheck2
                         ghc-pretty-hex))
    (home-page "https://github.com/TomMD/pureMD5")
    (synopsis "Haskell implementation of the MD5 hash algorithm")
    (description "This package provides a Haskell-only implementation of
the MD5 digest (hash) algorithm.  This now supports the @code{crypto-api} class
interface.")
    (license license:bsd-3)))

(define-public ghc-sha
  (package
    (name "ghc-sha")
    (version "1.6.4.4")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "SHA" version))
              (sha256
               (base32
                "0i4b2wjisivdy72synal711ywhx05mfqfba5n65rk8qidggm1nbb"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "SHA")))
    (native-inputs
     (list ghc-quickcheck ghc-test-framework
           ghc-test-framework-quickcheck2))
    (home-page "https://hackage.haskell.org/package/SHA")
    (synopsis "SHA suite of message digest functions")
    (description
     "This library implements the SHA suite of message digest functions,
according to NIST FIPS 180-2 (with the SHA-224 addendum), as well as the
SHA-based HMAC routines.  The functions have been tested against most of the
NIST and RFC test vectors for the various functions.  While some attention has
been paid to performance, these do not presently reach the speed of well-tuned
libraries, like OpenSSL.")
    (license license:bsd-3)))

(define-public ghc-x509
  (package
    (name "ghc-x509")
    (version "1.7.7")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "x509" version))
              (sha256
               (base32
                "1zk8lll1hmzl5xvrd16dhyz25151y59xhsqp2mm1wgymwl7r5ijr"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "x509")))
    (inputs (list ghc-memory
                  ghc-hourglass
                  ghc-pem
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-asn1-parse
                  ghc-cryptonite))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck))
    (home-page "http://github.com/vincenthz/hs-certificate")
    (synopsis "X509 reader and writer")
    (description
     "This library provides functions to read and write X509 certificates.")
    (license license:bsd-3)))

(define-public ghc-x509-store
  (package
    (name "ghc-x509-store")
    (version "1.6.9")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "x509-store" version))
              (sha256
               (base32
                "1nn8ql7vkp4qgf2msm600sr6ranpsajbhq0sc4c0l6pk1i9174n5"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "x509-store")))
    (inputs (list ghc-pem ghc-asn1-types ghc-asn1-encoding ghc-cryptonite
                  ghc-x509))
    (native-inputs (list ghc-tasty ghc-tasty-hunit))
    (home-page "http://github.com/vincenthz/hs-certificate")
    (synopsis "X.509 collection accessing and storing methods")
    (description
     "This package provides functions for accessing and storing X.509
collections, certificates, revocation lists, and exception lists.")
    (license license:bsd-3)))

(define-public ghc-x509-validation
  (package
    (name "ghc-x509-validation")
    (version "1.6.12")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "x509-validation" version))
              (sha256
               (base32
                "1j7is28ljz4yxwxz5ax3x7ykgwkr38dx46bw7vgj4arkk7hl93hd"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "x509-validation")))
    (inputs (list ghc-memory
                  ghc-hourglass
                  ghc-data-default-class
                  ghc-pem
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-x509
                  ghc-x509-store
                  ghc-cryptonite))
    (native-inputs (list ghc-tasty ghc-tasty-hunit))
    (home-page "http://github.com/vincenthz/hs-certificate")
    (synopsis "X.509 certificate and revocation list validation")
    (description
     "This package provides functions for X.509 certificate and revocation
list validation.")
    (license license:bsd-3)))

(define-public ghc-x509-system
  (package
    (name "ghc-x509-system")
    (version "1.6.7")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "x509-system" version))
              (sha256
               (base32
                "049bdaxrih49nkhkyl2342qnbx2f0q99z8rld648bz1kkgyizz38"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "x509-system")))
    (inputs (list ghc-pem ghc-x509 ghc-x509-store))
    (home-page "http://github.com/vincenthz/hs-certificate")
    (synopsis "Handle system X.509 accessors and storage")
    (description
     "This package provides a library to handle system accessors and storage
for X.509 certificates.")
    (license license:bsd-3)))

(define-public ghc-crypto-cipher-types
  (package
    (name "ghc-crypto-cipher-types")
    (version "0.0.9")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypto-cipher-types" version))
       (sha256
        (base32
         "03qa1i1kj07pfrxsi7fiaqnnd0vi94jd4jfswbmnm4gp1nvzcwr0"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypto-cipher-types")))
    (inputs (list ghc-byteable ghc-securemem))
    (home-page "https://github.com/vincenthz/hs-crypto-cipher")
    (synopsis "Generic cryptography cipher types for Haskell")
    (description "This Haskell package provides basic typeclasses and types
for symmetric ciphers.")
    (license license:bsd-3)))

(define-public ghc-cipher-aes
  (package
    (name "ghc-cipher-aes")
    (version "0.2.11")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cipher-aes" version))
       (sha256
        (base32
         "05ahz6kjq0fl1w66gpiqy0vndli5yx1pbsbw9ni3viwqas4p3cfk"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cipher-aes")))
    (inputs (list ghc-byteable ghc-securemem ghc-crypto-cipher-types))
    (native-inputs (list ghc-quickcheck ghc-test-framework
                         ghc-test-framework-quickcheck2
                         ghc-crypto-cipher-tests))
    (home-page "https://github.com/vincenthz/hs-cipher-aes")
    (synopsis "AES cipher implementation with advanced mode of operations for
Haskell")
    (description "This Haskell package provides AES cipher implementation.

The modes of operations available are ECB (Electronic code book), CBC (Cipher
block chaining), CTR (Counter), XTS (XEX with ciphertext stealing),
GCM (Galois Counter Mode).

The AES implementation uses AES-NI when available (on x86 and x86-64
architecture), but fallback gracefully to a software C implementation.

The software implementation uses S-Boxes, which might suffer for cache timing
issues.  However do notes that most other known software implementations,
including very popular one (openssl, gnutls) also uses similar
implementation.  If it matters for your case, you should make sure you have
AES-NI available, or you'll need to use a different implementation.")
    (license license:bsd-3)))

(define-public ghc-crypto-random
  (package
    (name "ghc-crypto-random")
    (version "0.0.9")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypto-random" version))
       (sha256
        (base32
         "0139kbbb2h7vshf68y3fvjda29lhj7jjwl4vq78w4y8k8hc7l2hp"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypto-random")))
    (inputs (list ghc-securemem ghc-vector))
    (home-page "https://github.com/vincenthz/hs-crypto-random")
    (synopsis "Simple cryptographic random related types for Haskell")
    (description "Simple cryptographic random related types: a safe
abstraction for CPRNGs.")
    (license license:bsd-3)))

(define-public ghc-crypton
  (package
    (name "ghc-crypton")
    (version "0.34")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypton" version))
       (sha256
        (base32 "1mhypjhzn95in853bp7ary0a2xc6lsji6j8hrrgn2mfa4ilq8i24"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypton")))
    (inputs (list ghc-memory ghc-basement))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck ghc-tasty-hunit
                         ghc-tasty-kat))
    (home-page "https://github.com/kazu-yamamoto/crypton")
    (synopsis "Cryptography Primitives sink")
    (description
     "This package provides a repository of cryptographic primitives.

@itemize @bullet
@item Symmetric ciphers: AES, DES, 3DES, CAST5, Blowfish, Twofish, Camellia,
  RC4, Salsa, XSalsa, ChaCha.
@item Hash: SHA1, SHA2, SHA3, SHAKE, MD2, MD4, MD5, Keccak, Skein, Ripemd,
 Tiger, Whirlpool, Blake2.
@item MAC: HMAC, KMAC, Poly1305
@item Asymmetric crypto: DSA, RSA, DH, ECDH, ECDSA, ECC, Curve25519, Curve448,
  Ed25519, Ed448
@item Key Derivation Function: PBKDF2, Scrypt, HKDF, Argon2, BCrypt,
  BCryptPBKDF
@item Cryptographic Random generation: System Entropy, Deterministic Random
  Generator
@item Data related: Anti-Forensic Information Splitter (AFIS)
@end itemize")
    (license license:bsd-3)))

(define-public ghc-crypton-x509
  (package
    (name "ghc-crypton-x509")
    (version "1.7.6")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypton-x509" version))
       (sha256
        (base32 "1zyaz0krf08g36g30zr5wn8f2x51l4dj2zcjnhpiw9h05p54mdzb"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypton-x509")))
    (inputs (list ghc-memory
                  ghc-hourglass
                  ghc-pem
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-asn1-parse
                  ghc-crypton))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck ghc-x509))
    (arguments
     `(#:cabal-revision ("1"
                         "10a2x47znhbayyfr6fqgq27623akpycyjbfxz4hnavavf1x6ary5")
       ;; build phase fails when tests are activated.
       ;; See https://github.com/kazu-yamamoto/crypton-certificate/pull/7
       #:tests? #f))
    (home-page "https://github.com/kazu-yamamoto/crypton-certificate")
    (synopsis "X509 reader and writer")
    (description "This package provides generic X509 support for Haskell.")
    (license license:bsd-3)))

(define-public ghc-crypton-x509-store
  (package
    (name "ghc-crypton-x509-store")
    (version "1.6.9")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypton-x509-store" version))
       (sha256
        (base32 "0vr5b9cyf9x016wn1g0bryslf5nz8jq2sy8r3llwqfg02apihqiy"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypton-x509-store")))
    (inputs (list ghc-pem ghc-asn1-types ghc-asn1-encoding ghc-crypton
                  ghc-crypton-x509))
    (native-inputs (list ghc-tasty ghc-tasty-hunit))
    (home-page "https://github.com/kazu-yamamoto/crypton-certificate")
    (synopsis "X.509 collection accessing and storing methods")
    (description
     "This package provides methods for accessing and storing X.509
collections of certificates, certificate revocation lists, and exception
lists.")
    (license license:bsd-3)))

(define-public ghc-crypton-x509-system
  (package
    (name "ghc-crypton-x509-system")
    (version "1.6.7")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypton-x509-system" version))
       (sha256
        (base32 "1jilnr9715njlx1hqvg5lrsrwk12r04maypmh18di0sybwg2cdm4"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypton-x509-system")))
    (inputs (list ghc-pem ghc-crypton-x509 ghc-crypton-x509-store))
    (home-page "https://github.com/kazu-yamamoto/crypton-certificate")
    (synopsis "Handle per-operating-system X.509 accessors and storage")
    (description
     "This package provides tools for operating system dependent X.509 stores,
storage methods, and accessors.")
    (license license:bsd-3)))

(define-public ghc-crypton-x509-validation
  (package
    (name "ghc-crypton-x509-validation")
    (version "1.6.12")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "crypton-x509-validation" version))
       (sha256
        (base32 "1xjhwvmkcy47a6xiqxb3xy944ca7g660203jdrz5xzd46zibfq0f"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "crypton-x509-validation")))
    (inputs (list ghc-memory
                  ghc-hourglass
                  ghc-data-default-class
                  ghc-pem
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-crypton-x509
                  ghc-crypton-x509-store
                  ghc-crypton))
    (native-inputs (list ghc-tasty ghc-tasty-hunit))
    (home-page "https://github.com/kazu-yamamoto/crypton-certificate")
    (synopsis "X.509 Certificate and CRL validation")
    (description "This package provides Haskell tools for X.509 certificate
and @dfn{Certificates revocation list} (CRL) validation.")
    (license license:bsd-3)))

(define-public ghc-cprng-aes
  (package
    (name "ghc-cprng-aes")
    (version "0.6.1")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cprng-aes" version))
       (sha256
        (base32
         "1wr15kbmk1g3l8a75n0iwbzqg24ixv78slwzwb2q6rlcvq0jlnb4"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cprng-aes")))
    (inputs (list ghc-byteable ghc-crypto-random ghc-cipher-aes))
    (home-page "https://github.com/vincenthz/hs-cprng-aes")
    (synopsis "Crypto Pseudo Random Number Generator using AES in counter mode
in Haskell")
    (description "Simple crypto pseudo-random-number-generator with really
good randomness property.

Using ent, a randomness property maker on one 1Mb sample:

@itemize
@item Entropy = 7.999837 bits per byte.
@item Optimum compression would reduce the size of this 1048576 byte file by 0
percent.
@item Chi square distribution for 1048576 samples is 237.02.
@item Arithmbetic mean value of data bytes is 127.3422 (127.5 = random).
@item Monte Carlo value for Pi is 3.143589568 (error 0.06 percent).
@end itemize

Compared to urandom with the same sampling:

@itemize
@item Entropy = 7.999831 bits per byte.
@item Optimum compression would reduce the size of this 1048576 byte file by 0
percent.
@item Chi square distribution for 1048576 samples is 246.63.
@item Arithmetic mean value of data bytes is 127.6347 (127.5 = random).
@item Monte Carlo value for Pi is 3.132465868 (error 0.29 percent).
@end itemize")
    (license license:bsd-3)))

(define-public ghc-ed25519
  (package
    (name "ghc-ed25519")
    (version "0.0.5.0")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "ed25519" version))
       (sha256
        (base32
         "0v8msqvgzimhs7p5ri25hrb1ni2wvisl5rmdxy89fc59py79b9fq"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "ed25519")))
    (arguments
     `(#:cabal-revision
       ("6" "0qyx6cl52fnll8lp6v9133wfvv3zhvq7v2crn441mng520j9wp48")
       ;; We omit these test suites because they require old versions of
       ;; packages and packages we do not have.
       #:configure-flags
       '("--flags=-test-hlint -test-doctests -test-properties")))
    (home-page "http://thoughtpolice.github.com/hs-ed25519")
    (synopsis "Ed25519 cryptographic signatures")
    (description "This package provides a simple, fast, self-contained
copy of the Ed25519 public-key signature system with a clean interface.
It also includes support for detached signatures, and thorough
documentation on the design and implementation, including usage
guidelines.")
    (license license:expat)))

(define-public ghc-tls
  (package
    (name "ghc-tls")
    (version "1.5.8")
    (source (origin
              (method url-fetch)
              (uri (hackage-uri "tls" version))
              (sha256
               (base32
                "0rxdv8ab98kd4nqql7djmmi51k4vayq21s38s43sx3rzn0iyla3b"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "tls")))
    (inputs (list ghc-cereal
                  ghc-data-default-class
                  ghc-memory
                  ghc-cryptonite
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-x509
                  ghc-x509-store
                  ghc-x509-validation
                  ghc-async
                  ghc-hourglass
                  ghc-network))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck ghc-quickcheck))
    (home-page "http://github.com/vincenthz/hs-tls")
    (synopsis "TLS/SSL protocol native implementation (Server and Client)")
    (description
     "Native Haskell TLS and SSL protocol implementation for server and client.
This provides a high-level implementation of a sensitive security protocol,
eliminating a common set of security issues through the use of the advanced
type system, high level constructions and common Haskell features.  Currently
implement the SSL3.0, TLS1.0, TLS1.1 and TLS1.2 protocol, and support RSA and
Ephemeral (Elliptic curve and regular) Diffie Hellman key exchanges, and many
extensions.")
    (license license:bsd-3)))

(define-public ghc-tls-1.9
  (package
    (name "ghc-tls")
    (version "1.9.0")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "tls" version))
       (sha256
        (base32 "0gj3af9sqd0bw7dpcqfyvbslpxsk2ij00a77kl710fwhw35vj1an"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "tls")))
    (inputs (list ghc-cereal
                  ghc-data-default-class
                  ghc-memory
                  ghc-crypton
                  ghc-asn1-types
                  ghc-asn1-encoding
                  ghc-crypton-x509
                  ghc-crypton-x509-store
                  ghc-crypton-x509-validation
                  ghc-async
                  ghc-unix-time
                  ghc-network))
    (native-inputs (list ghc-tasty ghc-tasty-quickcheck ghc-quickcheck))
    (home-page "https://github.com/haskell-tls/hs-tls")
    (synopsis "TLS/SSL protocol native implementation (server and client)")
    (description
     "This package provides a native Haskell TLS and SSL protocol
implementation for server and client.  It provides a high-level implementation
of a sensitive security protocol, eliminating a common set of security issues
through the use of the advanced type system, high level constructions and
common Haskell features.  It currently implements the SSL3.0, TLS1.0, TLS1.1
and TLS1.2 protocol, and supports RSA and Ephemeral (Elliptic curve and
regular) Diffie Hellman key exchanges, and many extensions.")
    (license license:bsd-3)))

(define-public ghc-hsopenssl
  (package
    (name "ghc-hsopenssl")
    (version "0.11.7.5")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "HsOpenSSL" version))
       (sha256
        (base32 "0y0l5nb0jsc8lm12w66a2n7nwcrgjxy1q2xdy8a788695az5xy71"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "HsOpenSSL")))
    (inputs (list ghc-network openssl))
    (arguments
     `(#:extra-directories ("openssl")))
    (home-page "https://github.com/haskell-cryptography/HsOpenSSL")
    (synopsis "Partial OpenSSL binding for Haskell")
    (description
     "HsOpenSSL is an OpenSSL binding for Haskell.  It can
generate RSA and DSA keys, read and write PEM files, generate message
digests, sign and verify messages, encrypt and decrypt messages.  It has
also some capabilities of creating SSL clients and servers.  This
package is in production use by a number of Haskell based systems and
stable.  You may also be interested in the tls package,
@uref{http://hackage.haskell.org/package/tls}, which is a pure Haskell
implementation of SSL.")
    (license license:public-domain)))

(define-public ghc-hsopenssl-x509-system
  (package
  (name "ghc-hsopenssl-x509-system")
  (version "0.1.0.4")
  (source
   (origin
     (method url-fetch)
     (uri (hackage-uri "HsOpenSSL-x509-system" version))
     (sha256
      (base32 "15mp70bqg1lzp971bzp6wym3bwzvxb76hzbgckygbfa722xyymhr"))))
  (build-system haskell-build-system)
  (inputs
   (list ghc-hsopenssl))
  (properties '((upstream-name . "HsOpenSSL-x509-system")))
  (home-page "https://github.com/redneb/HsOpenSSL-x509-system")
  (synopsis "Use the system's native CA certificate store with HsOpenSSL")
  (description
   "This package provides a cross-platform library that tries to find
a (reasonable) CA certificate bundle that can be used with HsOpenSSL to verify
the certificates of remote peers.  It is for HsOpenSSL what x509-system is for
the tls package, and borrows some ideas from x509-system.")
  (license license:bsd-3)))

(define-public ghc-openssl-streams
  (package
    (name "ghc-openssl-streams")
    (version "1.2.3.0")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "openssl-streams" version))
       (sha256
        (base32
         "10pnnpzgb5xr811kc9qdk7h2cgn6hk2yiyhnzz8f8p0fjzc0pwjm"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "openssl-streams")))
    (inputs
     (list ghc-hsopenssl ghc-io-streams ghc-network))
    (native-inputs
     (list ghc-hunit ghc-test-framework ghc-test-framework-hunit))
    (arguments
     `(#:cabal-revision ("1"
                         "0vfawnfcjrw29qg1n7k6z6bk4bmnk869gjlr9mxw4mzxgl80b2vp")))
    (home-page "https://hackage.haskell.org/package/openssl-streams")
    (synopsis "OpenSSL network support for io-streams")
    (description "This library contains io-streams routines for secure
networking using OpenSSL (by way of HsOpenSSL).")
    (license license:bsd-3)))

(define-public ghc-cryptonite-conduit
  (package
    (name "ghc-cryptonite-conduit")
    (version "0.2.2")
    (source
     (origin
       (method url-fetch)
       (uri (hackage-uri "cryptonite-conduit" version))
       (sha256
        (base32
         "1bldcmda4xh52mw1wfrjljv8crhw3al7v7kv1j0vidvr7ymnjpbh"))))
    (build-system haskell-build-system)
    (properties '((upstream-name . "cryptonite-conduit")))
    (inputs
     (list ghc-conduit
           ghc-conduit-extra
           ghc-cryptonite
           ghc-exceptions
           ghc-memory
           ghc-resourcet))
    (native-inputs
     (list ghc-conduit-combinators ghc-tasty ghc-tasty-hunit
           ghc-tasty-quickcheck))
    (arguments
     `(#:cabal-revision
       ("1" "1hh2nzfz4qpxgivfilgk4ll416lph8b2fdkzpzrmqfjglivydfmz")))
    (home-page "https://github.com/haskell-crypto/cryptonite-conduit")
    (synopsis "Cryptonite bridge for conduit")
    (description "This package provides conduit interfaces for some of
cryptonite's implementations of cryptographic primitives.")
    (license license:bsd-3)))
generated by cgit
((pulseaudio (assoc-ref inputs "pulseaudio")) (pulse (string-append pulseaudio "/lib/libpulse.so.0")) (pulse-glib (string-append pulseaudio "/lib/libpulse-mainloop-glib.so.0"))) (with-directory-excursion "blueman/main" (substitute* "PulseAudioUtils.py" (("libpulse.so.0") pulse) (("libpulse-mainloop-glib.so.0") pulse-glib)))))) ;; Fix running of blueman programs. (add-after 'glib-or-gtk-wrap 'wrap-blueman-progs (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin/blueman-")) (libexec (string-append out "/libexec/blueman-")) (lib (string-append out "/lib/python" ,(version-major+minor (package-version python)) "/site-packages"))) (for-each (lambda (program) (wrap-program program `("GUIX_PYTHONPATH" = (,(getenv "GUIX_PYTHONPATH") ,lib)) `("GI_TYPELIB_PATH" = (,(getenv "GI_TYPELIB_PATH"))))) (append (map (lambda (prog) (string-append bin prog)) '("adapters" "applet" "manager" "sendto" "services" "tray")) (map (lambda (prog) (string-append libexec prog)) '("mechanism" "rfcomm-watcher")))))))))) (native-inputs (list python-cython `(,glib "bin") gobject-introspection `(,gtk+ "bin") intltool pkg-config)) (inputs (list bash-minimal bluez dbus (librsvg-for-system) glib gtk+ iproute iptables net-tools pango polkit ppp pulseaudio python-pycairo python-pygobject python-wrapper libappindicator network-manager)) (synopsis "GTK+ Bluetooth manager") (description "Blueman is a Bluetooth management utility using the Bluez D-Bus backend. It is designed to be easy to use for most common Bluetooth tasks.") (home-page "https://github.com/blueman-project/blueman") (license license:gpl3+))) (define-public nm-tray (package (name "nm-tray") (version "0.5.0") (home-page "https://github.com/palinek/nm-tray") (source (origin (method git-fetch) (uri (git-reference (url home-page) (commit version))) (sha256 (base32 "14i8sl0hrnyidlvqnxza0v4018f7p685ksn8419i2w7f9yqpvpiw")) (file-name (git-file-name name version)))) (build-system qt-build-system) (arguments (list #:tests? #f)) ;There are no tests upstream (inputs (list qtbase-5 networkmanager-qt5)) (native-inputs (list qttools-5 pkg-config)) (synopsis "NetworkManager front-end with information icon residing in system tray") (description "nm-tray is a network connection management tool (NetworkManager front-end) with an information icon residing in the system tray. Unlike nm-applet, which is part of GNOME, this application is desktop-unaware.") (license license:gpl2+))) ;; The gnu.org ‘home’ for this GNU project is a directory listing with 1.6.0 as ;; the latest version. The author's git repository, mentioned in the 1.6.0 ;; README and otherwise legit-looking, contains a proper 1.7.0 release tarball ;; with many OUI updates. Use it, even though it's also several years old now. (define-public macchanger (package (name "macchanger") (version "1.7.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/alobbs/macchanger/" "releases/download/" version "/" name "-" version ".tar.gz")) (sha256 (base32 "1gs5m0jxyprdp00w2qkbnaqm3ilkjz0q1gqdg4nzdm8g4xy73qns")))) (build-system gnu-build-system) (home-page "https://www.gnu.org/software/macchanger/") (synopsis "Viewing and manipulating MAC addresses of network interfaces") (description "GNU MAC Changer is a utility for viewing and changing MAC addresses of networking devices. New addresses may be set explicitly or randomly. They can include MAC addresses of the same or other hardware vendors or, more generally, MAC addresses of the same category of hardware.") (license license:gpl2+))) (define-public miredo (package (name "miredo") (version "1.2.6") (source (origin (method url-fetch) (uri (string-append "http://www.remlab.net/files/miredo/miredo-" version ".tar.xz")) (sha256 (base32 "0j9ilig570snbmj48230hf7ms8kvcwi2wblycqrmhh85lksd49ps")))) (build-system gnu-build-system) (arguments '(#:configure-flags (list "--localstatedir=/var") #:phases (modify-phases %standard-phases (add-after 'unpack 'do-not-create-/run (lambda _ (substitute* (find-files "src" "Makefile.*") (("^.+install_sh.+/run.+$") "\ttrue")) #t)) (add-after 'unpack 'patch-iproute2 (lambda* (#:key inputs #:allow-other-keys) (let* ((iproute (assoc-ref inputs "iproute")) (ip (string-append iproute "/sbin/ip"))) (substitute* "misc/client-hook.iproute" (("/sbin/ip") ip)) #t))) ;; The checkconf test in src/ requires network access. (add-before 'check 'disable-checkconf-test (lambda _ (substitute* "src/Makefile" (("^TESTS = .*") "TESTS = \n")) #t))))) (inputs `(("iproute" ,iproute))) (home-page "https://www.remlab.net/miredo/") (synopsis "Teredo IPv6 tunneling software") (description "Miredo is an implementation (client, relay, server) of the Teredo specification, which provides IPv6 Internet connectivity to IPv6 enabled hosts residing in IPv4-only networks, even when they are behind a NAT device.") (license license:gpl2+))) (define-public ndisc6 (package (name "ndisc6") (version "1.0.7") (source (origin (method url-fetch) (uri (string-append "https://www.remlab.net/files/ndisc6/ndisc6-" version ".tar.bz2")) (sha256 (base32 "02b6r4mwqj3kkia3nnqlr5nq8qqg1pg47lirb8d35mqh0pbk3i7d")))) (build-system gnu-build-system) (home-page "https://www.remlab.net/ndisc6/") (synopsis "IPv6 diagnostic tools") (description "NDisc6 is a collection of tools for IPv6 networking diagnostics. It includes the following programs: @itemize @item @command{ndisc6}: ICMPv6 Neighbor Discovery tool. @item @command{rdisc6}: ICMPv6 Router Discovery tool. @item @command{tcptraceroute6}: IPv6 traceroute over TCP. @item @command{traceroute6}: IPv6 traceroute over UDP. @item @command{rdnssd}: Recursive DNS Servers discovery daemon. @end itemize") ;; The user can choose version 2 or 3 of the GPL, not later versions. (license (list license:gpl2 license:gpl3)))) (define-public parprouted (package (name "parprouted") (version "0.7") (source (origin (method url-fetch) (uri (string-append "https://www.hazard.maks.net/parprouted/" "parprouted-" version ".tar.gz")) (sha256 (base32 "1z6yg28i0pv20jivyy82pxb38hsryj95inhj27bs6ja1bp4l6dnn")))) (build-system gnu-build-system) (arguments `(#:tests? #f ;no tests #:phases (modify-phases %standard-phases (add-after 'unpack 'insert-absolute-iproute-reference (lambda* (#:key inputs #:allow-other-keys) (let* ((iproute (assoc-ref inputs "iproute")) (ip (string-append iproute "/sbin/ip"))) (substitute* "parprouted.c" (("/sbin/ip") ip)) #t))) (replace 'configure (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (sbin (string-append out "/sbin")) (man8 (string-append out "/share/man/man8"))) ;; No configure script; hijack the phase to make ;; the necessary arrangements. (setenv "CC" ,(cc-for-target)) (for-each mkdir-p (list sbin man8)) (substitute* "Makefile" (("/usr/local/sbin") sbin) (("/usr/local/man/man8") man8)) #t)))))) (inputs `(("iproute" ,iproute))) (home-page "https://www.hazard.maks.net/parprouted/") (synopsis "Proxy ARP requests to other interfaces") (description "@command{parprouted} is a daemon for transparent IP (Layer@tie{}3) proxy ARP bridging. Unlike standard bridging, proxy ARP bridging can bridge Ethernet networks behind wireless nodes. Normal layer@tie{}2 bridging does not work between wireless nodes because wireless does not know about MAC addresses used in the wired Ethernet networks. This daemon can also be useful for making transparent firewalls.") (license license:gpl2))) (define-public pproxy (package (name "pproxy") (version "2.7.8") (source (origin (method url-fetch) (uri (pypi-uri "pproxy" version)) (sha256 (base32 "1j4nv72i77i2j5nl9ymzpk4m98qih3naihfrqjghrc9b7g0krdzs")))) (build-system python-build-system) (arguments (list #:phases #~(modify-phases %standard-phases (replace 'check (lambda* (#:key tests? #:allow-other-keys) (when tests? (with-directory-excursion "tests" (for-each (lambda (file) (invoke "python" file)) ;; XXX: The api_ tests require network access ;; so we only run the cipher tests for now. (find-files "." "^cipher_.*\\.py$"))))))))) (inputs (list python-asyncssh python-daemon python-pycryptodome python-uvloop)) (home-page "https://github.com/qwj/python-proxy") (synopsis "Multi-protocol network proxy") (description "@command{pproxy} is an asynchronuous proxy server implemented with Python 3 @code{asyncio}. Among the supported protocols are HTTP, SOCKS and SSH, and it can use both TCP and UDP as transport mechanisms.") (license license:expat))) (define-public socat (package (name "socat") (version "1.7.4.4") (source (origin (method url-fetch) (uri (string-append "http://www.dest-unreach.org/socat/download/socat-" version ".tar.bz2")) (sha256 (base32 "1b40ccdvxq5kaghsbwg4q3dq5aw4acw1bpqvs3v3ljp5y392pm7v")))) (build-system gnu-build-system) (arguments '(#:tests? #f)) ; no test suite (inputs (list openssl readline)) (home-page "http://www.dest-unreach.org/socat/") (synopsis "Open bidirectional communication channels from the command line") (description "socat is a relay for bidirectional data transfer between two independent data channels---files, pipes, devices, sockets, etc. It can create \"listening\" sockets, named pipes, and pseudo terminals. socat can be used, for instance, as TCP port forwarder, as a shell interface to UNIX sockets, IPv6 relay, for redirecting TCP oriented programs to a serial line, to logically connect serial lines on different computers, or to establish a relatively secure environment (su and chroot) for running client or server shell scripts with network connections.") (license license:gpl2))) (define-public mbuffer (package (name "mbuffer") (version "20230301") (source (origin (method url-fetch) (uri (string-append "http://www.maier-komor.de/software/mbuffer/mbuffer-" version ".tgz")) (sha256 (base32 "009d4m48yjidb91vdnrfv84nnd76n0i57g607llan3y0vq4n5xsk")))) (build-system gnu-build-system) (native-inputs (list which)) (inputs (list openssl)) (home-page "https://www.maier-komor.de/mbuffer.html") (synopsis "Swiss army knife for data stream buffering (network aware)") (description "mbuffer is a tool for buffering data streams with a large set of features: @itemize @item direct support for TCP based network targets (IPv4 and IPv6) @item ability to send to multiple targets in parallel (distribution mode) @item support for multiple volumes @item I/O rate limitation @item high/low watermark based restart criteria @item configurable buffer size @item on the fly MD5 hash calculation @item highly efficient, multi-threaded implementation @end itemize") (license license:gpl3+))) (define-public tcp-wrappers (package (name "tcp-wrappers") (version "7.6") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.porcupine.org/pub/security/tcp_wrappers_" version ".tar.gz")) (sha256 (base32 "0p9ilj4v96q32klavx0phw9va21fjp8vpk11nbh6v2ppxnnxfhwm")) (modules '((guix build utils))) (snippet ;; 'sys_errlist' & co. are gone in glibc 2.33; work around it. '(substitute* "percent_m.c" (("sys_errlist\\[errno\\]") "strerror (errno)") (("errno < sys_nerr") "(1)") (("errno >= sys_nerr") "(0)"))))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (delete 'configure) ; there is no configure script (delete 'check) ; there are no tests (replace 'build (lambda _ (chmod "." #o755) ;; Upstream doesn't generate a shared library. So we have to do it. (setenv "CC" "gcc -fno-builtin -fPIC") (substitute* "Makefile" (("^(all[^\n]*)" line) (string-append line " libwrap.so\n libwrap.so: $(LIB_OBJ)\n \tgcc -shared $^ -o $@\n"))) ;; Deal with some gcc breakage. (substitute* "percent_m.c" (("extern char .sys_errlist.*;") "")) (substitute* "scaffold.c" (("extern char .malloc.*;") "")) ;; This, believe it or not, is the recommended way to build! (invoke "make" "REAL_DAEMON_DIR=/etc" "linux"))) ;; There is no make install stage, so we have to do it ourselves. (replace 'install (lambda _ (let ((out (assoc-ref %outputs "out")) (man-pages `("hosts_access.3" "hosts_access.5" "hosts_options.5" "tcpd.8" "tcpdchk.8" "tcpdmatch.8")) (libs `("libwrap.a" "libwrap.so")) (headers `("tcpd.h")) (bins `("safe_finger" "tcpd" "tcpdchk" "tcpdmatch" "try-from"))) (for-each (lambda (x) (install-file x (string-append out "/include"))) headers) (for-each (lambda (x) (install-file x (string-append out "/share/man/man" (string-take-right x 1)))) man-pages) (for-each (lambda (x) (install-file x (string-append out "/lib/"))) libs) (for-each (lambda (x) (install-file x (string-append out "/bin/"))) bins)) #t))))) (home-page "http://www.porcupine.org") (synopsis "Monitor and filter incoming requests for network services") (description "With this package you can monitor and filter incoming requests for network services. It includes a library which may be used by daemons to transparently check connection attempts against an access control list.") (license (license:non-copyleft "file://DISCLAIMER" "See the file DISCLAIMER in the distribution.")))) (define-public zeromq (package (name "zeromq") (version "4.3.4") (source (origin (method url-fetch) (uri (string-append "https://github.com/zeromq/libzmq/releases" "/download/v" version "/zeromq-" version ".tar.gz")) (sha256 (base32 "1rf3jmi36ms8jh2g5cvi253h43l6xdfq0r7mvp95va7mi4d014y5")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--disable-static" "--enable-drafts"))) (home-page "https://zeromq.org") (synopsis "Library for message-based applications") (description "The 0MQ lightweight messaging kernel is a library which extends the standard socket interfaces with features traditionally provided by specialized messaging middle-ware products. 0MQ sockets provide an abstraction of asynchronous message queues, multiple messaging patterns, message filtering (subscriptions), seamless access to multiple transport protocols and more.") (license license:lgpl3+))) (define-public czmq (package (name "czmq") (version "4.2.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/zeromq/" name "/releases/download/v" version "/" name "-" version ".tar.gz")) (sha256 (base32 "0fdclvd7fcwixp0k57ccv7d159v3slasyhvndxfn8n1a9hh0lwjx")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--enable-drafts"))) (inputs (list zeromq)) (home-page "https://zeromq.org") (synopsis "High-level C bindings for ØMQ") (description "czmq provides bindings for the ØMQ core API that hides the differences between different versions of ØMQ.") (license license:mpl2.0))) (define-public cppzmq (package (name "cppzmq") (version "4.10.0") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/zeromq/cppzmq") (commit (string-append "v" version)))) (sha256 (base32 "1074316b2n2sbvamnnm8c0p9s0xw2m0g84i9pac02vqbaxbmldqx")) (file-name (git-file-name name version)))) (build-system cmake-build-system) (arguments `(#:tests? ,(not (%current-target-system)))) ; run unless cross-compiling (native-inputs (list pkg-config)) (inputs (list catch2 zeromq)) (home-page "https://zeromq.org") (synopsis "C++ bindings for the ØMQ messaging library") (description "This package provides header-only C++ bindings for ØMQ. The header files contain direct mappings of the abstractions provided by the ØMQ C API.") (license license:expat))) (define-public libnatpmp ;; Install the latest commit as it provides a pkg-config (.pc) file. (let ((base-version "20230423") (commit "6a850fd2bd9b08e6edc886382a1dbae2a7df55ec") (revision "0")) (package (name "libnatpmp") (version (git-version base-version revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/miniupnp/libnatpmp") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "18hf9a3i3mncl3w80nzi1684iac3by86bv0hgmbm1v2w8gbfjyw0")))) (build-system cmake-build-system) (arguments (list #:tests? #f ;no test suite #:configure-flags #~(list "-DBUILD_SHARED_LIBS=ON") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'patch-build-system ;; Have CMake install the natpmp_declspec.h missing header file ;; that is referenced by natpmp.h (see: ;; https://github.com/miniupnp/libnatpmp/issues/41). (lambda _ (substitute* "CMakeLists.txt" (("install\\(FILES natpmp.h") "install(FILES natpmp.h natpmp_declspec.h")))) (add-after 'unpack 'fix-version (lambda _ (with-output-to-file "VERSION" (lambda () (display #$base-version)))))))) (native-inputs (list which)) (home-page "https://miniupnp.tuxfamily.org/libnatpmp.html") (synopsis "C library implementing NAT-PMP") (description "@code{libnatpmp} is a portable and asynchronous implementation of the Network Address Translation - Port Mapping Protocol (NAT-PMP) written in the C programming language.") (license license:bsd-3)))) (define-public librdkafka (package (name "librdkafka") (version "1.4.2") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/edenhill/librdkafka") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "05mgrdzacn9kdpr68r5j0cvsvl54s52glnsc1ww9rcxx6p7hq1ly")))) (build-system gnu-build-system) (arguments '(#:phases (modify-phases %standard-phases (replace 'configure ;; its custom configure script doesn't understand 'CONFIG_SHELL'. (lambda* (#:key outputs #:allow-other-keys) (let ((out (assoc-ref outputs "out"))) ;; librdkafka++.so lacks RUNPATH for librdkafka.so (setenv "LDFLAGS" (string-append "-Wl,-rpath=" out "/lib")) (invoke "./configure" (string-append "--prefix=" out)))))))) (native-inputs `(("python" ,python-wrapper))) (propagated-inputs (list zlib)) ; in the Libs.private field of rdkafka.pc (home-page "https://github.com/edenhill/librdkafka") (synopsis "Apache Kafka C/C++ client library") (description "librdkafka is a C library implementation of the Apache Kafka protocol, containing both Producer and Consumer support.") (license license:bsd-2))) (define-public libndp (package (name "libndp") (version "1.8") (source (origin (method url-fetch) (uri (string-append "https://libndp.org/files/" "libndp-" version ".tar.gz")) (sha256 (base32 "0ay0n0d85254zdmv8znmn399gfiqpk6ga0jwdwa7ylpbw9pbdzw8")))) (build-system gnu-build-system) (native-inputs (if (%current-target-system) (list pkg-config libtool gettext-minimal autoconf automake) '())) (arguments (if (%current-target-system) (list #:phases #~(modify-phases %standard-phases ;; AC_FUNC_MALLOC and AC_FUNC_REALLOC usually unneeded ;; see https://lists.gnu.org/archive/html/autoconf/2003-02/msg00017.html (add-after 'unpack 'fix-rpl_malloc (lambda _ (substitute* "configure.ac" (("AC_FUNC_MALLOC") "")) ;; let bootstrap phase run. (delete-file "./configure"))))) '())) (home-page "https://libndp.org/") (synopsis "Library for Neighbor Discovery Protocol") (description "libndp contains a library which provides a wrapper for IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.") (license license:lgpl2.1+))) (define-public ethtool (package (name "ethtool") (version "6.2") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/software/network/" "ethtool/ethtool-" version ".tar.xz")) (sha256 (base32 "1qbhwp8d4nh0cnxd3hg0kr8lm5ikbkl07gvjpzv76kad0qa03pw6")))) (build-system gnu-build-system) (native-inputs (list pkg-config)) (inputs (list libmnl)) (home-page "https://www.kernel.org/pub/software/network/ethtool/") (synopsis "Display or change Ethernet device settings") (description "ethtool can be used to query and change settings such as speed, auto-negotiation and checksum offload on many network devices, especially Ethernet devices.") (license license:gpl2))) (define-public ifstatus (package (name "ifstatus") (version "2.0.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/ifstatus/ifstatus/" "ifstatus-v" version ".tar.gz")) (sha256 (base32 "0n622f2m3x901hcmad4ns52r2x75csy4nqraagzb8h9fn0j62jkv")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; no "check" target #:phases (modify-phases %standard-phases (delete 'configure) ; no configure script (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) (mkdir-p bin) (copy-file "ifstatus" (string-append bin "/ifstatus"))) #t))))) (inputs (list ncurses)) (home-page "https://ifstatus.sourceforge.net/graphic/index.html") (synopsis "Text based network interface status monitor") (description "IFStatus is a simple, easy-to-use program for displaying commonly needed/wanted real-time traffic statistics of multiple network interfaces, with a simple and efficient view on the command line. It is intended as a substitute for the PPPStatus and EthStatus projects.") (license license:gpl2+))) (define-public iputils (package (name "iputils") (version "20221126") (home-page "https://github.com/iputils/iputils") (source (origin (method git-fetch) (uri (git-reference (url home-page) (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "1qfdvr60mlwh5kr4p27wjknz1cvrwfi6iadh9ny45661v22i0njx")))) (build-system meson-build-system) (arguments (list #:phases #~(modify-phases %standard-phases (add-after 'unpack 'disable-ping-test (lambda _ ;; Disable ping test, as it requires root or raw socket capabilities. (substitute* "test/meson.build" (("if build_ping == true") "if false"))))))) (native-inputs (list docbook-xsl docbook-xml-5.0.1 gettext-minimal libxslt pkg-config)) (inputs (list libcap libidn2 openssl)) (synopsis "Collection of network utilities") (description "This package contains a variety of tools for dealing with network configuration, troubleshooting, or servers. Utilities included are: @table @command @item arping Ping hosts using @acronym{ARP, Address Resolution Protocol}. @item clockdiff Compute time difference between network hosts using ICMP TSTAMP messages. @item ninfod Daemon that responds to IPv6 Node Information Queries. @item ping Use ICMP ECHO messages to measure round-trip delays and packet loss across network paths. @item rarpd Answer RARP requests from clients. @item rdisc Populate network routing tables with information from the ICMP router discovery protocol. @item tftpd Trivial file transfer protocol server. @item tracepath Trace network path to an IPv4 or IPv6 address and discover MTU along the way. @end table") ;; The various utilities are covered by different licenses, see LICENSE ;; for details. (license (list license:gpl2+ ;arping, tracepath license:bsd-3 ;clockdiff, ping (license:non-copyleft "https://spdx.org/licenses/Rdisc.html" "Sun Microsystems license, see rdisc.c for details"))))) (define-public nload (package (name "nload") (version "0.7.4") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/nload/nload/" version "/nload-" version ".tar.gz")) (sha256 (base32 "1rb9skch2kgqzigf19x8bzk211jdfjfdkrcvaqyj89jy2pkm3h61")))) (build-system gnu-build-system) (inputs (list ncurses)) (home-page "http://www.roland-riegel.de/nload/") (synopsis "Realtime console network usage monitor") (description "Nload is a console application which monitors network traffic and bandwidth usage in real time. It visualizes the in- and outgoing traffic using two graphs, and provides additional info like total amount of transferred data and min/max network usage.") (license license:gpl2+))) (define-public iodine (package (name "iodine") (version "0.8.0") (source (origin (method url-fetch) (uri (string-append "https://code.kryo.se/iodine/" "iodine-" version ".tar.gz")) (sha256 (base32 "1ihlwxr5xi82gskcdl06qil9q67bcc80p18wm079gxqphv7r4vjl")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (delete 'configure) ; no configure script (add-before 'build 'fix-ifconfig-path ;; This package works only with the net-tools version of ifconfig. (lambda* (#:key inputs #:allow-other-keys) (substitute* "src/tun.c" (("PATH=[^ ]* ") (string-append (assoc-ref inputs "net-tools") "/bin/"))))) (add-before 'check 'delete-failing-tests ;; Avoid https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802105. (lambda _ (substitute* "tests/common.c" (("tcase_add_test\\(tc, \ test_parse_format_ipv(4(|_listen_all|_mapped_ipv6)|6)\\);") ""))))) #:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "prefix=" (assoc-ref %outputs "out"))) #:test-target "test")) (inputs (list net-tools zlib)) (native-inputs (list check pkg-config)) (home-page "https://code.kryo.se/iodine/") (synopsis "Tunnel IPv4 data through a DNS server") (description "Iodine tunnels IPv4 data through a DNS server. This can be useful in different situations where internet access is firewalled, but DNS queries are allowed. The bandwidth is asymmetrical, with limited upstream and up to 1 Mbit/s downstream.") ;; src/md5.[ch] is released under the zlib license (license (list license:isc license:zlib)))) (define-public whois (package (name "whois") (version "5.5.17") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/rfc1036/whois") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1mqgc8saz4l0hr4p8r9cgndwx3r9aal7ak9irgrrkxyjd65xpa9n")))) (build-system gnu-build-system) (arguments (list #:tests? #f ; no test suite #:make-flags #~(list (string-append "CC=" #$(cc-for-target)) (string-append "PKG_CONFIG=" #$(pkg-config-for-target)) (string-append "prefix=" #$output) "BASHCOMPDIR=$(prefix)/share/bash-completion/completions") #:phases #~(modify-phases %standard-phases (delete 'configure) ; no configure script (add-before 'build 'setenv (lambda _ (setenv "HAVE_ICONV" "1")))))) (inputs (list libidn2 libxcrypt)) (native-inputs (list gettext-minimal perl pkg-config)) (synopsis "Intelligent client for the WHOIS directory service") (description "whois searches for an object in a @dfn{WHOIS} (RFC 3912) database. It is commonly used to look up the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system. It can automatically select the appropriate server for most queries. For historical reasons, this package also includes @command{mkpasswd}, which encrypts passwords using @code{crypt(3)} and is unrelated to the Expect command of the same name.") (home-page "https://github.com/rfc1036/whois") (license license:gpl2+))) (define-public wireshark (package (name "wireshark") (version "4.2.5") (source (origin (method url-fetch) (uri (string-append "https://www.wireshark.org/download/src/wireshark-" version ".tar.xz")) (sha256 (base32 "07r6n7xjckx5scp3d6s61hc54v5p5k4kaqik8jn3m9x9hymr7rsm")))) (build-system qt-build-system) (arguments (list ;; This causes the plugins to register runpaths for the wireshark ;; libraries, which would otherwise cause the validate-runpath phase to ;; fail. #:qtbase qtbase #:configure-flags #~(list (string-append "-DCMAKE_MODULE_LINKER_FLAGS=-Wl,-rpath=" #$output "/lib")) #:phases #~(modify-phases %standard-phases (replace 'check (lambda* (#:key parallel-tests? tests? #:allow-other-keys) (when tests? (invoke "ctest" "-VV" "-j" (if parallel-tests? (number->string (parallel-job-count)) "1")))))))) (inputs (list c-ares glib gnutls brotli libcap libgcrypt libnl libpcap libssh libxml2 lz4 lua-5.2 mit-krb5 `(,nghttp2 "lib") minizip pcre2 qt5compat qtbase qtmultimedia qtsvg sbc snappy speexdsp zlib `(,zstd "lib"))) (native-inputs (list bison doxygen flex gettext-minimal perl pkg-config python-wrapper qttools)) (synopsis "Network traffic analyzer") (description "Wireshark is a network protocol analyzer, or @dfn{packet sniffer}, that lets you capture and interactively browse the contents of network frames.") (home-page "https://www.wireshark.org") (license license:gpl2+))) (define-public fping (package (name "fping") (version "5.2") (source (origin (method url-fetch) (uri (string-append "https://fping.org/dist/fping-" version ".tar.gz")) (sha256 (base32 "0bz4n0c4p5v8yh1fzvfvbbydpg4vy6krligpw5vbpc1zsw82ssd7")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--enable-ipv6"))) (home-page "https://fping.org/") (synopsis "Send ICMP ECHO_REQUEST packets to network hosts") (description "fping is a ping-like program which uses @acronym{ICMP, Internet Control Message Protocol} echo requests to determine if a target host is responding. @command{fping} differs from @command{ping} in that you can specify any number of targets on the command line, or specify a file containing the lists of targets to ping. Instead of sending to one target until it times out or replies, fping will send out a ping packet and move on to the next target in a round-robin fashion.") (license license:expat))) (define-public gandi.cli (package (name "gandi.cli") (version "1.6") (source (origin (method url-fetch) (uri (pypi-uri name version)) (sha256 (base32 "1h36jahbp7273wn3yd747kbiwjc0bm3sja67bcxdsd54ln0vyndg")))) (build-system python-build-system) (arguments `(#:phases (modify-phases %standard-phases (add-after 'unpack 'embed-store-file-names (lambda _ (substitute* (list "gandi/cli/modules/cert.py" "gandi/cli/tests/commands/test_certificate.py") (("openssl") (which "openssl"))) #t)) (add-after 'install 'install-documentation ;; The included man page may be outdated but we install it anyway, ;; since it's mentioned in 'gandi --help' and better than nothing. (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (man1 (string-append out "/share/man/man1"))) (mkdir-p man1) (with-output-to-file (string-append man1 "/gandi.1") (lambda _ (invoke "rst2man.py" "gandicli.man.rst"))) #t)))))) (native-inputs (list python-docutils ; for rst2man.py python-pytest python-pytest-cov python-tox)) (propagated-inputs (list openssh)) ; used by gandi/cli/modules/iass.py (inputs (list openssl python-click-7 python-ipy python-pyyaml python-requests)) (home-page "https://cli.gandi.net") (synopsis "Command-line interface to the Gandi.net Web API") (description "This package provides a command-line client (@command{gandi}) to buy, manage, and delete Internet resources from Gandi.net such as domain names, virtual machines, and certificates.") (license license:gpl3+))) (define-public go-github-com-vishvananda-netns (package (name "go-github-com-vishvananda-netns") (version "0.0.4") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/vishvananda/netns") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0rci8c211m57nya9il81fz6459pia3dj5i4b16fp34vjrkcxliml")))) (build-system go-build-system) (arguments (list #:import-path "github.com/vishvananda/netns" #:phases #~(modify-phases %standard-phases (add-after 'unpack 'disable-failing-tests (lambda* (#:key tests? unpack-path #:allow-other-keys) (with-directory-excursion (string-append "src/" unpack-path) (substitute* (find-files "." "\\_test.go$") ;; Disable tests requiring root access. (("TestGetNewSetDelete") "OffTestGetNewSetDelete") (("TestThreaded") "OffTestThreaded")))))))) (propagated-inputs (list go-golang-org-x-sys)) (home-page "https://github.com/vishvananda/netns") (synopsis "Simple network namespace handling for Go") (description "The netns package provides a simple interface for handling network namespaces in Go.") (license license:asl2.0))) (define-public go-sctp ;; docker-libnetwork-cmd-proxy requires this exact commit. ;; This commit is mentioned in docker-libnetwork-cmd-proxy's vendor.conf. (let ((commit "f2269e66cdee387bd321445d5d300893449805be") (revision "3")) (package (name "go-sctp") (version (git-version "0.0.0" revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/ishidawataru/sctp") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "04463rnn9y9psp11ac5di6wrwxlhymw5h9hfhhhnxqwla90ikp0g")))) (build-system go-build-system) (arguments `(#:tests? #f ; Test suite is flakey. #:import-path "github.com/ishidawataru/sctp")) (home-page "https://github.com/ishidawataru/sctp") (synopsis "SCTP library for the Go programming language") (description "This library provides methods for using the stream control transmission protocol (SCTP) in a Go application.") (license license:asl2.0)))) (define-public httping (package (name "httping") (version "2.9") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/folkertvanheusden/HTTPing") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1gbpirzih0zr93fm71scqjji9wwkfp64q8z36857blsngdfm6k38")))) (build-system gnu-build-system) (arguments (list #:make-flags #~(list (string-append "CC=" #$(cc-for-target)) (string-append "PREFIX=" #$output)) #:tests? #f)) ; no test suite (native-inputs (list gettext-minimal)) (inputs (list fftw ncurses openssl)) (home-page "https://www.vanheusden.com/httping/") (synopsis "Web server latency and throughput monitor") (description "httping measures how long it takes to connect to a web server, send an HTTP(S) request, and receive the reply headers. It is somewhat similar to @command{ping}, but can be used even in cases where ICMP traffic is blocked by firewalls or when you want to monitor the response time of the actual web application stack itself.") (license license:gpl2))) ; with permission to link with OpenSSL (define-public httpstat (package (name "httpstat") (version "1.3.1") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/reorx/httpstat") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "0cw8299a080m42slsimz31xs0gjnh833gpbj2dsr4hkcinrn4iyd")))) (build-system python-build-system) (inputs (list curl)) (arguments '(#:phases (modify-phases %standard-phases (add-before 'build 'fix-curl-path (lambda* (#:key inputs #:allow-other-keys) (substitute* "httpstat.py" (("ENV_CURL_BIN.get\\('curl'\\)") (string-append "ENV_CURL_BIN.get('" (assoc-ref inputs "curl") "/bin/curl')")) ;; "curl -w time_*" units seems to have ;; changed from seconds to nanoseconds. (("d\\[k\\] \\* 1000") "d[k] / 1000")) #t))))) (home-page "https://github.com/reorx/httpstat") (synopsis "Visualize curl statistics") (description "@command{httpstat} is a tool to visualize statistics from the @command{curl} HTTP client. It acts as a wrapper for @command{curl} and prints timing information for each step of the HTTP request (DNS lookup, TCP connection, TLS handshake and so on) in the terminal.") (license license:expat))) (define-public squid (package (name "squid") (version "6.10") (source (origin (method url-fetch) (uri (string-append "http://www.squid-cache.org/Versions/v6/squid-" version ".tar.xz")) (sha256 (base32 "19q86j2jd2vwv298ialnhqahl0qjxjdbigi5vmq4gw13wy3v21qb")))) (build-system gnu-build-system) (arguments '(#:configure-flags ;; disable -march=native in build for reproducibility; see ;; https://wiki.squid-cache.org/KnowledgeBase/IllegalInstructionError (list "--disable-arch-native" "--with-openssl") #:phases (modify-phases %standard-phases (add-before 'build 'fix-true-path (lambda* (#:key inputs #:allow-other-keys) (substitute* "test-suite/testheaders.sh" (("/bin/true") (search-input-file inputs "/bin/true")))))))) (inputs (list perl openldap linux-pam libcap libxcrypt cyrus-sasl expat libxml2 openssl)) (native-inputs (list cppunit pkg-config)) (synopsis "Web caching proxy") (description "Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages.") (home-page "http://www.squid-cache.org/") (license license:gpl2+))) (define-public bwm-ng (package (name "bwm-ng") (version "0.6.3") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/vgropp/bwm-ng") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1gpp2l3w479h1w5skjra5xy0gxd24kvmk6i4psbkafnv2399la4k")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (add-after 'unpack 'disable-premature-./configure (lambda _ (substitute* "autogen.sh" (("\\$srcdir/configure") "true")) #t))))) (native-inputs (list autoconf automake)) (inputs (list ncurses)) (synopsis "Console based live network and disk I/O bandwidth monitor") (description "Bandwidth Monitor NG is a small and simple console based live network and disk I/O bandwidth monitor.") (home-page "https://www.gropp.org/?id=projects&sub=bwm-ng") (license license:gpl2))) (define-public aircrack-ng (package (name "aircrack-ng") (version "1.7") (source (origin (method url-fetch) (uri (string-append "https://download.aircrack-ng.org/aircrack-ng-" version ".tar.gz")) (sha256 (base32 "1hsq1gwmafka4bahs6rc8p98yi542h9a502h64bjlygpr3ih99q5")))) (build-system gnu-build-system) (native-inputs (list autoconf automake libtool pkg-config which ;; For tests. expect)) (inputs (list `(,hwloc "lib") ; speed boost on SMP machines libgcrypt libnl libpcap ethtool pcre sqlite zlib)) (arguments `(#:configure-flags (list "CFLAGS=-fcommon" "--with-experimental=yes" ; build wesside-ng, etc. "--with-gcrypt") ; openssl's the default #:phases (modify-phases %standard-phases (add-before 'bootstrap 'patch-evalrev (lambda _ ;; Called by ./autogen.sh below, before the default ;; ‘patch-shebangs’ phase has had a chance to run. (substitute* "evalrev" (("/bin/sh") (which "sh"))))) (add-after 'build 'absolutize-tools (lambda* (#:key inputs #:allow-other-keys) (let ((ethtool (search-input-file inputs "/sbin/ethtool"))) (substitute* "scripts/airmon-ng" (("ethtool ") (string-append ethtool " "))))))))) (home-page "https://www.aircrack-ng.org") (synopsis "Assess WiFi network security") (description "Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: monitoring, attacking, testing, and cracking. All tools are command-line driven, which allows for heavy scripting.") (license (list license:gpl2+ license:bsd-3)))) (define-public pixiewps (package (name "pixiewps") (version "1.4.2") (source (origin (method url-fetch) (uri (string-append "https://github.com/wiire-a/pixiewps/releases/" "download/v" version "/" name "-" version ".tar.xz")) (sha256 (base32 "07nym6bqml0k9v29vnj003nrgnwrywgjvnljb7cdpsvnwilhbp64")))) (build-system gnu-build-system) (arguments `(#:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases (modify-phases %standard-phases (delete 'configure)) ; no configure script #:tests? #f)) ; there are no tests (home-page "https://github.com/wiire-a/pixiewps/") (synopsis "Offline brute-force tool for Wi-Fi Protected Setup") (description "Pixiewps implements the pixie-dust attack to brute force the Wi-Fi Protected Setup (WPS) PIN by exploiting the low or non-existing entropy of some access points.") (license license:gpl3+))) (define-public reaver (package (name "reaver") (version "1.6.6") (source (origin (method url-fetch) (uri (string-append "https://github.com/t6x/reaver-wps-fork-t6x/releases/" "download/v" version "/reaver-" version ".tar.xz")) (sha256 (base32 "00k7mc81ifv0wma7k4v18mj498badbw5yls6c28qin3d1gda0ag3")))) (build-system gnu-build-system) (arguments `(#:configure-flags ;; Save session files to current directory instead of /var. (list "--enable-savetocurrent" "--localstatedir=/tmp/dummy") ; prevent creating /var during install #:phases (modify-phases %standard-phases (add-before 'configure 'change-directory (lambda _ (chdir "src") #t)) (add-after 'install 'install-doc (lambda* (#:key outputs #:allow-other-keys) (chdir "../docs") (let* ((out (assoc-ref outputs "out")) (doc (string-append out "/share/doc/" ,name "-" ,version)) (man1 (string-append out "/share/man/man1"))) (for-each (lambda (file) (install-file file doc)) (find-files "." "README.*")) (install-file "reaver.1" man1) #t)))) #:tests? #f)) ; there are no tests (inputs (list libpcap)) (propagated-inputs (list aircrack-ng pixiewps)) (home-page "https://github.com/t6x/reaver-wps-fork-t6x/") (synopsis "Attack tool for Wi-Fi Protected Setup") (description "Reaver performs a brute force attack against an access point's Wi-Fi Protected Setup (WPS) PIN. Once the PIN is found, the WPA passphrase can be recovered and the AP's wireless settings can be reconfigured.") (license license:gpl2+))) (define-public perl-danga-socket (package (name "perl-danga-socket") (version "1.62") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/N/NM/NML/" "Danga-Socket-" version ".tar.gz")) (sha256 (base32 "0x4bvirmf0kphks19jwgva00zz73zx344218dfaiv8gigrw3yg4m")))) (build-system perl-build-system) (native-inputs (list perl-test-tcp)) (propagated-inputs (list perl-sys-syscall)) (home-page "https://metacpan.org/release/Danga-Socket") (synopsis "Event loop and event-driven async socket base class") (description "Danga::Socket is an abstract base class for objects backed by a socket which provides the basic framework for event-driven asynchronous IO, designed to be fast. Danga::Socket is both a base class for objects, and an event loop.") (license license:perl-license))) (define-public perl-data-validate-ip (package (name "perl-data-validate-ip") (version "0.30") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/D/DR/DROLSKY/Data-Validate-IP-" version ".tar.gz")) (sha256 (base32 "074adrlvkiahj1fdc9nvb95dpfyjzm2jzhi90m8xaw4bw5ipcbzy")))) (build-system perl-build-system) (native-inputs (list perl-test-requires)) (propagated-inputs (list perl-netaddr-ip)) (home-page "https://metacpan.org/release/Data-Validate-IP") (synopsis "IPv4 and IPv6 validation methods") (description "This module provides several IP address validation subroutines that both validate and untaint their input. This includes both basic validation (@code{is_ipv4()} and @code{is_ipv6()}) and special cases like checking whether an address belongs to a specific network or whether an address is public or private (reserved).") (license license:perl-license))) (define-public perl-net-dns (package (name "perl-net-dns") (version "1.31") (source (origin (method url-fetch) (uri (list (string-append "https://www.net-dns.org/download/Net-DNS-" version ".tar.gz") (string-append "mirror://cpan/authors/id/N/NL/NLNETLABS/Net-DNS-" version ".tar.gz"))) (sha256 (base32 "05f6rzvvmm6xd0p100k5y9kczdzqgala09ra8bccc18n6y74l0h0")))) (build-system perl-build-system) (inputs (list perl-digest-hmac)) (home-page "https://www.net-dns.org/") (synopsis "Perl Interface to the Domain Name System") (description "Net::DNS is the Perl Interface to the Domain Name System.") (license license:x11))) (define-public perl-net-bonjour (package (name "perl-net-bonjour") (version "0.96") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/C/CH/CHLIGE/Net-Bonjour-" version ".tar.gz")) (sha256 (base32 "15qzkfk0isn6c4js3ih95k3dylq6scijp863s0485c00n8x1z2n3")))) (build-system perl-build-system) (propagated-inputs (list perl-net-dns)) (home-page "https://metacpan.org/release/Net-Bonjour") (synopsis "Module for DNS service discovery (Apple's Bonjour)") (description "Net::Bonjour is a set of modules that allow one to discover local services via multicast DNS (mDNS) or enterprise services via traditional DNS. This method of service discovery has been branded as Bonjour by Apple Computer.") (license license:perl-license))) (define-public perl-socket6 (package (name "perl-socket6") (version "0.29") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/U/UM/UMEMOTO/Socket6-" version ".tar.gz")) (sha256 (base32 "054izici8klfxs8hr5rljib28plijpsfymy99xbzdp047bx1b2a6")))) (build-system perl-build-system) (arguments `(#:phases (modify-phases %standard-phases (replace 'configure (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (args `("Makefile.PL" ,(string-append "PREFIX=" out) "INSTALLDIRS=site"))) (setenv "CONFIG_SHELL" (which "sh")) (apply invoke "perl" args))))))) (home-page "https://metacpan.org/release/Socket6") (synopsis "IPv6 related part of the C socket.h defines and structure manipulators for Perl") (description "Socket6 binds the IPv6 related part of the C socket header definitions and structure manipulators for Perl.") (license license:bsd-3))) (define-public perl-net-dns-resolver-programmable (package (name "perl-net-dns-resolver-programmable") (version "0.003") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/J/JM/JMEHNLE/net-dns-resolver-programmable/" "Net-DNS-Resolver-Programmable-v" version ".tar.gz")) (sha256 (base32 "1v3nl2kaj4fs55n1617n53q8sa3mir06898vpy1rq98zjih24h4d")) (patches (search-patches "perl-net-dns-resolver-programmable-fix.patch")))) (build-system perl-build-system) (native-inputs (list perl-module-build)) (inputs (list perl-net-dns)) (home-page "https://metacpan.org/release/Net-DNS-Resolver-Programmable") (synopsis "Programmable DNS resolver class for offline emulation of DNS") (description "Net::DNS::Resolver::Programmable is a programmable DNS resolver for offline emulation of DNS.") (license license:perl-license))) (define-public perl-net-dns-resolver-mock (package (name "perl-net-dns-resolver-mock") (version "1.20171219") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/M/MB/MBRADSHAW/" "Net-DNS-Resolver-Mock-" version ".tar.gz")) (sha256 (base32 "0m3rxpkv1b9121srvbqkrgzg4m8mnydiydqv34in1i1ixwrl6jn9")))) (build-system perl-build-system) (inputs (list perl-net-dns)) (home-page "https://metacpan.org/release/Net-DNS-Resolver-Mock") (synopsis "Mock DNS Resolver object for testing") (description "Net::DNS::Resolver::Mock is a subclass of Net::DNS::Resolver, but returns static data from any provided DNS zone file instead of querying the network. It is intended primarily for use in testing.") (license license:perl-license))) (define-public perl-netaddr-ip (package (name "perl-netaddr-ip") (version "4.079") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/M/MI/MIKER/NetAddr-IP-" version ".tar.gz")) (sha256 (base32 "1rx0dinrz9fk9qcg4rwqq5n1dm3xv2arymixpclcv2q2nzgq4npc")))) (build-system perl-build-system) (arguments `(#:phases (modify-phases %standard-phases (replace 'configure (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (args `("Makefile.PL" ,(string-append "PREFIX=" out) "INSTALLDIRS=site"))) (setenv "CONFIG_SHELL" (which "sh")) (apply invoke "perl" args))))))) (home-page "https://metacpan.org/release/NetAddr-IP") (synopsis "Manages IPv4 and IPv6 addresses and subnets") (description "NetAddr::IP manages IPv4 and IPv6 addresses and subsets.") (license license:perl-license))) (define-public perl-net-patricia (package (name "perl-net-patricia") (version "1.22") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/G/GR/GRUBER/Net-Patricia-" version ".tar.gz")) (sha256 (base32 "0ln5f57vc8388kyh9vhx2infrdzfhbpgyby74h1qsnhwds95m0vh")))) (build-system perl-build-system) (arguments '(#:phases (modify-phases %standard-phases (add-after 'unpack 'dont-link-with-nsl ; Borrowed from Debian. (lambda _ (substitute* "Makefile.PL" (("-lnsl") "")) #t))))) (inputs (list perl-net-cidr-lite perl-socket6)) (home-page "https://metacpan.org/release/Net-Patricia") (synopsis "Patricia Trie Perl module for fast IP address lookups") (description "Net::Patricia does IP address lookups quickly in Perl.") ;; The bindings are licensed under GPL2 or later. ;; libpatricia is licensed under 2-clause BSD. (license (list license:gpl2+ license:bsd-2)))) (define-public perl-net-cidr-lite (package (name "perl-net-cidr-lite") (version "0.22") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/S/ST/STIGTSP/Net-CIDR-Lite-" version ".tar.gz")) (sha256 (base32 "05w57db2lx4djb4vixzdr6qgrzyzkk047nl812g7nq8s6k5xh5s3")))) (build-system perl-build-system) (home-page "https://metacpan.org/release/Net-CIDR-Lite") (synopsis "Perl extension for merging IPv4 or IPv6 CIDR addresses") (description "Net::CIDR::Lite merges IPv4 or IPv6 CIDR addresses.") (license license:gpl1+))) (define-public perl-io-socket-inet6 (package (name "perl-io-socket-inet6") (version "2.72") (source (origin (method url-fetch) (uri (string-append "mirror://cpan/authors/id/S/SH/SHLOMIF/IO-Socket-INET6-" version ".tar.gz")) (sha256 (base32 "1fqypz6qa5rw2d5y2zq7f49frwra0aln13nhq5gi514j2zx21q45")))) (build-system perl-build-system) (native-inputs (list perl-module-build perl-test-pod perl-test-pod-coverage)) (propagated-inputs (list perl-socket6)) (arguments `(;; Need network socket API #:tests? #f)) (home-page "https://metacpan.org/release/IO-Socket-INET6") (synopsis "Perl object interface for AF_INET/AF_INET6 domain sockets") (description "IO::Socket::INET6 is an interface for AF_INET/AF_INET6 domain sockets in Perl.") (license license:perl-license))) (define-public libproxy (package (name "libproxy") (version "0.4.17") (source (origin (method url-fetch) (uri (string-append "https://github.com/libproxy/libproxy/" "releases/download/" version "/libproxy-" version ".tar.xz")) (sha256 (base32 "01cbgz6lc3v59sldqk96l1281kp2qxnsa2qwlf2ikvjlyr1gi2dw")))) (build-system cmake-build-system) (native-inputs (list pkg-config)) (inputs (list dbus zlib)) (arguments '(#:phases (modify-phases %standard-phases (replace 'check (lambda* (#:key tests? #:allow-other-keys) (when tests? (invoke "ctest" "-E" "url-test"))))))) (synopsis "Library providing automatic proxy configuration management") (description "Libproxy handles the details of HTTP/HTTPS proxy configuration for applications across all scenarios. Applications using libproxy only have to specify which proxy to use.") (home-page "https://libproxy.github.io/libproxy") (license license:lgpl2.1+))) (define-public proxychains-ng (package (name "proxychains-ng") (version "4.16") (source (origin (method url-fetch) (uri (string-append "http://ftp.barfooze.de/pub/sabotage/tarballs/" "proxychains-ng-" version ".tar.xz")) (sha256 (base32 "04k80jbv1wcr7ccsa0qyly33syw275kvkvzyihwwqmsqk4yria9p")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; there are no tests #:phases (modify-phases %standard-phases (add-after 'unpack 'fix-configure-script (lambda _ ;; The configure script is very intolerant to unknown arguments, ;; such as "CONFIG_SHELL". (substitute* "configure" (("\\*\\) break ;;" line) (string-append "[A-Z]*) shift ;;\n" line))))) (add-before 'configure 'set-up-environment (lambda _ (setenv "CC" ,(cc-for-target))))))) (synopsis "Redirect any TCP connection through a proxy or proxy chain") (description "Proxychains-ng is a preloader which hooks calls to sockets in dynamically linked programs and redirects them through one or more SOCKS or HTTP proxies.") (home-page "https://github.com/rofl0r/proxychains-ng") (license license:gpl2+))) (define-public enet (package (name "enet") (version "1.3.17") (source (origin (method url-fetch) (uri (string-append "http://enet.bespin.org/download/" "enet-" version ".tar.gz")) (sha256 (base32 "1p6f9mby86af6cs7pv6h48032ip9g32c05cb7d9mimam8lchz3x3")))) (build-system gnu-build-system) (native-inputs (list pkg-config)) (synopsis "Network communication layer on top of UDP") (description "ENet's purpose is to provide a relatively thin, simple and robust network communication layer on top of UDP. The primary feature it provides is optional reliable, in-order delivery of packets. ENet omits certain higher level networking features such as authentication, server discovery, encryption, or other similar tasks that are particularly application specific so that the library remains flexible, portable, and easily embeddable.") (home-page "http://enet.bespin.org") (license license:expat))) (define-public enet-moonlight (let ((commit "4cde9cc3dcc5c30775a80da1de87f39f98672a31") (revision "1")) (package (inherit enet) (name "enet") (version (git-version "1.3.17" revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/cgutman/enet") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "07sr32jy989ja23fwg8bvrq2slgm7bhfw6v3xq7yczbw86c1dndv")))) (build-system cmake-build-system) (arguments (list #:tests? #f ;no test suite #:phases #~(modify-phases %standard-phases (add-after 'unpack 'build-share-lib (lambda* _ ;; -DBUILD_SHARED_LIBS=ON not working (substitute* "CMakeLists.txt" (("STATIC") "SHARED")))) (replace 'install (lambda* (#:key outputs source #:allow-other-keys) (let* ((include (string-append #$output "/include")) (lib (string-append #$output "/lib"))) (mkdir-p include) (mkdir-p lib) (copy-recursively (string-append source "/include") include) (install-file "libenet.so" lib))))))) (native-inputs (list pkg-config))))) (define-public sslh (package (name "sslh") (version "1.21c") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/yrutschle/sslh") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "19h32dn0076p3s7dn35qi5yp2xvnxw9sqphppmn72vyb8caxvw1z")))) (build-system gnu-build-system) (native-inputs (list ;; Test dependencies. lcov perl perl-conf-libconfig perl-io-socket-inet6 perl-socket6 psmisc)) ; for ‘killall’ (inputs (list libcap libconfig pcre tcp-wrappers)) (arguments `(#:phases (modify-phases %standard-phases (delete 'configure) ; no configure script (add-before 'check 'fix-tests (lambda _ (substitute* "./t" (("\"/tmp") "$ENV{\"TMPDIR\"} . \"") ;; The Guix build environment lacks ‘ip6-localhost’. (("ip6-localhost") "localhost")) #t)) ;; Many of these files are mentioned in the man page. Install them. (add-after 'install 'install-documentation (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (doc (string-append out "/share/doc/sslh"))) (install-file "README.md" doc) (for-each (lambda (file) (install-file file (string-append doc "/examples"))) (append (find-files "." "\\.cfg") (find-files "scripts")))) #t))) #:make-flags (list ,(string-append "CC=" (cc-for-target)) "USELIBCAP=1" "USELIBWRAP=1" (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:test-target "test")) (home-page "https://www.rutschle.net/tech/sslh/README.html") (synopsis "Applicative network protocol demultiplexer") (description "sslh is a network protocol demultiplexer. It acts like a switchboard, accepting connections from clients on one port and forwarding them to different servers based on the contents of the first received data packet. Detection of common protocols like HTTP(S), SSL, SSH, OpenVPN, tinc, and XMPP is already implemented, but any other protocol that matches a regular expression can be added. sslh's name comes from its original application of serving both SSH and HTTPS on port 443, allowing SSH connections from inside corporate firewalls that block port 22.") (license (list license:bsd-2 ; tls.[ch] license:gpl2+)))) ; everything else (define-public iperf (package (name "iperf") (version "3.17.1") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/esnet/iperf") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "14pspy3348114r7rm2gj8h4qjhq8r8q7khrfqg8ln4vi1p9dq2x5")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list "--disable-static"))) (synopsis "TCP, UDP and SCTP bandwidth measurement tool") (description "iPerf is a tool to measure achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP, SCTP with IPv4 and IPv6). For each test it reports the bandwidth, loss, and other parameters.") (home-page "https://software.es.net/iperf/") (license (list license:bsd-3 ; Main distribution. license:ncsa ; src/{units,iperf_locale,tcp_window_size}.c license:expat ; src/{cjson,net}.[ch] license:public-domain)))) ; src/portable_endian.h (define-public nethogs (package (name "nethogs") (version "0.8.7") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/raboof/nethogs") (commit (string-append "v" version)))) (hash (content-hash (base32 "10shdwvfj90lp2fxz9260342a1c2n1jbw058qy5pyq5kh3xwr9b8") sha256)) (file-name (git-file-name name version)))) (build-system gnu-build-system) (inputs (list libpcap ncurses)) (arguments `(#:make-flags `(,,(string-append "CC=" (cc-for-target)) ,(string-append "PREFIX=" %output) ,(string-append "VERSION=" ,version)) #:phases (modify-phases %standard-phases (delete 'configure)))) ; no ./configure script. (home-page "https://github.com/raboof/nethogs") (synopsis "Per-process bandwidth monitor") (description "NetHogs is a small 'net top' tool for Linux. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth.") (license license:gpl2+))) (define-public nzbget (package (name "nzbget") (version "21.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/nzbget/nzbget/releases" "/download/v" version "/nzbget-" version "-src.tar.gz")) (sha256 (base32 "09900x1k0yf4yi2cc0k093advvadyhrkm8rnd8nszhhdp2zc33sf")))) (arguments `(#:configure-flags (list (string-append "--with-libcurses-includes=" (assoc-ref %build-inputs "ncurses") "/include") (string-append "--with-libcurses-libraries=" (assoc-ref %build-inputs "ncurses") "/lib") (string-append "--with-tlslib=GnuTLS")))) (build-system gnu-build-system) (inputs (list gnutls libxml2 ncurses zlib)) (native-inputs (list pkg-config)) (home-page "https://github.com/nzbget/nzbget") (synopsis "Usenet binary file downloader") (description "NZBGet is a binary newsgrabber, which downloads files from Usenet based on information given in @code{nzb} files. NZBGet can be used in standalone and in server/client modes. In standalone mode, you pass NZBGet @command{nzb} files as command-line parameters and it downloads them and exits. NZBGet also contains a Web interface. Its server can be controlled through remote procedure calls (RPCs).") (license license:gpl2+))) (define-public openvswitch (package (name "openvswitch") (version "3.2.0") (source (origin (method url-fetch) (uri (string-append "https://www.openvswitch.org/releases/openvswitch-" version ".tar.gz")) (sha256 (base32 "1i0lb40lwbakmmqklmfcgr01l1ymsawgdi7k9a1zzp8ariw7x4ff")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--enable-shared" "--disable-static" ; XXX still installs libopenvswitchavx512.a "--localstatedir=/var" "--with-dbdir=/var/lib/openvswitch") ;; Tests fail in different ways, on different x86_64-linux hardware: ;; 25. bfd.at:268: 25. bfd - bfd decay (bfd.at:268): FAILED (bfd.at:397) ;; 1040. dpif-netdev - meters (dpif-netdev.at:269): FAILED (dpif-netdev.at:376) #:tests? #f #:phases (modify-phases %standard-phases (add-after 'unpack 'use-absolute-/bin/sh (lambda* (#:key inputs #:allow-other-keys) (let ((/bin/sh (search-input-file inputs "bin/sh"))) (substitute* "ovsdb/ovsdb-server.c" (("/bin/sh") /bin/sh))))) (add-before 'check 'adjust-tests (lambda* (#:key inputs #:allow-other-keys) (let ((/bin/sh (search-input-file inputs "bin/sh"))) (with-fluids ((%default-port-encoding "ISO-8859-1")) (substitute* (find-files "tests" ".*(run|testsuite)$") (("#! /bin/sh") (string-append "#! " /bin/sh)) ;; grep 3.8 emits a warning for 'egrep' which breaks ;; expected output; adjust accordingly. (("egrep") "grep -E") ;; The tests use 'kill -0' to check whether a test has ;; completed, but it does not work in the build container ;; because zombies are not reaped automatically (PID 1 is ;; the builder script). Change to something that handles ;; undead processes. (("kill -0") "kill-0"))) (mkdir "/tmp/bin") (call-with-output-file "/tmp/bin/kill-0" (lambda (port) (format port "#!~a ps --no-header -p $1 -o state= | grep -qv '^Z$'" /bin/sh))) (chmod "/tmp/bin/kill-0" #o755) (setenv "PATH" (string-append "/tmp/bin:" (getenv "PATH")))))) (replace 'install (lambda _ (invoke "make" ;; Don't try to create directories under /var. "RUNDIR=/tmp" "PKIDIR=/tmp" "LOGDIR=/tmp" "DBDIR=/tmp" "install")))))) (native-inputs (list perl pkg-config python-wrapper ;; For testing. bash ;for 'compgen' procps util-linux)) (inputs (list bash-minimal libcap-ng openssl)) (synopsis "Virtual network switch") (home-page "https://www.openvswitch.org/") (description "Open vSwitch is a multilayer virtual switch. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag).") (properties '((release-monitoring-url . "https://www.openvswitch.org/download/"))) (license ; see debian/copyright for detail (list license:lgpl2.1 ; xenserver and utilities/bugtool license:gpl2 ; datapath license:bsd-2 license:bsd-3 license:asl2.0)))) ; all other (define-public python-ipy (package (name "python-ipy") (version "1.01") (source (origin (method url-fetch) (uri (pypi-uri "IPy" version)) (sha256 (base32 "06nclwafzsbi8ls019ry1xnfhgwc5103g8lgav54mmd2vr0sgv7d")))) (build-system python-build-system) (home-page "https://github.com/autocracy/python-ipy/") (synopsis "Python class and tools for handling IP addresses and networks") (description "The @code{IP} class allows a comfortable parsing and handling for most notations in use for IPv4 and IPv6 addresses and networks.") (license license:bsd-3))) (define-public speedtest-cli (package (name "speedtest-cli") (version "2.1.3") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/sivel/speedtest-cli") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "10fazl4kwf41mk7pnwpfms16n0ii0kg9pf8r3mz9xwnl9y04mv9x")))) (build-system python-build-system) (home-page "https://github.com/sivel/speedtest-cli") (synopsis "Internet bandwidth tester") (description "Command line interface for testing internet bandwidth using speedtest.net.") (license license:asl2.0))) (define-public atftp (package (name "atftp") (version "0.8.0") (source (origin (method git-fetch) (uri (git-reference (url "https://git.code.sf.net/p/atftp/code") (commit (string-append "v" version)))) (sha256 (base32 "019qrh2wpvr577ksvs3s82q6kiqm5i6869aj7qba326b59lhkxrc")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments (list #:phases #~(modify-phases %standard-phases (add-after 'unpack 'autoreconf (lambda _ (invoke "autoreconf" "-vif")))))) (native-inputs (list autoconf automake perl pkg-config)) (inputs (list pcre2 procps readline tcp-wrappers)) (home-page "https://sourceforge.net/projects/atftp/") (synopsis "Advanced TFTP server and client") (description "This package provides a multi-threaded TFTP server that implements all options, including all extensions, as specified in RFC 1350, RFC 2090, RFC 2347, RFC 2348, RFC 2349 and RFC7440. Atftpd also supports a multicast protocol known as mtftp, which was defined in the PXE specification. The server is socket activated by default but supports being started from @command{inetd} as well as in daemon mode.") (license license:gpl2+))) (define-public tftp-hpa (package (name "tftp-hpa") (version "5.2") (source (origin (method url-fetch) (uri (string-append "mirror://kernel.org/software/" "network/tftp/tftp-hpa/tftp-hpa-" version ".tar.xz")) (sha256 (base32 "12vidchglhyc20znq5wdsbhi9mqg90jnl7qr9qs8hbvaz4fkdvmg")))) (build-system gnu-build-system) (arguments (list #:tests? #f ; no test target #:configure-flags #~(list "CFLAGS=-fcommon"))) ; XXX fix 5.2 build with GCC 10 (synopsis "HPA's tftp client") (description "This is a tftp client derived from OpenBSD tftp with some extra options added and bugs fixed. The source includes readline support but it is not enabled due to license conflicts between the BSD advertising clause and the GPL.") (home-page "https://git.kernel.org/cgit/network/tftp/tftp-hpa.git/about/") ;; Some source files are distributed under a 3-clause BSD license, and ;; others under a 4-clause BSD license. Refer to the files in the source ;; distribution for clarification. (license (list license:bsd-3 license:bsd-4)))) (define-public spiped (package (name "spiped") (version "1.6.2") (source (origin (method url-fetch) (uri (string-append "https://www.tarsnap.com/spiped/spiped-" version ".tgz")) (sha256 (base32 "0rs5403bp48wyy2x0f3hk0f75ds1qn03sgyli2c7y7fi29ynim05")))) (build-system gnu-build-system) (arguments (list #:test-target "test" #:make-flags #~(list (string-append "CC=" #$(cc-for-target)) (string-append "BINDIR=" #$output "/bin") (string-append "MAN1DIR=" #$output "/share/man/man1")) #:phases #~(modify-phases %standard-phases (add-after 'unpack 'patch-command-invocations (lambda _ (substitute* '("Makefile" "libcperciva/cpusupport/Build/cpusupport.sh" "libcperciva/POSIX/posix-cflags.sh" "libcperciva/POSIX/posix-l.sh") (("command -p") "")))) (delete 'configure) ; no ./configure script (add-after 'install 'install-more-docs (lambda _ (install-file "DESIGN.md" (string-append #$output "/share/doc/spiped"))))))) (native-inputs (list procps)) ; `ps` is used by the test suite (inputs (list openssl)) (home-page "https://www.tarsnap.com/spiped.html") (synopsis "Create secure pipes between sockets") (description "Spiped (pronounced \"ess-pipe-dee\") is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses, so that one may connect to one address (e.g., a UNIX socket on localhost) and transparently have a connection established to another address (e.g., a UNIX socket on a different system). This is similar to 'ssh -L' functionality, but does not use SSH and requires a pre-shared symmetric key.") (license license:bsd-2))) (define-public quagga (package (name "quagga") (version "1.2.4") (source (origin (method url-fetch) ;; Use archived sources; see <http://issues.guix.gnu.org/47123>. (uri (string-append "https://fossies.org/linux/misc/" "quagga-" version ".tar.gz")) (sha256 (base32 "1lsksqxij5f1llqn86pkygrf5672kvrqn1kvxghi169hqf1c0r73")) (patches (search-patches "quagga-reproducible-build.patch")) (snippet #~(begin (delete-file "lib/memtypes.h") (delete-file "lib/route_types.h") (delete-file "lib/version.h") (delete-file "vtysh/extract.pl"))))) (build-system gnu-build-system) (native-inputs (list gawk gcc-9 pkg-config perl dejagnu)) (inputs (list readline c-ares)) (synopsis "Routing Software Suite") (description "Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms. The Quagga architecture consists of a core daemon, @command{zebra}, which acts as an abstraction layer to the underlying Unix kernel and presents the Zserv API over a Unix or TCP stream to Quagga clients. It is these Zserv clients which typically implement a routing protocol and communicate routing updates to the zebra daemon.") (home-page "https://www.nongnu.org/quagga/") (license license:gpl2+))) (define-public bgpq3 (package (name "bgpq3") (version "0.1.36.1") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/snar/bgpq3") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0768hihx7idmn2dk8ii21m0dm052amlnfpqq53vsfaapb60n1smc")))) (build-system gnu-build-system) (arguments '(#:tests? #f)) ; no test suite (native-inputs (list python-markdown)) (home-page "http://snar.spb.ru/prog/bgpq3/") (synopsis "Generate BGP filters from the @acronym{IRR, Internet Routing Registry}") (description "This program helps automate the creation and maintenance of @acronym{BGP, Border Gateway Protocol} routing filters used for peering trough Internet exchanges. It generates prefix lists, (extended) access lists, policy-statement terms, and AS paths from data in the @acronym{IRR, Internet Routing Registry}, including the @acronym{RADB, Routing Assets Database} operated by the Merit Network at the University of Michigan. The filters can be aggregated and exported in the most common formats.") (license (list license:bsd-3 ; strlcpy.c, sys_queue.h license:bsd-2)))) ; everything else, but missing headers (define-public thc-ipv6 (package (name "thc-ipv6") (version "3.8") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/vanhauser-thc/thc-ipv6") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "07kwika1zdq62s5p5z94xznm77dxjxdg8k0hrg7wygz50151nzmx")) (modules '((guix build utils))) (snippet '(begin (substitute* '("Makefile") (("-march=native") "")))))) (build-system gnu-build-system) (arguments (list #:tests? #f ; No test suite. #:make-flags #~(list (string-append "CC=" #$(cc-for-target)) (string-append "PREFIX=" #$output)) #:phases #~(modify-phases %standard-phases (add-after 'unpack 'patch-makefile (lambda _ (substitute* "Makefile" ;; For reproducible builds (("date --iso-8601") "date --iso-8601 --utc --date=@$(SOURCE_DATE_EPOCH)") (("/bin/echo") "echo")))) (delete 'configure) ; No ./configure script. (add-after 'install 'install-more-docs (lambda _ (let ((doc (string-append #$output "/share/thc-ipv6/doc"))) (install-file "README" doc) (install-file "HOWTO-INJECT" doc))))))) (inputs (list libnetfilter-queue libnfnetlink libpcap openssl perl)) (properties '((tunable? . #t))) (home-page "https://github.com/vanhauser-thc/thc-ipv6") (synopsis "IPv6 security research toolkit") (description "The THC IPv6 Toolkit provides command-line tools and a library for researching IPv6 implementations and deployments. It requires Linux 2.6 or newer and only works on Ethernet network interfaces.") ;; AGPL 3 with exception for linking with OpenSSL. See the 'LICENSE' file in ;; the source distribution for more information. (license license:agpl3))) (define-public bmon (package (name "bmon") (version "4.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/tgraf/bmon/releases/download/v" version "/bmon-" version ".tar.gz")) (sha256 (base32 "0ylzriv4pwh76344abzl1w219x188gshbycbna35gsyfp09c7z82")))) (build-system gnu-build-system) (inputs (list libconfuse libnl ncurses)) (native-inputs (list pkg-config)) (synopsis "Bandwidth monitor") (description "bmon is a monitoring and debugging tool to capture networking-related statistics and prepare them visually in a human-friendly way. It features various output methods including an interactive curses user interface and a programmable text output for scripting.") (home-page "https://github.com/tgraf/bmon") ;; README.md mentions both the 2-clause BSD and expat licenses, but all ;; the source files only have expat license headers. Upstream has been ;; contacted for clarification: https://github.com/tgraf/bmon/issues/59 ;; Update the license field when upstream responds. (license (list license:bsd-2 license:expat)))) (define-public libnet (package (name "libnet") (version "1.2") (source (origin (method url-fetch) (uri (string-append "https://github.com/libnet/libnet/releases/download" "/v" version "/libnet-" version ".tar.gz")) (sha256 (base32 "19ys9vxk6fg70yzzdxsphfr0rwzgxxhr9b3ykhpg7rfray0qd96a")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (add-after 'unpack 'fix-manpage-date (lambda _ ;; Replace current date with specific date to build reproducibly (substitute* "doc/fixmanpages.in" (("pod2man -d .* -n") "pod2man -d \"1970-01-01\" -n")))) (add-before 'build 'build-doc (lambda* (#:key make-flags #:allow-other-keys) (apply invoke "make" "-C" "doc" "doc" make-flags)))))) (native-inputs (list ;; To build the documentation, Doxygen and Perl is required. doxygen perl)) (home-page "https://github.com/libnet/libnet") (synopsis "Framework for low-level network packet construction") (description "Libnet provides a fairly portable framework for network packet construction and injection. It features portable packet creation interfaces at the IP layer and link layer, as well as a host of supplementary functionality. Using libnet, quick and simple packet assembly applications can be whipped up with little effort.") (license license:bsd-2))) (define-public mtr (package (name "mtr") (version "0.95") (source (origin (method url-fetch) (uri (string-append "ftp://ftp.bitwizard.nl/mtr/" "mtr-" version ".tar.gz")) (sha256 (base32 "0haanralbvd12pvkyihgkmx9ld74dnzm1s7mzparfandl416ibff")))) (build-system gnu-build-system) (native-inputs (list pkg-config)) (inputs (list jansson libcap ncurses)) (arguments `(#:tests? #f)) ; tests require network access (home-page "https://www.bitwizard.nl/mtr/") (synopsis "Network diagnostic tool") (description "@acronym{mtr, My TraceRoute} combines the functionality of the @command{traceroute} and @command{ping} programs in a single network diagnostic tool. @command{mtr} can use several network protocols to detect intermediate routers (or @dfn{hops}) between the local host and a user-specified destination. It then continually measures the response time and packet loss at each hop, and displays the results in real time.") (license license:gpl2+))) (define-public amule (package (name "amule") (version "2.3.3") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/amule-project/amule") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "1nm4vxgmisn1b6l3drmz0q04x067j2i8lw5rnf0acaapwlp8qwvi")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (delete 'bootstrap) ; bootstrap phase runs too early. (add-after 'patch-source-shebangs 'autogen (lambda _ (invoke "sh" "autogen.sh") #t))) #:configure-flags '("--disable-rpath" "--enable-wxcas" "--enable-cas" "--enable-alc" "--enable-alcc" "--enable-xas" "--enable-amulecmd" "--enable-geoip" "--enable-ccache" "--enable-nls" "--enable-optimize" "--enable-amule-gui" "--enable-amule-daemon" "--enable-webserver" "--with-denoise-level=0"))) (native-inputs (list autoconf automake gettext-minimal perl)) (inputs (list zlib crypto++ libpng wxwidgets-gtk2)) (home-page "https://amule.org/") (synopsis "Peer-to-peer client for the eD2K and Kademlia networks") (description "aMule is an eMule-like client for the eD2k and Kademlia peer-to-peer file sharing networks. It includes a graphical user interface (GUI), a daemon allowing you to run a client with no graphical interface, and a Web GUI for remote access. The @command{amulecmd} command allows you to control aMule remotely.") (license license:gpl2+))) (define-public zyre (package (name "zyre") (version "2.0.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/zeromq/zyre/releases/download/v" version "/" name "-" version ".tar.gz")) (sha256 (base32 "13596507ma1474cjqzxym5jlvcshvw7sjhw80rdz788gyz6kz90b")))) (build-system gnu-build-system) (inputs (list zeromq czmq libsodium)) (synopsis "Framework for proximity-based peer-to-peer applications") (description "Zyre provides reliable group messaging over local area networks using zeromq. It has these key characteristics: @itemize @item Zyre needs no administration or configuration. @item Peers may join and leave the network at any time. @item Peers talk to each other without any central brokers or servers. @item Peers can talk directly to each other. @item Peers can join groups, and then talk to groups. @item Zyre is reliable, and loses no messages even when the network is heavily loaded. @item Zyre is fast and has low latency, requiring no consensus protocols. @item Zyre is designed for WiFi networks, yet also works well on Ethernet networks. @end itemize") (home-page "https://github.com/zeromq/zyre") (license license:mpl2.0))) (define-public libsocketcan (package (name "libsocketcan") (version "0.0.12") (source (origin (method git-fetch) (uri (git-reference (url "https://git.pengutronix.de/cgit/tools/libsocketcan") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0nrav2yqxgb7jwnhrwirnxs9ycqqh90sqgv5a8lns837jf385jvq")))) (build-system gnu-build-system) (arguments (list #:phases #~(modify-phases %standard-phases ;; Upstream already puts (more) files in share/doc/libsocketcan. (delete 'install-license-files)))) (native-inputs (list autoconf automake libtool)) (home-page "https://git.pengutronix.de/cgit/tools/libsocketcan") (synopsis "SocketCAN user-space library") (description "This library allows controlling basic functions in SocketCAN from user-space. It requires a kernel built with SocketCAN support.") (license license:lgpl2.1+))) (define-public can-utils (package (name "can-utils") (version "2020.02.04") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/linux-can/can-utils") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1a3j1mmnb7pvgc8r7zzp6sdp7903in2hna6bmpraxln7cwlzn4l6")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; No tests exist. #:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases (modify-phases %standard-phases (delete 'bootstrap) (delete 'configure)))) (home-page "https://github.com/linux-can/can-utils") (synopsis "CAN utilities") (description "This package provides CAN utilities in the following areas: @itemize @item Basic tools to display, record, generate and replay CAN traffic @item CAN access via IP sockets @item CAN in-kernel gateway configuration @item CAN bus measurement and testing @item ISO-TP (ISO15765-2:2016 - this means messages with a body larger than eight bytes) tools @item Log file converters @item Serial Line Discipline configuration for slcan driver @end itemize") ;; Either BSD-3 or GPL-2 can be used. (license (list license:bsd-3 license:gpl2)))) (define-public asio (package (name "asio") (version "1.28.0") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/asio/asio/" version " (Stable)/asio-" version ".tar.bz2")) (sha256 (base32 "0cp2c4v0kz0ln4bays0s3fr1mcxl527ay2lp7s14qbxx38vc5pfh")))) (build-system gnu-build-system) (inputs (list boost openssl)) (arguments `(#:configure-flags (list (string-append "--with-boost=" (assoc-ref %build-inputs "boost")) (string-append "--with-openssl=" (assoc-ref %build-inputs "openssl"))))) (home-page "https://think-async.com/Asio") (synopsis "C++ library for ASynchronous network I/O") (description "Asio is a cross-platform C++ library for network and low-level I/O programming that provides developers with a consistent asynchronous model using a modern C++ approach.") (license license:boost1.0))) (define-public shadowsocks (package (name "shadowsocks") (version "2.9.1") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/shadowsocks/shadowsocks") (commit version))) (sha256 (base32 "02mp5905nz02d7amb4zc77rcrkxmvy8mf5rci7mvy58g24lvbw25")) (file-name (git-file-name name version)))) (inputs (list openssl)) (arguments '(#:phases (modify-phases %standard-phases (add-after 'unpack 'patch-crypto-paths (lambda* (#:key inputs #:allow-other-keys) (substitute* "shadowsocks/shell.py" (("config\\.get\\('libopenssl', None\\)") (format #f "config.get('libopenssl', ~s)" (string-append (assoc-ref inputs "openssl") "/lib/libssl.so"))))))))) (build-system python-build-system) (home-page "https://github.com/shadowsocks/shadowsocks") (synopsis "Fast tunnel proxy that helps you bypass firewalls") (description "This package is a fast tunnel proxy that helps you bypass firewalls. Features: @itemize @item TCP & UDP support @item User management API @item TCP Fast Open @item Workers and graceful restart @item Destination IP blacklist @end itemize") (license license:asl2.0))) (define-public net-snmp (package (name "net-snmp") (version "5.9.4") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/net-snmp/net-snmp/" version "/net-snmp-" version ".tar.gz")) (sha256 (base32 "0i05bds30jazb2wq0hn3mh1zmmnnl9hkkd5y2iq3qkp7j49y0kcb")) (modules '((guix build utils))) (snippet '(begin ;; Drop bundled libraries. (delete-file-recursively "snmplib/openssl"))))) (build-system gnu-build-system) (arguments `(#:test-target "test" ;; XXX: With parallel build enabled, Perl modules may not get linked with ;; libnetsnmp. See e.g. <https://bugzilla.novell.com/show_bug.cgi?id=819497>. #:parallel-build? #f #:configure-flags (list (string-append "LDFLAGS=-Wl,-rpath=" (assoc-ref %outputs "out") "/lib") "--disable-static" "--with-logfile=/var/log/snmpd.log" (string-append "--with-openssl=" (assoc-ref %build-inputs "openssl"))) #:phases (modify-phases %standard-phases (add-after 'unpack 'patch-tests (lambda* (#:key inputs #:allow-other-keys) (substitute* "testing/fulltests/support/simple_TESTCONF.sh" (("NETSTAT=\"\"") (string-append "NETSTAT=\"" (which "netstat") "\""))) (substitute* '("testing/fulltests/default/T065agentextend_simple" "testing/fulltests/default/T115agentxperl_simple") (("/usr/bin/env") (which "env"))) (substitute* "testing/fulltests/default/T065agentextend_sh_simple" (("/bin/sh") (which "sh"))) ;; These tests require network access. (for-each delete-file '("testing/fulltests/default/T070com2sec_simple" "testing/fulltests/default/T071com2sec6_simple")))) (add-after 'unpack 'patch-Makefile.PL (lambda* (#:key outputs #:allow-other-keys) (substitute* "Makefile.in" (("Makefile.PL -NET") (string-append "Makefile.PL PREFIX=" (assoc-ref outputs "out") " INSTALLDIRS=site" " NO_PERLLOCAL=1" " -NET")))))))) (inputs (list libnl ncurses ; for the ‘apps’ openssl perl)) (native-inputs (list pkg-config ;; For tests only. net-tools coreutils grep)) (home-page "http://www.net-snmp.org/") (synopsis "Simple Network Management Protocol library and tools") (description "The @dfn{Simple Network Management Protocol} (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (e.g. routers), computer equipment and even devices like UPSs. Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.") ;; This only affects OpenBSD ;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8100 (properties `((lint-hidden-cve . ("CVE-2015-8100")))) (license (list license:bsd-3 (license:non-copyleft "http://www.net-snmp.org/about/license.html" "CMU/UCD copyright notice"))))) (define-public ubridge (package (name "ubridge") (version "0.9.18") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/GNS3/ubridge") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0jg66jhhpv4c9340fsdp64hf9h253i8r81fknxa0gq241ripp3jn")))) (build-system gnu-build-system) (arguments `(#:tests? #f ; no tests #:make-flags (list ,(string-append "CC=" (cc-for-target))) #:phases (modify-phases %standard-phases (delete 'configure) ; no configure script (add-before 'install 'set-bindir (lambda* (#:key inputs outputs #:allow-other-keys) (let ((bin (string-append (assoc-ref outputs "out") "/bin"))) (mkdir-p bin) (substitute* "Makefile" (("\\$\\(BINDIR\\)") bin) (("\tsetcap cap_net.*$") ""))) #t))))) (inputs (list libpcap)) (home-page "https://github.com/GNS3/ubridge/") (synopsis "Bridge for UDP tunnels, Ethernet, TAP and VMnet interfaces") (description "uBridge is a simple program to create user-land bridges between various technologies. Currently, bridging between UDP tunnels, Ethernet and TAP interfaces is supported. Packet capture is also supported.") (license license:gpl3+))) (define-public hcxtools (package (name "hcxtools") (version "6.2.7") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/ZerBea/hcxtools") (commit version))) (sha256 (base32 "0460dxbc04w60l3g06rk007yyb6qprgyii59y2zdki0vy7q63m8b")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (native-inputs (list pkg-config)) (inputs (list curl libpcap openssl zlib)) (arguments (list #:make-flags #~(list (string-append "CC=" #$(cc-for-target)) "LDFLAGS+=-lcrypto" "LDFLAGS+=-lcurl" "LDFLAGS+=-lz" (string-append "PREFIX=" #$output)) #:tests? #f ;no test suite #:phases #~(modify-phases %standard-phases (delete 'configure)))) (home-page "https://github.com/ZerBea/hcxtools") (synopsis "Capture wlan traffic to hashcat and John the Ripper") (description "This package contains a small set of tools to capture and convert packets from wireless devices for use with hashcat or John the Ripper.") (license license:expat))) (define-public hcxdumptool (package (name "hcxdumptool") (version "6.0.6") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/ZerBea/hcxdumptool") (commit version))) (sha256 (base32 "1b4d543y64ib92w9gcmiyjn5hz2vyjqmxk3f3yr1zk04fhw16gmf")) (file-name (git-file-name name version)))) (build-system gnu-build-system) (arguments `(#:make-flags (list ,(string-append "CC=" (cc-for-target)) (string-append "INSTALLDIR=" (assoc-ref %outputs "out") "/bin")) #:tests? #f ; no test suite #:phases (modify-phases %standard-phases (delete 'configure)))) (inputs (list openssl)) (home-page "https://github.com/ZerBea/hcxdumptool") (synopsis "Small tool to capture packets from wlan devices") (description "Small tool to capture packets from WLAN devices. After capturing, upload the \"uncleaned\" cap to @url{https://wpa-sec.stanev.org/?submit} to see if the access point or the client is vulnerable to a dictionary attack. Convert the cap file to hccapx format and/or to WPA-PMKID-PBKDF2 hashline (16800) with @command{hcxpcaptool} from the @code{hcxtools} package and check if the WLAN key or the master key was transmitted unencrypted.") (license license:expat))) (define-public dante (package (name "dante") (version "1.4.3") (source (origin (method url-fetch) (uri (string-append "https://www.inet.no/dante/files/dante-" version ".tar.gz")) (sha256 (base32 "0pbahkj43rx7rmv2x40mf5p3g3x9d6i2sz7pzglarf54w5ghd2j1")) (patches (search-patches "dante-non-darwin.patch")))) (build-system gnu-build-system) (arguments '(#:configure-flags '("--with-libc=libc.so.6"))) (inputs (list libxcrypt)) (home-page "https://www.inet.no/dante/") (synopsis "SOCKS server and client") (description "Dante is a SOCKS client and server implementation. It can be installed on a machine with access to an external TCP/IP network and will allow all other machines, without direct access to that network, to be relayed through the machine the Dante server is running on. The external network will never see any machines other than the one Dante is running on.") (license (license:non-copyleft "file://LICENSE")))) (define-public restbed (package (name "restbed") (version "4.8") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/Corvusoft/restbed/") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "15j09x36i6zj6innl0w1mfzlc56qmjwrs82my8dsagqa2ikd08ya")))) (build-system cmake-build-system) (inputs (list asio catch-framework openssl)) (arguments `(#:configure-flags '("-DBUILD_SSL=NO") #:phases (modify-phases %standard-phases (add-after 'unpack 'apply-patches-and-fix-paths (lambda* (#:key inputs #:allow-other-keys) (let ((asio (assoc-ref inputs "asio")) (catch (assoc-ref inputs "catch")) (openssl (assoc-ref inputs "openssl"))) (substitute* "cmake/Findasio.cmake" (("(find_path\\( asio_INCLUDE asio\\.hpp HINTS ).*$" all begin) (string-append begin " \"" asio "/include\" )"))) (substitute* "cmake/Findcatch.cmake" (("(find_path\\( catch_INCLUDE catch\\.hpp HINTS ).*$" all begin) (string-append begin " \"" catch "/include\" )"))) (substitute* "cmake/Findopenssl.cmake" (("(find_library\\( ssl_LIBRARY ssl ssleay32 HINTS ).*$" all begin) (string-append begin " \"" openssl "/lib\" )")) (("(find_library\\( crypto_LIBRARY crypto libeay32 HINTS ).*$" all begin) (string-append begin " \"" openssl "/lib\" )")) (("(find_path\\( ssl_INCLUDE openssl/ssl\\.h HINTS ).*$" all begin) (string-append begin " \"" openssl "/include\" )"))))))))) (synopsis "Asynchronous RESTful functionality to C++11 applications") (description "Restbed is a comprehensive and consistent programming model for building applications that require seamless and secure communication over HTTP.") (home-page "https://github.com/Corvusoft/restbed") (license license:agpl3+))) (define-public restinio (package (name "restinio") (version "0.7.2") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/Stiffstream/restinio") (commit (string-append "v." version)))) (file-name (git-file-name name version)) (sha256 (base32 "03ajv1d034z6sjf2xapy8zq1mq2xkz5dqvn51vz2p26ws5axbzrn")))) (build-system cmake-build-system) (arguments (list #:configure-flags #~(list "-DRESTINIO_INSTALL=ON" "-DRESTINIO_TEST=ON" "-DRESTINIO_DEP_LLHTTP=system" "-DRESTINIO_DEP_FMT=system" "-DRESTINIO_DEP_EXPECTED_LITE=system" "-DRESTINIO_DEP_CATCH2=find" "-DRESTINIO_DEP_SOBJECTIZER=find") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'change-directory (lambda _ (chdir "dev")))))) (native-inputs (list catch2-3 expected-lite json-dto)) (inputs (list openssl sobjectizer)) (propagated-inputs ;; These are all #include'd by restinio's .hpp header files. (list asio fmt llhttp pcre pcre2 zlib)) (home-page "https://stiffstream.com/en/products/restinio.html") (synopsis "C++14 library that gives you an embedded HTTP/Websocket server") (description "RESTinio is a header-only C++14 library that gives you an embedded HTTP/Websocket server. It is based on standalone version of ASIO and targeted primarily for asynchronous processing of HTTP-requests.") (license license:bsd-3))) (define-public restinio-0.6 (package (inherit restinio) (name "restinio") (version "0.6.19") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/Stiffstream/restinio") (commit (string-append "v." version)))) (file-name (git-file-name name version)) (sha256 (base32 "1qrb1qr075r5059w984c4slgpsiwv94j6fmi9naa5l48dbi1p7jz")))) (arguments (list #:configure-flags #~(list "-DRESTINIO_FIND_DEPS=ON" "-DRESTINIO_INSTALL=ON" "-DRESTINIO_TEST=ON" "-DRESTINIO_USE_EXTERNAL_HTTP_PARSER=ON" "-DRESTINIO_USE_EXTERNAL_SOBJECTIZER=ON") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'change-directory (lambda _ (chdir "dev")))))) (native-inputs (list catch2 clara json-dto)) ;; These are all #include'd by restinio's .hpp header files. (propagated-inputs (modify-inputs (package-propagated-inputs restinio) (replace "llhttp" http-parser))))) (define-public opendht ;; Temporarily use the latest commit, as the latest release lacks a 'detach' ;; procedure used by a recent DhtNet, required by Jami. (let ((commit "318d02c55a7061a771a632ff2224b0d195a80d42") (revision "0")) (package (name "opendht") (version (git-version "3.1.11" revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/savoirfairelinux/opendht") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "0d4m9bxvwa1pz8r0sfrjjyml4yp5v7n4vy8ad7k4hcryyvd5npb0")))) (outputs '("out" "python" "tools" "debug")) (build-system gnu-build-system) (arguments (list #:imported-modules `((guix build python-build-system) ;for site-packages ,@%default-gnu-imported-modules) #:modules '(((guix build python-build-system) #:prefix python:) (guix build gnu-build-system) (guix build utils)) #:configure-flags #~(list "--disable-static" ;to reduce size "--enable-tests" "--enable-proxy-server" "--enable-push-notifications" "--enable-proxy-server-identity" "--enable-proxy-client") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'disable-problematic-tests (lambda _ ;; The dhtrunnertester test suite includes 'testListen', which ;; is sensitive to the performance/load of the machine it runs ;; on, introducing nondeterminism (see: ;; https://github.com/savoirfairelinux/opendht/issues/626). (substitute* "tests/Makefile.am" (("\\bdhtrunnertester\\.(h|cpp)\\b") "")))) (add-after 'unpack 'relax-test-timeouts (lambda _ ;; At least the 'test_send_json' has been seen to fail ;; non-deterministically, but it seems hard to reproducible that ;; failure. (substitute* "tests/httptester.cpp" (("std::chrono::seconds\\(10)") "std::chrono::seconds(30)")))) (add-after 'unpack 'fix-python-installation-prefix ;; Specify the installation prefix for the compiled Python module ;; that would otherwise attempt to installs itself to Python's own ;; site-packages directory. (lambda _ (substitute* "python/Makefile.am" (("--root=\\$\\(DESTDIR)/") (string-append "--root=/ --single-version-externally-managed " "--prefix=" #$output:python))))) (add-after 'unpack 'specify-runpath-for-python-module (lambda _ (substitute* "python/setup.py.in" (("extra_link_args=\\[(.*)\\]" _ args) (string-append "extra_link_args=[" args ", '-Wl,-rpath=" #$output "/lib']"))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (when tests? (invoke "tests/opendht_unit_tests")))) (add-before 'bootstrap 'delete-autogen.sh (lambda _ ;; The autogen.sh script lacks a shebang, cannot be executed ;; directly. Let the bootstrap phase invoke autoreconf itself. (delete-file "autogen.sh"))) (add-after 'install 'move-and-wrap-tools (lambda* (#:key inputs outputs #:allow-other-keys) (let* ((tools (assoc-ref outputs "tools")) (dhtcluster (string-append tools "/bin/dhtcluster")) (site-packages (python:site-packages inputs outputs))) (mkdir tools) (rename-file (string-append #$output "/bin") (string-append tools "/bin")) ;; TODO: Contribute a patch to python/Makefile.am to ;; automate this. (copy-file "python/tools/dhtcluster.py" dhtcluster) (chmod dhtcluster #o555) (wrap-program dhtcluster `("GUIX_PYTHONPATH" prefix (,site-packages))))))))) (inputs (list bash-minimal fmt readline)) (propagated-inputs (list msgpack-cxx ;included in several installed headers restinio-0.6 ;included in opendht/http.h ;; The following are listed in the 'Requires.private' field of ;; opendht.pc: argon2 gnutls jsoncpp nettle openssl ;required for the DHT proxy python)) (native-inputs (list autoconf automake pkg-config python python-cython libtool cppunit)) (home-page "https://github.com/savoirfairelinux/opendht/") (synopsis "Lightweight Distributed Hash Table (DHT) library") (description "OpenDHT provides an easy to use distributed in-memory data store. Every node in the network can read and write values to the store. Values are distributed over the network, with redundancy. It includes the following features: @itemize @item Lightweight and scalable, designed for large networks and small devices; @item High resilience to network disruption; @item Public key cryptography layer providing optional data signature and encryption (using GnuTLS); @item IPv4 and IPv6 support; @item Clean and powerful C++14 map API; @item Bindings for C, Rust & Python 3; @item REST API with an optional HTTP client and server with push notification support. @end itemize The following tools are also included: @table @command @item dhtnode A command line tool to run a DHT node and perform operations supported by the library (get, put, etc.) with text values. @item dhtchat A very simple IM client working over the DHT. @end table") (license license:gpl3+)))) (define-public dhtnet ;; There is no tag nor release; use the latest available commit. (let ((revision "3") (commit "77331098ff663a5ac54fae7d0bedafe076c575a1")) (package (name "dhtnet") ;; The base version is taken from the CMakeLists.txt file (see: ;; https://review.jami.net/plugins/gitiles/dhtnet/+/master/CMakeLists.txt#3). (version (git-version "0.0.1" revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/savoirfairelinux/dhtnet") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "1ch736misnlv2aqalj3n62gnz5xlhmip9xfv1aimp0aqinfc94p7")))) (outputs (list "out" "debug")) (build-system cmake-build-system) (arguments (list #:configure-flags #~(list "-DBUILD_DEPENDENCIES=OFF" "-DBUILD_SHARED_LIBS=ON" "-DBUILD_TESTING=ON") #:phases #~(modify-phases %standard-phases (add-after 'unpack 'delete-problematic-tests (lambda _ (substitute* "CMakeLists.txt" ;; The connectionaMnager, the ICE and turnCache tests fail ;; inside the containerized build environment, due to ;; relying on a name resolver (see: ;; https://git.jami.net/savoirfairelinux/dhtnet/-/issues/25). ((".*tests_connectionManager.*") "") ((".*tests_ice.*") "") ((".*tests_turnCache.*") "") ;; The peerDiscovery test fails for unknown reasons, on an ;; assertion that checks the value of 'isBobRecvChanlReq'. ((".*tests_peerDiscovery.*") ""))))))) (native-inputs (list cppunit pkg-config)) ;; This library depends on the Jami fork of pjproject that adds ICE ;; support. (inputs (list asio fmt msgpack-cxx opendht libupnp pjproject-jami readline yaml-cpp)) (home-page "https://github.com/savoirfairelinux/dhtnet/") (synopsis "OpenDHT network library for C++") (description "The @code{dhtnet} is a C++ library providing abstractions for interacting with an OpenDHT distributed network.") (license license:gpl3+)))) (define-public frrouting (package (name "frrouting") (version "7.5.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/FRRouting/frr/releases/" "download/frr-" version "/frr-" version ".tar.xz")) (sha256 (base32 "1r7gh5h27ii7d1d0z0x48wx7hs8vvympv3gqvy3cwzg05q5vk9xs")))) (build-system gnu-build-system) (inputs (list c-ares json-c libcap libxcrypt libyang readline)) (native-inputs (list perl pkg-config python-wrapper python-pytest)) (home-page "https://frrouting.org/") (synopsis "IP routing protocol suite") (description "FRRouting (FRR) is an IP routing protocol suite which includes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP.") (license license:gpl2+))) (define-public bird (package (name "bird") (version "2.15.1") (source (origin (method url-fetch) (uri (string-append "ftp://bird.network.cz/pub/bird/bird-" version ".tar.gz")) (sha256 (base32 "0pf7fp78jrblhbcd1zrp07ywjp59m38pm9rf2dn7ar715mi5rs28")))) (inputs (list libssh readline)) (native-inputs (list bison flex)) (arguments `(#:configure-flags '("--localstatedir=/var" "--enable-ipv6") #:phases (modify-phases %standard-phases (add-before 'configure 'dont-create-sysconfdir (lambda* (#:key outputs #:allow-other-keys) (substitute* "Makefile.in" ((" \\$\\(DESTDIR)/\\$\\(runstatedir)") ""))))))) (build-system gnu-build-system) (home-page "https://bird.network.cz") (synopsis "Internet Routing Daemon") (description "BIRD is an Internet routing daemon with full support for all the major routing protocols. It allows redistribution between protocols with a powerful route filtering syntax and an easy-to-use configuration interface.") (license license:gpl2+))) (define-public iwd (package (name "iwd") (version "2.12") (source (origin (method git-fetch) (uri (git-reference (url "https://git.kernel.org/pub/scm/network/wireless/iwd.git") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "199pcs20054xhp5c0dnxf9ny5cf5cynkqpx68dpn46nq8ly76n2y")))) (build-system gnu-build-system) (inputs (list dbus ell (package-source ell) openresolv readline)) (native-inputs (list autoconf automake libtool pkg-config python python-docutils openssl)) (arguments (list #:configure-flags #~(list "--disable-systemd-service" "--enable-external-ell" "--enable-hwsim" "--enable-tools" "--enable-wired" "--localstatedir=/var" (string-append "--with-dbus-datadir=" #$output "/share/") (string-append "--with-dbus-busdir=" #$output "/share/dbus-1/system-services")) #:phases #~(modify-phases %standard-phases (add-after 'unpack 'copy-ell-header-files ;; Copy into the source tree two of ell's private header files ;; that it shares with iwd, as is required to build with the ;; "--enable-external-ell" configure option. See the ;; definition of "ell_shared" in iwd's Makefile.am. (lambda* (#:key inputs #:allow-other-keys) (let ((ell-header-dir (search-input-directory inputs "/ell")) (target-dir "ell")) (mkdir target-dir) (for-each (lambda (file-name) (copy-file (string-append ell-header-dir "/" file-name) (string-append target-dir "/" file-name))) '("asn1-private.h" "useful.h"))))) (add-after 'unpack 'patch-resolvconf-path (lambda* (#:key inputs #:allow-other-keys) (substitute* "src/resolve.c" (("getenv\\(\"PATH\"\\)") (format #f "\"~a\"" (dirname (search-input-file inputs "sbin/resolvconf"))))))) (add-after 'configure 'patch-Makefile (lambda _ (substitute* "Makefile" ;; Don't try to 'mkdir /var'. (("\\$\\(MKDIR_P\\) -m 700") "true"))))))) (home-page "https://iwd.wiki.kernel.org/") (synopsis "iNet Wireless Daemon") (description "iwd is a wireless daemon for Linux that aims to replace WPA Supplicant. It optimizes resource utilization by not depending on any external libraries and instead utilizing features provided by the Linux kernel to the maximum extent possible.") (license license:lgpl2.1+))) (define-public iwgtk (package (name "iwgtk") (version "0.9") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/J-Lentz/iwgtk") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1fvxq4ydhzisfn93pcqbspqqi8fwj45v8q104bkm4qfzhf5nvp7w")))) (build-system meson-build-system) (inputs (list gtk qrencode)) (native-inputs (list gettext-minimal pkg-config scdoc)) (home-page "https://github.com/J-Lentz/iwgtk") (synopsis "Lightweight front-end for iwd") (description "Wireless networking GUI front-end for iwd, with supported functionality similar to that of iwctl. Features include viewing and connecting to available networks, managing known networks, provisioning new networks via WPS or Wi-Fi Easy Connect, and an indicator icon displaying connection status and signal strength.") (license license:gpl3+))) (define-public libyang (package (name "libyang") (version "1.0.215") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/CESNET/libyang") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0mrs2ppmq77z8sbqgm2w0rl9bfgybd6bcxanakfww4chih6cy0dw")))) (build-system cmake-build-system) (arguments `(#:configure-flags (list "-DENABLE_BUILD_TESTS=ON" "-DENABLE_LYD_PRIV=ON"))) (propagated-inputs (list pcre)) (native-inputs (list cmocka pkg-config)) (home-page "https://github.com/CESNET/libyang") (synopsis "YANG data modelling language library") (description "libyang is a YANG data modelling language parser and toolkit written (and providing API) in C. Current implementation covers YANG 1.0 (RFC 6020) as well as YANG 1.1 (RFC 7950).") (license license:bsd-3))) (define-public batctl (package (name "batctl") (version "2021.4") (source (origin (method url-fetch) (uri (string-append "https://downloads.open-mesh.org/batman/releases/batman-adv-" version "/batctl-" version ".tar.gz")) (sha256 (base32 "1ryqz90av2p5pgmmpi1afmycd18zhpwz1i4f7r0s359jis86xndn")))) (inputs (list libnl)) (native-inputs (list pkg-config)) (build-system gnu-build-system) (arguments `(#:tests? #f ;; Batctl only has a makefile. Thus we disable tests and ;; configuration, passing in a few make-flags. #:phases (modify-phases %standard-phases (delete 'configure)) #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")) (string-append "PKG_CONFIG=" (search-input-file %build-inputs "/bin/pkg-config")) ,(string-append "CC=" (cc-for-target))))) (home-page "https://www.open-mesh.org/projects/batman-adv/wiki/Wiki") (synopsis "Management tool for the mesh networking BATMAN protocol") (description "This package provides a control tool for the B.A.T.M.A.N. mesh networking routing protocol provided by the Linux kernel module @code{batman-adv}, for Layer 2.") (license license:gpl2+))) (define-public pagekite (package (name "pagekite") (version "1.5.2.200725") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/pagekite/PyPagekite") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "0lig1i42bn9isw848vnml5qhcaa04x1dr2hb075bm0a3439kv3rr")))) (build-system python-build-system) (arguments `(#:phases (modify-phases %standard-phases (add-after 'install 'install-man-page (lambda* (#:key inputs outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (man (string-append out "/share/man"))) (invoke "make" "doc/pagekite.1") (install-file "doc/pagekite.1" (string-append man "/man1")))))))) (inputs (list python-six python-socksipychain)) (home-page "https://pagekite.net/") (synopsis "Make localhost servers publicly visible") (description "PageKite implements a tunneled reverse proxy which makes it easy to make a service (such as an HTTP or SSH server) on localhost visible to the wider Internet, even behind NAT or restrictive firewalls. A managed front-end relay service is available at @url{https://pagekite.net/}, or you can run your own.") (license license:agpl3+))) (define-public ipcalc (package (name "ipcalc") (version "0.51") (source (origin (method git-fetch) (uri (git-reference ;; This is the IPv6-capable continuation of the unmaintained ;; <https://jodies.de/ipcalc-archive/>. (url "https://github.com/kjokjo/ipcalc") (commit version))) (file-name (git-file-name name version)) (sha256 (base32 "0cnygb69vjmp3by75jcd2z4y3ybp1s7x4nl3d32xa49h8lkhdbfv")))) (inputs `(("perl" ,perl))) (build-system trivial-build-system) ;no Makefile.PL (arguments `(#:modules ((guix build utils)) #:builder (begin (use-modules (guix build utils)) (use-modules (srfi srfi-1)) (let* ((source (assoc-ref %build-inputs "source")) (perl (string-append (assoc-ref %build-inputs "perl") "/bin")) (out (assoc-ref %outputs "out")) (bin (string-append out "/bin")) (doc (string-append out "/share/doc/ipcalc"))) (copy-recursively source "source") (chdir "source") (install-file "ipcalc" bin) (patch-shebang (string-append bin "/ipcalc") (list perl)))))) (synopsis "Simple IP network calculator") (description "ipcalc takes an IP address and netmask and calculates the resulting broadcast, network, Cisco wildcard mask, and host range. By giving a second netmask, you can design subnets and supernets. It is also intended to be a teaching tool and presents the subnetting results as easy-to-understand binary values.") (home-page "https://github.com/kjokjo/ipcalc") (license license:gpl2+))) (define-public tunctl (package (name "tunctl") (version "1.5") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/tunctl/tunctl/" version "/" "tunctl-" version ".tar.gz")) (sha256 (base32 "1zsgn7w6l2zh2q0j6qaw8wsx981qcr536qlz1lgb3b5zqr66qama")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (delete 'bootstrap) ;there is no configure.ac file (delete 'configure) ;there is no configure script (delete 'check) ;there are no tests (replace 'build (lambda _ (setenv "CC" "gcc") (invoke "make" "tunctl"))) ;; TODO: Requires docbook-to-man (unrelated to docbook2x and ;; docbook-utils) to generate man page from SGML. (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) (bin (string-append out "/bin"))) (install-file "tunctl" bin)) #t))))) (home-page "https://tunctl.sourceforge.net") (synopsis "Utility to set up and maintain TUN/TAP network interfaces") (description "Tunctl is used to set up and maintain persistent TUN/TAP network interfaces, enabling user applications to simulate network traffic. Such interfaces are useful for VPN software, virtualization, emulation, simulation, and a number of other applications.") (license license:gpl2))) (define-public wol (package (name "wol") (version "0.7.1") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/wake-on-lan/wol/" version "/wol-" version ".tar.gz")) (sha256 (base32 "08i6l5lr14mh4n3qbmx6kyx7vjqvzdnh3j9yfvgjppqik2dnq270")))) (build-system gnu-build-system) (home-page "https://sourceforge.net/projects/wake-on-lan/") (synopsis "Implements Wake On LAN functionality in a small program") (description "Tool to send a magic packet to wake another host on the network. This must be enabled on the target host, usually in the BIOS.") (license license:gpl2))) (define-public traceroute (package (name "traceroute") (version "2.1.5") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/traceroute/traceroute/" "traceroute-" version "/traceroute-" version ".tar.gz")) (sha256 (base32 "17l5barragw0mfgsbjfndny3w4l7zs20l6s6rvim3azajq6jcv4w")))) (build-system gnu-build-system) (arguments (list #:tests? #f ; no test suite #:make-flags #~(list (string-append "LIBRARY_PATH=" (assoc-ref %build-inputs "libc") "/lib") (string-append "CFLAGS=-I" (assoc-ref %build-inputs "kernel-headers") "/include") "LDFLAGS=-lm -L../libsupp" (string-append "prefix=" #$output)) #:phases #~(modify-phases %standard-phases (add-after 'unpack 'patch-make (lambda _ (substitute* "default.rules" ((" \\$\\(LIBDEPS\\)") "$(filter-out -l%,$(LIBDEPS))")))) (delete 'bootstrap) ; no configure.ac file (delete 'configure)))) ; no configure script (home-page "https://traceroute.sourceforge.net/") (synopsis "Tracks the route taken by packets over an IP network") (description "This package provides a modern, but Linux-specific implementation of the @command{traceroute} command that can be used to follow the route taken by packets on an IP network on their way to a given host. It utilizes the IP protocol's time to live (TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to the host. Compared to other implementations, this @command{traceroute} command allows some traces for unprivileged users.") (license (list license:gpl2+ license:lgpl2.1+)))) ;for the libsupp subdirectory (define-public vde2 (let ((commit "8c65ebc464b2f986d5f1f4e6ae829ef4480c9d5a") (revision "0")) (package (name "vde2") (version (git-version "2.3.2" revision commit)) (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/virtualsquare/vde-2") (commit commit))) (file-name (git-file-name name version)) (sha256 (base32 "0l5xf71sv9zm5zw0wg8xgip58c0wh8zck2bazyc2a8gb67gc3s8y")))) (build-system gnu-build-system) (arguments `(#:parallel-build? #f)) ; Build fails if #t. (native-inputs (list autoconf automake libtool)) (inputs (list python libpcap wolfssl)) (home-page "https://github.com/virtualsquare/vde-2") (synopsis "Virtual Distributed Ethernet") (description "VDE is a set of programs to provide virtual software-defined Ethernet network interface controllers across multiple virtual or physical, local or remote devices. The VDE architecture provides virtual counterparts to hardware components such as switches and cables.") (license (list license:gpl2 license:lgpl2.1 ; libvdeplug (license:non-copyleft ; slirpvde "file://COPYING.slirpvde" "See COPYING.slirpvde in the distribution.")))))) (define-public lldpd (package (name "lldpd") (version "1.0.17") (source (origin (method url-fetch) (uri (string-append "https://media.luffy.cx/files/lldpd/lldpd-" version ".tar.gz")) (sha256 (base32 "1ki7c7ffys42s2wy5c94qriicgwx0wl9bm83xxkclasx2izifhwk")) (modules '((guix build utils))) (snippet '(begin ;; Drop bundled library. (delete-file-recursively "libevent"))))) (arguments (list #:configure-flags #~(list "--with-privsep-user=nobody" "--with-privsep-group=nogroup" "--localstatedir=/var" "--enable-pie" "--disable-static" "--without-embedded-libevent" (string-append "--with-systemdsystemunitdir=" #$output "/lib/systemd/system")))) (build-system gnu-build-system) (inputs (list libevent libxml2 openssl readline)) (native-inputs (list pkg-config)) (home-page "https://vincentbernat.github.io/lldpd/") (synopsis "Locate neighbors of your network equipment") (description "The @dfn{Link Layer Discovery Protocol} (LLDP) is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. @code{lldpd} is an implementation of LLDP. It also supports some proprietary protocols.") (license license:isc))) (define-public hashcash (package (name "hashcash") (version "1.22") (source (origin (method url-fetch) (uri (string-append "http://www.hashcash.org/source/hashcash-" version ".tgz")) (sha256 (base32 "15kqaimwb2y8wvzpn73021bvay9mz1gqqfc40gk4hj6f84nz34h1")))) (build-system gnu-build-system) (arguments `(#:make-flags (list (string-append "CC=" ,(cc-for-target))) #:phases (modify-phases %standard-phases (delete 'configure) ;; No tests available. (delete 'check) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((outdir (assoc-ref outputs "out")) (bindir (string-append outdir "/bin")) (mandir (string-append outdir "/share/man/man1")) (docdir (string-append outdir "/share/doc/hashcash-" ,version))) ;; Install manually, as we don't need the `sha1' binary (install-file "hashcash" bindir) (install-file "hashcash.1" mandir) (install-file "README" docdir) (install-file "LICENSE" docdir) (install-file "CHANGELOG" docdir) #t)))))) (home-page "https://www.hashcash.org/") (synopsis "Denial-of-service countermeasure") (description "Hashcash is a proof-of-work algorithm, which has been used as a denial-of-service countermeasure technique in a number of systems. A hashcash stamp constitutes a proof-of-work which takes a parametrizable amount of work to compute for the sender. The recipient can verify received hashcash stamps efficiently. This package contains a command-line tool for computing and verifying hashcash stamps.") (license license:public-domain))) (define-public nbd (package (name "nbd") (version "3.25") (source (origin (method url-fetch) (uri (string-append "https://github.com/NetworkBlockDevice/nbd/releases/download/nbd-" version "/nbd-" version ".tar.xz")) (sha256 (base32 "02nxrgq3024g106x9wdyg23f0bj3avrmf3jdb4kckcaprc7zvj7m")))) (build-system gnu-build-system) (inputs (list glib)) (native-inputs (list bison pkg-config which)) (home-page "https://nbd.sourceforge.io/") (synopsis "NBD client and server") (description "This package provides the NBD (Network Block Devices) client and server. It allows you to use remote block devices over a TCP/IP network.") (license license:gpl2))) (define-public ngtcp2 (package (name "ngtcp2") (version "1.7.0") (source (origin (method url-fetch) (uri (string-append "https://github.com/ngtcp2/ngtcp2/" "releases/download/v" version "/" "ngtcp2-" version ".tar.gz")) (sha256 (base32 "0r06ib077n4i7s5bfrdq2f2sh8jc2fck5k73wffsypk1k9fcpp2r")))) (build-system gnu-build-system) (arguments (list #:configure-flags ;; openssl package does not support QUIC interface, so just gnutls #~(list "--with-gnutls"))) (native-inputs (list pkg-config)) (inputs (list gnutls)) (home-page "https://nghttp2.org/ngtcp2/") (synopsis "QUIC protocol implementation") (description "The ngtcp2 project is an effort to implement the RFC9000 (IETF) QUIC protocol.") (license license:expat))) (define-public yggdrasil (package (name "yggdrasil") (version "0.5.8") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/yggdrasil-network/yggdrasil-go") (commit (string-append "v" version)) (recursive? #t))) (file-name (git-file-name name version)) (sha256 (base32 "0qcly06bljlilihrqrylhq53w3l4bfzmqqjq4cbn55nvsz2gbify")) (patches (search-patches "yggdrasil-extra-config.patch")))) (build-system go-build-system) (arguments (list #:import-path "github.com/yggdrasil-network/yggdrasil-go" #:install-source? #f #:phases #~(modify-phases %standard-phases (replace 'build (lambda* (#:key import-path build-flags #:allow-other-keys) (let* ((pkgsrc "github.com/yggdrasil-network/yggdrasil-go/src/version") (ldflags (format #f "-X ~a.buildName=yggdrasil -X ~a.buildVersion=~a" pkgsrc pkgsrc #$version))) (for-each (lambda (directory) ((assoc-ref %standard-phases 'build) #:build-flags `("-ldflags" ,ldflags) #:import-path directory)) (list "github.com/yggdrasil-network/yggdrasil-go/cmd/yggdrasil" "github.com/yggdrasil-network/yggdrasil-go/cmd/yggdrasilctl" "github.com/yggdrasil-network/yggdrasil-go/cmd/genkeys"))))) (replace 'check (lambda* (#:key tests? import-path #:allow-other-keys) (when tests? (with-directory-excursion (string-append "src/" import-path) (invoke "go" "test" "-v" "./cmd/..." "./src/...")))))))) (propagated-inputs (list ;; go-golang-org-x-mobile ; Not packed yet, for contrib. ;; go-golang-zx2c4-com-wireguard-windows ; Not packed yet, for tun. go-github-com-arceliar-ironwood go-github-com-arceliar-phony go-github-com-cheggaaa-pb-v3 go-github-com-gologme-log go-github-com-hashicorp-go-syslog go-github-com-hjson-hjson-go-v4 go-github-com-kardianos-minwinsvc go-github-com-olekukonko-tablewriter go-github-com-quic-go-quic-go go-github-com-vishvananda-netlink go-golang-org-x-crypto go-golang-org-x-net go-golang-org-x-sys go-golang-org-x-text go-golang-zx2c4-com-wireguard go-nhooyr-io-websocket)) (home-page "https://yggdrasil-network.github.io/blog.html") (synopsis "Experiment in scalable routing as an encrypted IPv6 overlay network") (description "Yggdrasil is an early-stage implementation of a fully end-to-end encrypted IPv6 network. It is lightweight, self-arranging, supported on multiple platforms and allows pretty much any IPv6-capable application to communicate securely with other Yggdrasil nodes. Yggdrasil does not require you to have IPv6 Internet connectivity - it also works over IPv4.") (license ;; As a special exception to the GNU Lesser General Public License ;; version 3 ("LGPL3"), the copyright holders of this Library give you ;; permission to convey to a third party a Combined Work that links ;; statically or dynamically to this Library without providing any Minimal ;; Corresponding Source or Minimal Application Code as set out in 4d or ;; providing the installation information set out in section 4e, provided ;; that you comply with the other provisions of LGPL3 and provided that you ;; meet, for the Application the terms and conditions of the license(s) ;; which apply to the Application. Except as stated in this special ;; exception, the provisions of LGPL3 will continue to comply in full to ;; this Library. If you modify this Library, you may apply this exception ;; to your version of this Library, but you are not obliged to do so. If ;; you do not wish to do so, delete this exception statement from your ;; version. This exception does not (and cannot) modify any license terms ;; which apply to the Application, with which you must still comply license:lgpl3))) (define-public nebula (package (name "nebula") (version "1.9.3") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/slackhq/nebula") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "08zzbx2v713zd9p7i4kd1bvcw47xb0092p5apba1x5wg6fpxw5zr")) ;; Remove windows-related binary blobs and files (snippet #~(begin (use-modules (guix build utils)) (delete-file-recursively "dist/windows") (delete-file-recursively "wintun"))))) (build-system go-build-system) (arguments (list #:import-path "github.com/slackhq/nebula" #:install-source? #f #:phases #~(modify-phases %standard-phases (replace 'build (lambda* (#:key import-path #:allow-other-keys) ;; Suggested option to provide build time flags is not supported ;; in Guix for go-build-system. ;; -ldflags "-X main.Build=SOMEVERSION" (substitute* (string-append "src/" import-path "/cmd/nebula/main.go") (("Version: ") (string-append "Version: " #$version))) ;; Build nebula and nebula-cert (let* ((dir "github.com/slackhq/nebula") (nebula-cmd (string-append dir "/cmd/nebula")) (cert-cmd (string-append dir "/cmd/nebula-cert"))) (invoke "go" "build" nebula-cmd) (invoke "go" "build" cert-cmd)))) (replace 'install (lambda _ (let* ((out #$output) (bindir (string-append out "/bin"))) (install-file "nebula" bindir) (install-file "nebula-cert" bindir))))))) (inputs (list go-dario-cat-mergo go-github-com-anmitsu-go-shlex go-github-com-armon-go-radix go-github-com-cespare-xxhash-v2 go-github-com-cyberdelia-go-metrics-graphite go-github-com-flynn-noise go-github-com-gogo-protobuf go-github-com-google-gopacket go-github-com-miekg-dns go-github-com-nbrownus-go-metrics-prometheus go-github-com-prometheus-client-golang go-github-com-prometheus-client-model go-github-com-prometheus-procfs go-github-com-rcrowley-go-metrics go-github-com-sirupsen-logrus go-github-com-skip2-go-qrcode go-github-com-songgao-water go-github-com-stretchr-testify go-golang-org-x-crypto go-golang-org-x-net go-golang-org-x-sys go-golang-org-x-term go-google-golang-org-protobuf go-gopkg-in-yaml-v2 go-github-com-vishvananda-netlink go-github-com-vishvananda-netns)) (home-page "https://github.com/slackhq/nebula") (synopsis "Scalable, peer-to-peer overlay networking tool") (description "Nebula is a peer-to-peer networking tool based on the @url{https://noiseprotocol.org/, Noise Protocol Framework}. It is not a fully decentralized network, but instead uses central discovery nodes and a certificate authority to facilitate direct, encrypted peer-to-peer connections from behind most firewalls and @acronym{NAT, Network Address Translation} layers.") (license license:expat))) (define-public netdiscover (package (name "netdiscover") (version "0.10") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/netdiscover-scanner/netdiscover") (commit version))) (sha256 (base32 "1ljkj280qja9rz0zwkilsa4051fdxsygjqhfch0wpkxxa5zx3prx")) (file-name (string-append "netdiscover-" version)))) (arguments `(#:tests? #f)) ; no tests (build-system gnu-build-system) (inputs (list libnet libpcap)) (native-inputs (list autoconf automake)) (synopsis "Network address discovery tool") (description "Netdiscover is a network address discovery tool developed mainly for wireless networks without a @acronym{DHCP} server. It also works on hub/switched networks. It is based on @acronym{ARP} packets, it will send @acronym{ARP} requests and sniff for replies.") (home-page "https://github.com/netdiscover-scanner/netdiscover") (license license:gpl3+))) (define-public phantomsocks (package (name "phantomsocks") (version "0.0.0-20240125140126-2576269ca69a") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/macronut/phantomsocks") (commit (go-version->git-ref version)))) (file-name (git-file-name name version)) (sha256 (base32 "1kbcr6580a9pi0a3wssnfr3mnxqq2k9w1fg4khikn82lqaljab2f")))) (build-system go-build-system) (arguments (list #:install-source? #f #:import-path "github.com/macronut/phantomsocks" #:build-flags #~'("-tags" #$(if (target-linux?) "rawsocket" "pcap")))) (inputs (append (if (target-linux?) '() (list libpcap)) (list go-github-com-google-gopacket go-github-com-macronut-go-tproxy))) (home-page "https://github.com/macronut/phantomsocks") (synopsis "Internet censorship circumvention tool") (description "Phantomsocks is an Internet censorship circumvention tool based on the desync technique, which was introduced in the 2017 paper @url{https://doi.org/10.1145/3131365.3131374, @cite{Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship}}. Further information on the usage could be found on the Wikibooks page @url{https://zh.wikibooks.org/wiki/Phantomsocks, @cite{Phantomsocks}}.") (license license:lgpl3+))) (define-public putty (package (name "putty") (version "0.81") (source (origin (method url-fetch) (uri (list (string-append "https://the.earth.li/~sgtatham/putty/" version "/putty-" version ".tar.gz") (string-append "http://www.putty.be/" version "/putty-" version ".tar.gz"))) (sha256 (base32 "1zirfs2zh1jj2i7jcdkyvnq6pliyg8fjipx38pir8d259ylh12yb")))) (build-system cmake-build-system) (arguments `(#:phases (modify-phases %standard-phases (replace 'check ;; As ‘documented’ in ./Buildscr and the 0.76 Makefile.in. (lambda* (#:key tests? #:allow-other-keys) (when tests? (setenv "PUTTY_TESTCRYPT" "./testcrypt") (invoke (string-append "../putty-" ,version "/test/cryptsuite.py")))))))) (inputs (list gtk+)) (native-inputs (list perl pkg-config ;; For tests. python)) (synopsis "Graphical @acronym{SSH, Secure SHell} and telnet client") (description "PuTTY is a graphical text terminal client. It supports @acronym{SSH, Secure SHell}, telnet, and raw socket connections with good terminal emulation. It can authenticate with public keys and Kerberos single-sign-on. It also includes command-line @acronym{SFTP, Secure File Transfer Protocol} and older @acronym{SCP, Secure Copy Protocol} implementations.") (home-page "https://www.chiark.greenend.org.uk/~sgtatham/putty/") (license license:expat))) (define-public vnstat (package (name "vnstat") (version "2.10") (source (origin (method url-fetch) (uri (string-append "https://humdi.net/vnstat/vnstat-" version ".tar.gz")) (sha256 (base32 "09bx8mz9jdq94i0mpmjbc7dis0klvjx85lml5mp3d36dwm21gim9")))) (build-system gnu-build-system) (inputs (list sqlite gd)) (native-inputs (list pkg-config check)) (arguments (list #:phases #~(modify-phases %standard-phases (add-before 'check 'disable-id-tests (lambda _ (substitute* '("Makefile" "tests/vnstat_tests.c") (("tests/id_tests.c \\$") "\\") (("tests/id_tests.h h") "h") (("^.*id_tests.*$") ""))))))) (home-page "https://humdi.net/vnstat/") (synopsis "Network traffic monitoring tool") (description "vnStat is a console-based network traffic monitor that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won't actually be sniffing any traffic and also ensures light use of system resources regardless of network traffic rate.") (license license:gpl2+))) (define-public dnstracer (package (name "dnstracer") (version "1.10") (source (origin (method url-fetch) (uri (string-append "http://www.mavetju.org/download/" name "-" version ".tar.bz2")) (sha256 (base32 "089bmrjnmsga2n0r4xgw4bwbf41xdqsnmabjxhw8lngg2pns1kb4")))) (build-system gnu-build-system) (arguments (list #:tests? #f ;no test suite #:make-flags #~(list (string-append "PREFIX=" #$output) (string-append "CC=" #$(cc-for-target))) #:phases #~(modify-phases %standard-phases (add-after 'unpack 'patch-makefile (lambda _ (substitute* "Makefile" (("\\$\\{PREFIX}/man") "${PREFIX}/share/man") (("^install:.*" all) (string-append all "\tinstall -d ${BINPREFIX}\n" "\tinstall -d ${MANPREFIX}\n"))))) (delete 'configure)))) (native-inputs (list perl)) ;for pod2man (home-page "http://www.mavetju.org/unix/dnstracer.php") (synopsis "Trace a chain of DNS servers to the source") (description "@command{dnstracer} determines where a given Domain Name Server (DNS) gets its information from, and follows the chain of DNS servers back to the servers which know the data.") (license license:bsd-2))) (define-public dropwatch (package (name "dropwatch") (version "1.5.4") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/nhorman/dropwatch.git") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1r653y7bx763fpxl1vrflx8bzcrbds98zk4z7yhfikjngrqn1f2d")))) (build-system gnu-build-system) ;; XXX: bfd support isn't finished. ;; https://github.com/nhorman/dropwatch/issues/76#issuecomment-1328345444 (arguments (list #:configure-flags #~(list "--without-bfd"))) (native-inputs (list autoconf automake pkg-config)) (inputs (list libnl libpcap readline)) (home-page "https://github.com/nhorman/dropwatch") (synopsis "Monitor for network packets dropped by the kernel") (description "Dropwatch is an interactive utility for monitoring and recording packets that are dropped by the kernel. It provides the commands @command{dropwatch} and @command{dwdump}.") (license license:gpl2+)))
generated by cgit