1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2014, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2015, 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
4 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
5 ;;; Copyright © 2015, 2016, 2017 Stefan Reichör <stefan@xsteve.at>
6 ;;; Copyright © 2016 Raimon Grau <raimonster@gmail.com>
7 ;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
8 ;;; Copyright © 2016 John Darrington <jmd@gnu.org>
9 ;;; Copyright © 2016, 2017, 2018, 2019, 2020 Nicolas Goaziou <mail@nicolasgoaziou.fr>
10 ;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
11 ;;; Copyright © 2016, 2017 ng0 <ng0@n0.is>
12 ;;; Copyright © 2016, 2017, 2018 Arun Isaac <arunisaac@systemreboot.net>
13 ;;; Copyright © 2016 Benz Schenk <benz.schenk@uzh.ch>
14 ;;; Copyright © 2016, 2017 Pjotr Prins <pjotr.guix@thebird.nl>
15 ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
16 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
17 ;;; Copyright © 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
18 ;;; Copyright © 2017, 2018, 2019 Rutger Helling <rhelling@mykolab.com>
19 ;;; Copyright © 2017, 2019 Gábor Boskovits <boskovits@gmail.com>
20 ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
21 ;;; Copyright © 2018 Adam Van Ymeren <adam@vany.ca>
22 ;;; Copyright © 2018 Fis Trivial <ybbs.daans@hotmail.com>
23 ;;; Copyright © 2018 Tonton <tonton@riseup.net>
24 ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
25 ;;; Copyright © 2018 Theodoros Foradis <theodoros@foradis.org>
26 ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
27 ;;; Copyright © 2018, 2020 Oleg Pykhalov <go.wigust@gmail.com>
28 ;;; Copyright © 2018 Pierre Neidhardt <mail@ambrevar.xyz>
29 ;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com>
30 ;;; Copyright © 2019 Vasile Dumitrascu <va511e@yahoo.com>
31 ;;; Copyright © 2019 Julien Lepiller <julien@lepiller.eu>
32 ;;; Copyright © 2019 Timotej Lazar <timotej.lazar@araneo.si>
33 ;;; Copyright © 2019 Brice Waegeneire <brice@waegenei.re>
34 ;;; Copyright © 2019 Tonton <tonton@riseup.net>
35 ;;; Copyright © 2019 Alex Griffin <a@ajgrf.com>
36 ;;; Copyright © 2019 Jan Wielkiewicz <tona_kosmicznego_smiecia@interia.pl>
37 ;;; Copyright © 2019 Daniel Schaefer <git@danielschaefer.me>
38 ;;; Copyright © 2019 Diego N. Barbato <dnbarbato@posteo.de>
39 ;;; Copyright © 2020 Vincent Legoll <vincent.legoll@gmail.com>
40 ;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
42 ;;; This file is part of GNU Guix.
44 ;;; GNU Guix is free software; you can redistribute it and/or modify it
45 ;;; under the terms of the GNU General Public License as published by
46 ;;; the Free Software Foundation; either version 3 of the License, or (at
47 ;;; your option) any later version.
49 ;;; GNU Guix is distributed in the hope that it will be useful, but
50 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
51 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
52 ;;; GNU General Public License for more details.
54 ;;; You should have received a copy of the GNU General Public License
55 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
57 (define-module (gnu packages networking)
58 #:use-module ((guix licenses) #:prefix license:)
59 #:use-module (guix packages)
60 #:use-module (guix download)
61 #:use-module (guix git-download)
62 #:use-module (guix build-system cmake)
63 #:use-module (guix build-system glib-or-gtk)
64 #:use-module (guix build-system gnu)
65 #:use-module (guix build-system go)
66 #:use-module (guix build-system perl)
67 #:use-module (guix build-system python)
68 #:use-module (guix build-system trivial)
69 #:use-module (guix utils)
70 #:use-module (gnu packages)
71 #:use-module (gnu packages admin)
72 #:use-module (gnu packages adns)
73 #:use-module (gnu packages algebra)
74 #:use-module (gnu packages audio)
75 #:use-module (gnu packages autotools)
76 #:use-module (gnu packages base)
77 #:use-module (gnu packages bison)
78 #:use-module (gnu packages boost)
79 #:use-module (gnu packages check)
80 #:use-module (gnu packages code)
81 #:use-module (gnu packages compression)
82 #:use-module (gnu packages cpp)
83 #:use-module (gnu packages crypto)
84 #:use-module (gnu packages curl)
85 #:use-module (gnu packages dejagnu)
86 #:use-module (gnu packages documentation)
87 #:use-module (gnu packages flex)
88 #:use-module (gnu packages gettext)
89 #:use-module (gnu packages glib)
90 #:use-module (gnu packages gnome)
91 #:use-module (gnu packages gnupg)
92 #:use-module (gnu packages gtk)
93 #:use-module (gnu packages image)
94 #:use-module (gnu packages libidn)
95 #:use-module (gnu packages linux)
96 #:use-module (gnu packages lua)
97 #:use-module (gnu packages multiprecision)
98 #:use-module (gnu packages kerberos)
99 #:use-module (gnu packages ncurses)
100 #:use-module (gnu packages nettle)
101 #:use-module (gnu packages password-utils)
102 #:use-module (gnu packages pcre)
103 #:use-module (gnu packages perl)
104 #:use-module (gnu packages perl-check)
105 #:use-module (gnu packages pkg-config)
106 #:use-module (gnu packages pretty-print)
107 #:use-module (gnu packages python)
108 #:use-module (gnu packages python-web)
109 #:use-module (gnu packages python-xyz)
110 #:use-module (gnu packages qt)
111 #:use-module (gnu packages readline)
112 #:use-module (gnu packages serialization)
113 #:use-module (gnu packages sqlite)
114 #:use-module (gnu packages ssh)
115 #:use-module (gnu packages textutils)
116 #:use-module (gnu packages tls)
117 #:use-module (gnu packages valgrind)
118 #:use-module (gnu packages web)
119 #:use-module (gnu packages wxwidgets)
120 #:use-module (gnu packages xml)
121 #:use-module (ice-9 match))
123 ;; The gnu.org ‘home’ for this GNU project is a directory listing with 1.6.0 as
124 ;; the latest version. The author's git repository, mentioned in the 1.6.0
125 ;; README and otherwise legit-looking, contains a proper 1.7.0 release tarball
126 ;; with many OUI updates. Use it, even though it's also several years old now.
127 (define-public macchanger
134 (uri (string-append "https://github.com/alobbs/macchanger/"
135 "releases/download/" version "/"
136 name "-" version ".tar.gz"))
138 (base32 "1gs5m0jxyprdp00w2qkbnaqm3ilkjz0q1gqdg4nzdm8g4xy73qns"))))
139 (build-system gnu-build-system)
140 (home-page "https://www.gnu.org/software/macchanger/")
141 (synopsis "Viewing and manipulating MAC addresses of network interfaces")
142 (description "GNU MAC Changer is a utility for viewing and changing MAC
143 addresses of networking devices. New addresses may be set explicitly or
144 randomly. They can include MAC addresses of the same or other hardware vendors
145 or, more generally, MAC addresses of the same category of hardware.")
146 (license license:gpl2+)))
148 (define-public miredo
154 (uri (string-append "http://www.remlab.net/files/miredo/miredo-"
158 "0j9ilig570snbmj48230hf7ms8kvcwi2wblycqrmhh85lksd49ps"))))
159 (build-system gnu-build-system)
162 (modify-phases %standard-phases
163 ;; The checkconf test in src/ requires network access.
165 'check 'disable-checkconf-test
167 (substitute* "src/Makefile"
168 (("^TESTS = .*") "TESTS = \n"))
170 (home-page "http://www.remlab.net/miredo/")
171 (synopsis "Teredo IPv6 tunneling software")
173 "Miredo is an implementation (client, relay, server) of the Teredo
174 specification, which provides IPv6 Internet connectivity to IPv6 enabled hosts
175 residing in IPv4-only networks, even when they are behind a NAT device.")
176 (license license:gpl2+)))
185 "http://www.dest-unreach.org/socat/download/socat-"
189 "1z7xgnwiqpcv1j6aghhj9nqbx7cg3gpc4n9j7vi9hm7nhv5788wp"))))
190 (build-system gnu-build-system)
191 (arguments '(#:tests? #f)) ; no test suite
192 (inputs `(("openssl" ,openssl)))
193 (home-page "http://www.dest-unreach.org/socat/")
195 "Open bidirectional communication channels from the command line")
197 "socat is a relay for bidirectional data transfer between two independent
198 data channels---files, pipes, devices, sockets, etc. It can create
199 \"listening\" sockets, named pipes, and pseudo terminals.
201 socat can be used, for instance, as TCP port forwarder, as a shell interface
202 to UNIX sockets, IPv6 relay, for redirecting TCP oriented programs to a serial
203 line, to logically connect serial lines on different computers, or to
204 establish a relatively secure environment (su and chroot) for running client
205 or server shell scripts with network connections.")
206 (license license:gpl2)))
208 (define-public tcp-wrappers
210 (name "tcp-wrappers")
215 "ftp://ftp.porcupine.org/pub/security/tcp_wrappers_"
219 "0p9ilj4v96q32klavx0phw9va21fjp8vpk11nbh6v2ppxnnxfhwm"))))
220 (build-system gnu-build-system)
223 (modify-phases %standard-phases
224 (delete 'configure) ; there is no configure script
225 (delete 'check) ; there are no tests
229 ;; Upstream doesn't generate a shared library. So we have to do it.
230 (setenv "CC" "gcc -fno-builtin -fPIC")
231 (substitute* "Makefile"
232 (("^(all[^\n]*)" line) (string-append line " libwrap.so\n
233 libwrap.so: $(LIB_OBJ)\n
234 \tgcc -shared $^ -o $@\n")))
235 ;; Deal with some gcc breakage.
236 (substitute* "percent_m.c"
237 (("extern char .sys_errlist.*;") ""))
238 (substitute* "scaffold.c"
239 (("extern char .malloc.*;") ""))
240 ;; This, believe it or not, is the recommended way to build!
241 (invoke "make" "REAL_DAEMON_DIR=/etc" "linux")))
242 ;; There is no make install stage, so we have to do it ourselves.
245 (let ((out (assoc-ref %outputs "out"))
246 (man-pages `("hosts_access.3"
254 (headers `("tcpd.h"))
255 (bins `("safe_finger"
262 (install-file x (string-append out "/include")))
266 (install-file x (string-append out "/share/man/man"
267 (string-take-right x 1))))
271 (install-file x (string-append out "/lib/")))
275 (install-file x (string-append out "/bin/")))
278 (home-page "http://www.porcupine.org")
279 (synopsis "Monitor and filter incoming requests for network services")
280 (description "With this package you can monitor and filter incoming requests for
281 network services. It includes a library which may be used by daemons to
282 transparently check connection attempts against an access control list.")
283 (license (license:non-copyleft "file://DISCLAIMER"
284 "See the file DISCLAIMER in the distribution."))))
287 (define-public zeromq
293 (uri (string-append "https://github.com/zeromq/libzmq/releases"
294 "/download/v" version "/zeromq-" version ".tar.gz"))
297 "0qzp80ky4y2k7k1ya09v9gkivvfbz2km813snrb8jhnn634bbmzb"))))
298 (build-system gnu-build-system)
299 (home-page "https://zeromq.org")
300 (synopsis "Library for message-based applications")
302 "The 0MQ lightweight messaging kernel is a library which extends the
303 standard socket interfaces with features traditionally provided by specialized
304 messaging middle-ware products. 0MQ sockets provide an abstraction of
305 asynchronous message queues, multiple messaging patterns, message
306 filtering (subscriptions), seamless access to multiple transport protocols and
308 (license license:lgpl3+)))
317 "https://github.com/zeromq/" name
318 "/releases/download/v" version
319 "/" name "-" version ".tar.gz"))
322 "1szciz62sk3fm4ga9qjpxz0n0lazvphm32km95bq92ncng12kayg"))))
323 (build-system gnu-build-system)
325 '(#:configure-flags '("--enable-drafts")
326 #:phases (modify-phases %standard-phases
327 (add-before 'check 'patch-tests
329 ;; XXX FIXME: Disable the zproc test, which fails on some
330 ;; hardware: <https://github.com/zeromq/czmq/issues/2007>.
331 (substitute* "src/czmq_selftest.c"
332 (("\\{ \"zproc\", zproc_test.*")
336 `(("zeromq" ,zeromq)))
337 (home-page "http://zeromq.org")
338 (synopsis "High-level C bindings for ØMQ")
340 "czmq provides bindings for the ØMQ core API that hides the differences
341 between different versions of ØMQ.")
342 (license license:mpl2.0)))
344 (define-public cppzmq
346 (commit "d9f0f016c07046742738c65e1eb84722ae32d7d4"))
349 (version (string-append "4.2.2-" revision "."
350 (string-take commit 7)))
354 (url "https://github.com/zeromq/cppzmq")
358 "1gmqlm00y6xpa5m6d4ajq3ww63n2w7h4sy997wj81vcqmqx45b1f"))
359 (file-name (string-append name "-" version "-checkout"))))
360 (build-system cmake-build-system)
361 (arguments '(#:tests? #f)) ; No tests.
363 `(("pkg-config" ,pkg-config)))
365 `(("zeromq" ,zeromq)))
366 (home-page "http://zeromq.org")
367 (synopsis "C++ bindings for the ØMQ messaging library")
369 "This package provides header-only C++ bindings for ØMQ. The header
370 files contain direct mappings of the abstractions provided by the ØMQ C API.")
371 (license license:expat))))
373 (define-public librdkafka
380 "https://github.com/edenhill/librdkafka/archive/"
382 (file-name (string-append name "-" version ".tar.gz"))
385 "10ldx7g7ymmg17snzx78vy4n8ma1rjx0agzi34g15j2fk867xmas"))))
386 (build-system gnu-build-system)
389 (modify-phases %standard-phases
391 ;; its custom configure script doesn't understand 'CONFIG_SHELL'.
392 (lambda* (#:key outputs #:allow-other-keys)
393 (let ((out (assoc-ref outputs "out")))
394 ;; librdkafka++.so lacks RUNPATH for librdkafka.so
396 (string-append "-Wl,-rpath=" out "/lib"))
397 (invoke "./configure"
398 (string-append "--prefix=" out))))))))
400 `(("python" ,python-wrapper)))
402 `(("zlib" ,zlib))) ; in the Libs.private field of rdkafka.pc
403 (home-page "https://github.com/edenhill/librdkafka")
404 (synopsis "Apache Kafka C/C++ client library")
406 "librdkafka is a C library implementation of the Apache Kafka protocol,
407 containing both Producer and Consumer support.")
408 (license license:bsd-2)))
410 (define-public libndp
416 (uri (string-append "http://libndp.org/files/"
417 name "-" version ".tar.gz"))
420 "1dlinhl39va00v55qygjc9ap77yqf7xvn4rwmvdr49xhzzxhlj1c"))))
421 (build-system gnu-build-system)
422 (home-page "http://libndp.org/")
423 (synopsis "Library for Neighbor Discovery Protocol")
425 "libndp contains a library which provides a wrapper for IPv6 Neighbor
426 Discovery Protocol. It also provides a tool named ndptool for sending and
427 receiving NDP messages.")
428 (license license:lgpl2.1+)))
430 (define-public ethtool
436 (uri (string-append "mirror://kernel.org/software/network/"
437 "ethtool/ethtool-" version ".tar.xz"))
440 "0srbqp4a3x9ryrbm5q854375y04ni8j0bmsrl89nmsyn4x4ixy12"))))
441 (build-system gnu-build-system)
442 (home-page "https://www.kernel.org/pub/software/network/ethtool/")
443 (synopsis "Display or change Ethernet device settings")
445 "ethtool can be used to query and change settings such as speed,
446 auto-negotiation and checksum offload on many network devices, especially
448 (license license:gpl2)))
450 (define-public ifstatus
456 (uri (string-append "mirror://sourceforge/ifstatus/ifstatus/"
457 "ifstatus%20v" version "/ifstatus-v"
461 "045cbsq9ps32j24v8y5hpyqxnqn9mpaf3mgvirlhgpqyb9jsia0c"))
462 (modules '((guix build utils)))
465 (substitute* "Main.h"
466 (("#include <stdio.h>")
467 "#include <stdio.h>\n#include <stdlib.h>"))
469 (build-system gnu-build-system)
471 '(#:tests? #f ; no "check" target
473 (modify-phases %standard-phases
474 (delete 'configure) ; no configure script
476 (lambda* (#:key outputs #:allow-other-keys)
477 (let* ((out (assoc-ref outputs "out"))
478 (bin (string-append out "/bin")))
480 (copy-file "ifstatus"
481 (string-append bin "/ifstatus")))
483 (inputs `(("ncurses" ,ncurses)))
484 (home-page "http://ifstatus.sourceforge.net/graphic/index.html")
485 (synopsis "Text based network interface status monitor")
487 "IFStatus is a simple, easy-to-use program for displaying commonly
488 needed/wanted real-time traffic statistics of multiple network
489 interfaces, with a simple and efficient view on the command line. It is
490 intended as a substitute for the PPPStatus and EthStatus projects.")
491 (license license:gpl2+)))
499 (uri (string-append "mirror://sourceforge/nload/nload/" version
500 "/nload-" version ".tar.gz"))
503 "1rb9skch2kgqzigf19x8bzk211jdfjfdkrcvaqyj89jy2pkm3h61"))))
504 (build-system gnu-build-system)
505 (inputs `(("ncurses" ,ncurses)))
506 (home-page "http://www.roland-riegel.de/nload/")
507 (synopsis "Realtime console network usage monitor")
509 "Nload is a console application which monitors network traffic and
510 bandwidth usage in real time. It visualizes the in- and outgoing traffic using
511 two graphs, and provides additional info like total amount of transferred data
512 and min/max network usage.")
513 (license license:gpl2+)))
515 (define-public iodine
521 (uri (string-append "http://code.kryo.se/" name "/"
522 name "-" version ".tar.gz"))
525 "0gh17kcxxi37k65zm4gqsvbk3aw7yphcs3c02pn1c4s2y6n40axd"))))
526 (build-system gnu-build-system)
529 (modify-phases %standard-phases
531 (add-before 'build 'fix-ifconfig-path
532 ;; This package works only with the net-tools version of ifconfig.
533 (lambda* (#:key inputs #:allow-other-keys)
534 (substitute* "src/tun.c"
536 (string-append (assoc-ref inputs "net-tools") "/bin/")))
538 (add-before 'check 'delete-failing-tests
539 ;; Avoid https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802105.
541 (substitute* "tests/common.c"
542 (("tcase_add_test\\(tc, \
543 test_parse_format_ipv(4(|_listen_all|_mapped_ipv6)|6)\\);")
546 #:make-flags (list "CC=gcc"
547 (string-append "prefix=" (assoc-ref %outputs "out")))
548 #:test-target "test"))
549 (inputs `(("net-tools" ,net-tools)
551 (native-inputs `(("check" ,check)
552 ("pkg-config" ,pkg-config)))
553 (home-page "http://code.kryo.se/iodine/")
554 (synopsis "Tunnel IPv4 data through a DNS server")
555 (description "Iodine tunnels IPv4 data through a DNS server. This
556 can be useful in different situations where internet access is firewalled, but
557 DNS queries are allowed. The bandwidth is asymmetrical, with limited upstream
558 and up to 1 Mbit/s downstream.")
559 ;; src/md5.[ch] is released under the zlib license
560 (license (list license:isc license:zlib))))
569 (uri (string-append "mirror://debian/pool/main/w/whois/"
570 "whois_" version ".tar.xz"))
572 (base32 "0kpi981zjczvdcxfcq455c529vlaxa73x8kbm530z5b01h0fk8fb"))))
573 (build-system gnu-build-system)
575 `(#:tests? #f ; no test suite
576 #:make-flags (list "CC=gcc"
577 (string-append "prefix=" (assoc-ref %outputs "out")))
579 (modify-phases %standard-phases
580 (delete 'configure) ; no configure script
581 (add-before 'build 'setenv
583 (setenv "HAVE_ICONV" "1")
586 `(("libidn2" ,libidn2)))
588 `(("gettext" ,gettext-minimal)
590 ("pkg-config" ,pkg-config)))
591 (synopsis "Intelligent client for the WHOIS directory service")
593 "whois searches for an object in a @dfn{WHOIS} (RFC 3912) database.
594 It is commonly used to look up the registered users or assignees of an Internet
595 resource, such as a domain name, an IP address block, or an autonomous system.
596 It can automatically select the appropriate server for most queries.
598 For historical reasons, this package also includes @command{mkpasswd}, which
599 encrypts passwords using @code{crypt(3)} and is unrelated to the Expect command
601 (home-page "https://github.com/rfc1036/whois")
602 (license license:gpl2+)))
604 (define-public wireshark
611 (uri (string-append "https://www.wireshark.org/download/src/wireshark-"
614 (base32 "0ygdxpz0i4jxp55fg9x4xcan093wycjb66yas073gviz9kpj6naz"))))
615 (build-system cmake-build-system)
618 (modify-phases %standard-phases
619 (add-after 'unpack 'remove-failing-test
620 ;; Test 31/32 fails with errors like "Program reassemble_test is
621 ;; not available". Skipping it for now.
623 (substitute* "CMakeLists.txt"
624 (("suite_unittests" all) (string-append "# " all)))
626 ;; Build process chokes during `validate-runpath' phase.
628 ;; Errors are like the following:
629 ;; "/gnu/store/...wireshark-3.0.0/lib/wireshark/plugins/3.0/epan/ethercat.so:
630 ;; error: depends on 'libwireshark.so.12', which cannot be found in
631 ;; RUNPATH". That is, "/gnu/store/...wireshark-3.0.0./lib" doesn't
632 ;; belong to RUNPATH.
634 ;; That’s not a problem in practice because "ethercat.so" is a plugin,
635 ;; so it’s dlopen’d by a process that already provides "libwireshark".
636 ;; For now, we disable this phase.
637 #:validate-runpath? #f))
643 ("libgcrypt" ,libgcrypt)
649 ("lua" ,lua-5.2) ;Lua 5.3 unsupported
652 ("qtmultimedia" ,qtmultimedia)
661 ("gettext" ,gettext-minimal)
663 ("pkg-config" ,pkg-config)
664 ("python" ,python-wrapper)
665 ("qttools" ,qttools)))
666 (synopsis "Network traffic analyzer")
667 (description "Wireshark is a network protocol analyzer, or @dfn{packet
668 sniffer}, that lets you capture and interactively browse the contents of
670 (home-page "https://www.wireshark.org/")
671 (license license:gpl2+)))
680 (uri (string-append "https://fping.org/dist/fping-"
683 (base32 "0jmnf4vmr43aiwk3h2b5qdsb95gxar8gz1yli8fswnm9nrs9ccvx"))))
684 (build-system gnu-build-system)
685 (home-page "https://fping.org/")
686 (synopsis "Send ICMP ECHO_REQUEST packets to network hosts")
688 "fping is a ping like program which uses the Internet Control Message
689 Protocol (ICMP) echo request to determine if a target host is responding.
690 fping differs from ping in that you can specify any number of targets on the
691 command line, or specify a file containing the lists of targets to ping.
692 Instead of sending to one target until it times out or replies, fping will
693 send out a ping packet and move on to the next target in a round-robin
695 (license license:expat)))
697 (define-public gandi.cli
704 (uri (pypi-uri name version))
706 (base32 "110wc9zgxsrvw4yzp21p0ian5lcf7vhcpxhnmsc4fg9pzl2bwxd5"))))
707 (build-system python-build-system)
710 (modify-phases %standard-phases
711 (add-after 'unpack 'embed-store-file-names
713 (substitute* (list "gandi/cli/modules/cert.py"
714 "gandi/cli/tests/commands/test_certificate.py")
715 (("openssl") (which "openssl")))
717 (add-after 'install 'install-documentation
718 ;; The included man page may be outdated but we install it anyway,
719 ;; since it's mentioned in 'gandi --help' and better than nothing.
720 (lambda* (#:key outputs #:allow-other-keys)
721 (let* ((out (assoc-ref outputs "out"))
722 (man1 (string-append out "/share/man/man1")))
724 (with-output-to-file (string-append man1 "/gandi.1")
726 (invoke "rst2man.py" "gandicli.man.rst")))
729 `(("python-docutils" ,python-docutils) ; for rst2man.py
730 ("python-pytest-cov" ,python-pytest-cov)
731 ("python-tox" ,python-tox)))
733 `(("openssl" ,openssl)
734 ("python-click" ,python-click)
735 ("python-ipy" ,python-ipy)
736 ("python-pyyaml" ,python-pyyaml)
737 ("python-requests" ,python-requests)))
738 (home-page "https://cli.gandi.net")
739 (synopsis "Command-line interface to the Gandi.net Web API")
741 "This package provides a command-line client (@command{gandi}) to buy,
742 manage, and delete Internet resources from Gandi.net such as domain names,
743 virtual machines, and certificates.")
744 (license license:gpl3+)))
746 (define-public go-netns
747 (let ((commit "13995c7128ccc8e51e9a6bd2b551020a27180abd")
751 (version (git-version "0.0.0" revision commit))
755 (url "https://github.com/vishvananda/netns.git")
757 (file-name (git-file-name name version))
760 "1zk6w8158qi4niva5rijchbv9ixgmijsgqshh54wdaav4xrhjshn"))))
761 (build-system go-build-system)
763 `(#:import-path "github.com/vishvananda/netns"
764 #:tests? #f)) ;tests require root privileges
765 (home-page "https://github.com/vishvananda/netns")
766 (synopsis "Simple network namespace handling for Go")
767 (description "The netns package provides a simple interface for
768 handling network namespaces in Go.")
769 (license license:asl2.0))))
771 (define-public go-sctp
772 ;; docker-libnetwork-cmd-proxy requires this exact commit.
773 (let ((commit "07191f837fedd2f13d1ec7b5f885f0f3ec54b1cb")
777 (version (git-version "0.0.0" revision commit))
781 (url "https://github.com/ishidawataru/sctp.git")
783 (file-name (git-file-name name version))
786 "1mk9ncm10gwi5pn5wcw4skbyf4qg7n5qdf1mim4gf3mrckvi6g6h"))))
787 (build-system go-build-system)
789 `(#:import-path "github.com/ishidawataru/sctp"))
790 (home-page "https://github.com/ishidawataru/sctp")
791 (synopsis "SCTP library for the Go programming language")
792 (description "This library provides methods for using the stream control
793 transmission protocol (SCTP) in a Go application.")
794 (license license:asl2.0))))
796 (define-public httping
803 (uri (string-append "https://www.vanheusden.com/httping/httping-"
807 "1y7sbgkhgadmd93x1zafqc4yp26ssiv16ni5bbi9vmvvdl55m29y"))))
808 (build-system gnu-build-system)
810 `(("gettext" ,gettext-minimal)))
814 ("openssl" ,openssl)))
816 `(#:make-flags (list "CC=gcc"
817 (string-append "DESTDIR=" (assoc-ref %outputs "out"))
819 #:tests? #f)) ; no tests
820 (home-page "https://www.vanheusden.com/httping/")
821 (synopsis "Web server latency and throughput monitor")
823 "httping measures how long it takes to connect to a web server, send an
824 HTTP(S) request, and receive the reply headers. It is somewhat similar to
825 @command{ping}, but can be used even in cases where ICMP traffic is blocked
826 by firewalls or when you want to monitor the response time of the actual web
827 application stack itself.")
828 (license license:gpl2))) ; with permission to link with OpenSSL
830 (define-public httpstat
837 (uri (pypi-uri "httpstat" version))
840 "1chw2nk56vaq87aba012a270k9na06hfx1pfbsrc3jfvlc2kb9hb"))))
841 (build-system python-build-system)
842 (inputs `(("curl" ,curl)))
845 (modify-phases %standard-phases
846 (add-before 'build 'fix-curl-path
847 (lambda* (#:key inputs #:allow-other-keys)
848 (substitute* "httpstat.py"
849 (("ENV_CURL_BIN.get\\('curl'\\)")
850 (string-append "ENV_CURL_BIN.get('"
851 (assoc-ref inputs "curl")
854 (home-page "https://github.com/reorx/httpstat")
855 (synopsis "Visualize curl statistics")
857 "@command{httpstat} is a tool to visualize statistics from the
858 @command{curl} HTTP client. It acts as a wrapper for @command{curl} and
859 prints timing information for each step of the HTTP request (DNS lookup,
860 TCP connection, TLS handshake and so on) in the terminal.")
861 (license license:expat)))
863 (define-public bwm-ng
871 (url "https://github.com/vgropp/bwm-ng.git")
872 (commit (string-append "v" version))))
873 (file-name (git-file-name name version))
875 (base32 "0k906wb4pw3dcqpcwnni78lahzi3bva483f8c17sjykic7as4y5n"))))
876 (build-system gnu-build-system)
879 (modify-phases %standard-phases
880 (add-after 'unpack 'disable-premature-./configure
882 (substitute* "autogen.sh"
883 (("\\$srcdir/configure")
887 `(("autoconf" ,autoconf)
888 ("automake" ,automake)))
890 `(("ncurses" ,ncurses)))
891 (synopsis "Console based live network and disk I/O bandwidth monitor")
892 (description "Bandwidth Monitor NG is a small and simple console based
893 live network and disk I/O bandwidth monitor.")
894 (home-page "https://www.gropp.org/?id=projects&sub=bwm-ng")
895 (license license:gpl2)))
897 (define-public aircrack-ng
904 (uri (string-append "https://download.aircrack-ng.org/aircrack-ng-"
908 "0hc2x17bxk2n00z8jj5jfwq3z41681fd19n018724il0cpkjyncy"))))
909 (build-system gnu-build-system)
911 `(("autoconf" ,autoconf)
912 ("automake" ,automake)
914 ("pkg-config" ,pkg-config)
917 `(("libgcrypt" ,libgcrypt)
926 (list "--with-experimental=yes" ; build wesside-ng, etc.
927 "--with-gcrypt") ; openssl's the default
928 #:phases (modify-phases %standard-phases
929 (add-before 'bootstrap 'patch-evalrev
931 ;; Called by ./autogen.sh below, before the default
932 ;; ‘patch-shebangs’ phase has had a chance to run.
933 (substitute* "evalrev"
937 (add-after 'build 'absolutize-tools
938 (lambda* (#:key inputs #:allow-other-keys)
939 (let ((ethtool (string-append (assoc-ref inputs "ethtool")
941 (substitute* "scripts/airmon-ng"
943 (string-append ethtool " ")))
945 (home-page "https://www.aircrack-ng.org")
946 (synopsis "Assess WiFi network security")
948 "Aircrack-ng is a complete suite of tools to assess WiFi network
949 security. It focuses on different areas of WiFi security: monitoring,
950 attacking, testing, and cracking. All tools are command-line driven, which
951 allows for heavy scripting.")
952 (license (list license:gpl2+ license:bsd-3))))
954 (define-public pixiewps
961 "https://github.com/wiire-a/pixiewps/releases/"
962 "download/v" version "/" name "-" version ".tar.xz"))
965 "07nym6bqml0k9v29vnj003nrgnwrywgjvnljb7cdpsvnwilhbp64"))))
966 (build-system gnu-build-system)
970 (string-append "PREFIX=" (assoc-ref %outputs "out")))
972 (modify-phases %standard-phases
973 (delete 'configure)) ; no configure script
974 #:tests? #f)) ; there are no tests
975 (home-page "https://github.com/wiire-a/pixiewps/")
976 (synopsis "Offline brute-force tool for Wi-Fi Protected Setup")
977 (description "Pixiewps implements the pixie-dust attack to brute
978 force the Wi-Fi Protected Setup (WPS) PIN by exploiting the low or
979 non-existing entropy of some access points.")
980 (license license:gpl3+)))
982 (define-public reaver
989 "https://github.com/t6x/reaver-wps-fork-t6x/releases/"
990 "download/v" version "/" name "-" version ".tar.xz"))
993 "0sva3g0kwgv143n9l3lg4qp5iiqz7nk76nr0hwivsnglbhk9sbil"))))
994 (build-system gnu-build-system)
997 ;; Save session files to current directory instead of /var.
998 (list "--enable-savetocurrent"
999 "--localstatedir=/tmp/dummy") ; prevent creating /var during install
1001 (modify-phases %standard-phases
1002 (add-before 'configure 'change-directory
1006 (add-after 'install 'install-doc
1007 (lambda* (#:key outputs #:allow-other-keys)
1009 (let* ((out (assoc-ref outputs "out"))
1010 (doc (string-append out "/share/doc/" ,name "-" ,version))
1011 (man1 (string-append out "/share/man/man1")))
1012 (for-each (lambda (file) (install-file file doc))
1013 (find-files "." "README.*"))
1014 (install-file "reaver.1" man1)
1016 #:tests? #f)) ; there are no tests
1018 `(("libpcap" ,libpcap)))
1020 `(("aircrack-ng" ,aircrack-ng)
1021 ("pixiewps" ,pixiewps)))
1022 (home-page "https://github.com/t6x/reaver-wps-fork-t6x/")
1023 (synopsis "Attack tool for Wi-Fi Protected Setup")
1024 (description "Reaver performs a brute force attack against an access
1025 point's Wi-Fi Protected Setup (WPS) PIN. Once the PIN is found, the WPA
1026 passphrase can be recovered and the AP's wireless settings can be
1028 (license license:gpl2+)))
1030 (define-public perl-danga-socket
1032 (name "perl-danga-socket")
1037 (uri (string-append "mirror://cpan/authors/id/N/NM/NML/"
1038 "Danga-Socket-" version ".tar.gz"))
1040 (base32 "0x4bvirmf0kphks19jwgva00zz73zx344218dfaiv8gigrw3yg4m"))))
1041 (build-system perl-build-system)
1043 `(("perl-test-tcp" ,perl-test-tcp)))
1045 `(("perl-sys-syscall" ,perl-sys-syscall)))
1046 (home-page "https://metacpan.org/release/Danga-Socket")
1047 (synopsis "Event loop and event-driven async socket base class")
1049 "Danga::Socket is an abstract base class for objects backed by a socket
1050 which provides the basic framework for event-driven asynchronous IO, designed
1051 to be fast. Danga::Socket is both a base class for objects, and an event
1053 (license license:perl-license)))
1055 (define-public perl-data-validate-ip
1057 (name "perl-data-validate-ip")
1063 "mirror://cpan/authors/id/D/DR/DROLSKY/Data-Validate-IP-"
1066 (base32 "1mmppyzsh1w2z2h86kvzqxy56wxgs62a3kf8nvcnz76bblir5ap1"))))
1067 (build-system perl-build-system)
1069 `(("perl-test-requires" ,perl-test-requires)))
1071 `(("perl-netaddr-ip" ,perl-netaddr-ip)))
1072 (home-page "https://metacpan.org/release/Data-Validate-IP")
1073 (synopsis "IPv4 and IPv6 validation methods")
1075 "This module provides several IP address validation subroutines that both
1076 validate and untaint their input. This includes both basic validation
1077 (@code{is_ipv4()} and @code{is_ipv6()}) and special cases like checking whether
1078 an address belongs to a specific network or whether an address is public or
1079 private (reserved).")
1080 (license license:perl-license)))
1082 (define-public perl-net-dns
1084 (name "perl-net-dns")
1091 (string-append "https://www.net-dns.org/download/Net-DNS-"
1093 (string-append "mirror://cpan/authors/id/N/NL/NLNETLABS/Net-DNS-"
1094 version ".tar.gz")))
1096 (base32 "0yknrsh0wqr9s43c0wf3dyzrsi2r7k0v75hay74gqkq850xy3vyx"))))
1097 (build-system perl-build-system)
1099 `(("perl-digest-hmac" ,perl-digest-hmac)))
1100 (home-page "https://www.net-dns.org/")
1102 "Perl Interface to the Domain Name System")
1103 (description "Net::DNS is the Perl Interface to the Domain Name System.")
1104 (license license:x11)))
1106 (define-public perl-socket6
1108 (name "perl-socket6")
1114 "mirror://cpan/authors/id/U/UM/UMEMOTO/Socket6-"
1119 "054izici8klfxs8hr5rljib28plijpsfymy99xbzdp047bx1b2a6"))))
1120 (build-system perl-build-system)
1123 (modify-phases %standard-phases
1125 (lambda* (#:key outputs #:allow-other-keys)
1126 (let* ((out (assoc-ref outputs "out"))
1127 (args `("Makefile.PL"
1128 ,(string-append "PREFIX=" out)
1129 "INSTALLDIRS=site")))
1130 (setenv "CONFIG_SHELL" (which "sh"))
1131 (apply invoke "perl" args)))))))
1132 (home-page "https://metacpan.org/release/Socket6")
1134 "IPv6 related part of the C socket.h defines and structure manipulators for Perl")
1135 (description "Socket6 binds the IPv6 related part of the C socket header
1136 definitions and structure manipulators for Perl.")
1137 (license license:bsd-3)))
1139 (define-public perl-net-dns-resolver-programmable
1141 (name "perl-net-dns-resolver-programmable")
1147 "mirror://cpan/authors/id/J/JM/JMEHNLE/net-dns-resolver-programmable/"
1148 "Net-DNS-Resolver-Programmable-" version ".tar.gz"))
1151 "1v3nl2kaj4fs55n1617n53q8sa3mir06898vpy1rq98zjih24h4d"))
1153 (search-patches "perl-net-dns-resolver-programmable-fix.patch"))))
1154 (build-system perl-build-system)
1156 `(("perl-module-build" ,perl-module-build)))
1157 (inputs `(("perl-net-dns" ,perl-net-dns)))
1159 "https://metacpan.org/release/Net-DNS-Resolver-Programmable")
1161 "Programmable DNS resolver class for offline emulation of DNS")
1162 (description "Net::DNS::Resolver::Programmable is a programmable DNS resolver for
1163 offline emulation of DNS.")
1164 (license license:perl-license)))
1166 (define-public perl-net-dns-resolver-mock
1168 (name "perl-net-dns-resolver-mock")
1169 (version "1.20171219")
1173 "mirror://cpan/authors/id/M/MB/MBRADSHAW/"
1174 "Net-DNS-Resolver-Mock-" version ".tar.gz"))
1177 "0m3rxpkv1b9121srvbqkrgzg4m8mnydiydqv34in1i1ixwrl6jn9"))))
1178 (build-system perl-build-system)
1180 `(("perl-net-dns" ,perl-net-dns)))
1181 (home-page "https://metacpan.org/release/Net-DNS-Resolver-Mock")
1182 (synopsis "Mock DNS Resolver object for testing")
1184 "Net::DNS::Resolver::Mock is a subclass of Net::DNS::Resolver, but returns
1185 static data from any provided DNS zone file instead of querying the network.
1186 It is intended primarily for use in testing.")
1187 (license license:perl-license)))
1189 (define-public perl-netaddr-ip
1191 (name "perl-netaddr-ip")
1197 "mirror://cpan/authors/id/M/MI/MIKER/NetAddr-IP-"
1202 "1rx0dinrz9fk9qcg4rwqq5n1dm3xv2arymixpclcv2q2nzgq4npc"))))
1203 (build-system perl-build-system)
1206 (modify-phases %standard-phases
1208 (lambda* (#:key outputs #:allow-other-keys)
1209 (let* ((out (assoc-ref outputs "out"))
1210 (args `("Makefile.PL"
1211 ,(string-append "PREFIX=" out)
1212 "INSTALLDIRS=site")))
1213 (setenv "CONFIG_SHELL" (which "sh"))
1214 (apply invoke "perl" args)))))))
1216 "https://metacpan.org/release/NetAddr-IP")
1218 "Manages IPv4 and IPv6 addresses and subnets")
1219 (description "NetAddr::IP manages IPv4 and IPv6 addresses and subsets.")
1220 (license license:perl-license)))
1222 (define-public perl-net-patricia
1224 (name "perl-net-patricia")
1230 "mirror://cpan/authors/id/G/GR/GRUBER/Net-Patricia-"
1235 "0ln5f57vc8388kyh9vhx2infrdzfhbpgyby74h1qsnhwds95m0vh"))))
1236 (build-system perl-build-system)
1239 (modify-phases %standard-phases
1240 (add-after 'unpack 'dont-link-with-nsl ; Borrowed from Debian.
1242 (substitute* "Makefile.PL"
1246 `(("perl-net-cidr-lite" ,perl-net-cidr-lite)
1247 ("perl-socket6" ,perl-socket6)))
1249 "https://metacpan.org/release/Net-Patricia")
1251 "Patricia Trie Perl module for fast IP address lookups")
1253 "Net::Patricia does IP address lookups quickly in Perl.")
1254 ;; The bindings are licensed under GPL2 or later.
1255 ;; libpatricia is licensed under 2-clause BSD.
1256 (license (list license:gpl2+ license:bsd-2))))
1258 (define-public perl-net-cidr-lite
1260 (name "perl-net-cidr-lite")
1266 "mirror://cpan/authors/id/D/DO/DOUGW/Net-CIDR-Lite-"
1271 "14shj73zbqmfjbp0qz1fs9j4p2dpvz5hfkm4qfdjbydflbl2b8fg"))))
1272 (build-system perl-build-system)
1274 "https://metacpan.org/release/Net-CIDR-Lite")
1276 "Perl extension for merging IPv4 or IPv6 CIDR addresses")
1277 (description "Net::CIDR::Lite merges IPv4 or IPv6 CIDR addresses.")
1278 (license license:gpl1+)))
1280 ;; TODO: Use the geolite-mirror-simple.pl script from the example
1281 ;; directory to stay current with the databases. How?
1282 (define-public perl-geo-ip
1284 (name "perl-geo-ip")
1290 "mirror://cpan/authors/id/M/MA/MAXMIND/Geo-IP-"
1295 "1fka8fr7fw6sh3xa9glhs1zjg3s2gfkhi7n7da1l2m2wblqj0c0n"))))
1296 (build-system perl-build-system)
1297 (home-page "https://metacpan.org/release/Geo-IP")
1299 "Look up location and network information by IP Address in Perl")
1300 (description "The Perl module @code{Geo::IP}. It looks up location and
1301 network information by IP Address.")
1302 (license license:perl-license)))
1304 (define-public perl-io-socket-inet6
1306 (name "perl-io-socket-inet6")
1312 "mirror://cpan/authors/id/S/SH/SHLOMIF/IO-Socket-INET6-"
1317 "1fqypz6qa5rw2d5y2zq7f49frwra0aln13nhq5gi514j2zx21q45"))))
1318 (build-system perl-build-system)
1320 `(("perl-module-build" ,perl-module-build)
1321 ("perl-test-pod" ,perl-test-pod)
1322 ("perl-test-pod-coverage" ,perl-test-pod-coverage)))
1323 (inputs `(("perl-socket6" ,perl-socket6)))
1324 (arguments `(;; Need network socket API
1327 "https://metacpan.org/release/IO-Socket-INET6")
1329 "Perl object interface for AF_INET/AF_INET6 domain sockets")
1330 (description "IO::Socket::INET6 is an interface for AF_INET/AF_INET6 domain
1332 (license license:perl-license)))
1334 (define-public libproxy
1340 (uri (string-append "https://github.com/libproxy/libproxy/"
1341 "releases/download/" version "/libproxy-"
1345 "0kvdrazlzwia876w988cmlypp253gwy6idlh8mjk958c29jb8kb5"))))
1346 (build-system cmake-build-system)
1348 `(("pkg-config" ,pkg-config)))
1354 (modify-phases %standard-phases
1357 (invoke "ctest" "-E" "url-test"))))))
1358 (synopsis "Library providing automatic proxy configuration management")
1359 (description "Libproxy handles the details of HTTP/HTTPS proxy
1360 configuration for applications across all scenarios. Applications using
1361 libproxy only have to specify which proxy to use.")
1362 (home-page "https://libproxy.github.io/libproxy")
1363 (license license:lgpl2.1+)))
1365 (define-public proxychains-ng
1367 (name "proxychains-ng")
1372 (uri (string-append "http://ftp.barfooze.de/pub/sabotage/tarballs/"
1373 "proxychains-ng-" version ".tar.xz"))
1375 (base32 "1bmhfbl1bzc87vl0xwr1wh5xvslfyc41nl2hqzhbj258p0sy004x"))))
1376 (build-system gnu-build-system)
1378 `(#:tests? #f ; there are no tests
1380 (modify-phases %standard-phases
1381 (add-after 'unpack 'fix-configure-script
1383 ;; The configure script is very intolerant to unknown arguments,
1384 ;; such as "CONFIG_SHELL".
1385 (substitute* "configure"
1386 (("\\*\\) break ;;" line)
1387 (string-append "[A-Z]*) shift ;;\n"
1390 (add-before 'configure 'set-up-environment
1394 (synopsis "Redirect any TCP connection through a proxy or proxy chain")
1395 (description "Proxychains-ng is a preloader which hooks calls to sockets
1396 in dynamically linked programs and redirects them through one or more SOCKS or
1398 (home-page "https://github.com/rofl0r/proxychains-ng")
1399 (license license:gpl2+)))
1407 (uri (string-append "http://enet.bespin.org/download/"
1408 "enet-" version ".tar.gz"))
1411 "0w780zc6cy8yq4cskpphx0f91lzh51vh9lwyc5ll8hhamdxgbxlq"))))
1412 (build-system gnu-build-system)
1414 `(("pkg-config" ,pkg-config)))
1415 (synopsis "Network communication layer on top of UDP")
1417 "ENet's purpose is to provide a relatively thin, simple and robust network
1418 communication layer on top of UDP. The primary feature it provides is optional
1419 reliable, in-order delivery of packets. ENet omits certain higher level
1420 networking features such as authentication, server discovery, encryption, or
1421 other similar tasks that are particularly application specific so that the
1422 library remains flexible, portable, and easily embeddable.")
1423 (home-page "http://enet.bespin.org")
1424 (license license:expat)))
1434 (url "https://github.com/yrutschle/sslh.git")
1435 (commit (string-append "v" version))))
1436 (file-name (git-file-name name version))
1438 (base32 "18zhkqlwfh6f5dg1a41a4p7p9g94dgb9nwls1ksy9r5yz174i2fx"))))
1439 (build-system gnu-build-system)
1441 `(;; Test dependencies.
1444 ("perl-conf-libconfig" ,perl-conf-libconfig)
1445 ("perl-io-socket-inet6" ,perl-io-socket-inet6)
1446 ("perl-socket6" ,perl-socket6)
1447 ("psmisc" ,psmisc))) ; for ‘killall’
1449 `(("libcap" ,libcap)
1450 ("libconfig" ,libconfig)
1452 ("tcp-wrappers" ,tcp-wrappers)))
1455 (modify-phases %standard-phases
1456 (delete 'configure) ; no configure script
1457 (add-before 'check 'fix-tests
1460 (("\"/tmp") "$ENV{\"TMPDIR\"} . \"")
1461 ;; The Guix build environment lacks ‘ip6-localhost’.
1462 (("ip6-localhost") "localhost"))
1464 ;; Many of these files are mentioned in the man page. Install them.
1465 (add-after 'install 'install-documentation
1466 (lambda* (#:key outputs #:allow-other-keys)
1467 (let* ((out (assoc-ref outputs "out"))
1468 (doc (string-append out "/share/doc/sslh")))
1469 (install-file "README.md" doc)
1472 (install-file file (string-append doc "/examples")))
1473 (append (find-files "." "\\.cfg")
1474 (find-files "scripts"))))
1476 #:make-flags (list "CC=gcc"
1479 (string-append "PREFIX=" (assoc-ref %outputs "out")))
1480 #:test-target "test"))
1481 (home-page "https://www.rutschle.net/tech/sslh/README.html")
1482 (synopsis "Applicative network protocol demultiplexer")
1484 "sslh is a network protocol demultiplexer. It acts like a switchboard,
1485 accepting connections from clients on one port and forwarding them to different
1486 servers based on the contents of the first received data packet. Detection of
1487 common protocols like HTTP(S), SSL, SSH, OpenVPN, tinc, and XMPP is already
1488 implemented, but any other protocol that matches a regular expression can be
1489 added. sslh's name comes from its original application of serving both SSH and
1490 HTTPS on port 443, allowing SSH connections from inside corporate firewalls
1491 that block port 22.")
1492 (license (list license:bsd-2 ; tls.[ch]
1493 license:gpl2+)))) ; everything else
1495 (define-public iperf
1501 (uri (string-append "http://downloads.es.net/pub/iperf"
1502 "/iperf-" version ".tar.gz"))
1505 "033is7b5grfbiil98jxlz4ixp9shm44x6hy8flpsyz1i4h108inq"))))
1506 (build-system gnu-build-system)
1507 (synopsis "TCP, UDP and SCTP bandwidth measurement tool")
1509 "iPerf is a tool to measure achievable bandwidth on IP networks. It
1510 supports tuning of various parameters related to timing, buffers and
1511 protocols (TCP, UDP, SCTP with IPv4 and IPv6). For each test it reports
1512 the bandwidth, loss, and other parameters.")
1513 (home-page "https://software.es.net/iperf/")
1514 (license (list license:bsd-3 ; Main distribution.
1515 license:ncsa ; src/{units,iperf_locale,tcp_window_size}.c
1516 license:expat ; src/{cjson,net}.[ch]
1517 license:public-domain)))) ; src/portable_endian.h
1519 (define-public nethogs
1525 (uri (string-append "https://github.com/raboof/nethogs/archive/v"
1529 "1k4x8r7s4dgcb6n2rjn28h2yyij92mwm69phncl3597cdxr954va"))
1530 (file-name (string-append name "-" version ".tar.gz"))))
1531 (build-system gnu-build-system)
1533 `(("libpcap" ,libpcap)
1534 ("ncurses" ,ncurses)))
1536 `(#:make-flags `("CC=gcc"
1537 ,(string-append "PREFIX=" %output))
1539 (modify-phases %standard-phases
1540 (delete 'configure)))) ; No ./configure script.
1541 (home-page "https://github.com/raboof/nethogs")
1542 (synopsis "Per-process bandwidth monitor")
1543 (description "NetHogs is a small 'net top' tool for Linux. Instead of
1544 breaking the traffic down per protocol or per subnet, like most tools do, it
1545 groups bandwidth by process.
1547 NetHogs does not rely on a special kernel module to be loaded. If there's
1548 suddenly a lot of network traffic, you can fire up NetHogs and immediately see
1549 which PID is causing this. This makes it easy to identify programs that have
1550 gone wild and are suddenly taking up your bandwidth.")
1551 (license license:gpl2+)))
1553 (define-public nzbget
1560 (uri (string-append "https://github.com/nzbget/nzbget/archive/v"
1562 (file-name (string-append name "-" version ".tar.gz"))
1565 "0l3dzxz7d7jf6cyach41zirvsx1x0vs4nh053c0miycv7zjyrly7"))
1566 (modules '((guix build utils)))
1568 ;; Reported upstream as <https://github.com/nzbget/nzbget/pull/414>.
1570 (substitute* "daemon/connect/TlsSocket.cpp"
1571 (("gnutls_certificate-verification_status_print")
1572 "gnutls_certificate_verification_status_print"))
1577 (string-append "--with-libcurses-includes="
1578 (assoc-ref %build-inputs "ncurses") "/include")
1579 (string-append "--with-libcurses-libraries="
1580 (assoc-ref %build-inputs "ncurses") "/lib")
1581 (string-append "--with-tlslib=GnuTLS"))))
1582 (build-system gnu-build-system)
1583 (inputs `(("gnutls" ,gnutls)
1584 ("libxml2" ,libxml2)
1585 ("ncurses" ,ncurses)
1587 (native-inputs `(("pkg-config" ,pkg-config)))
1588 (home-page "https://github.com/nzbget/nzbget")
1589 (synopsis "Usenet binary file downloader")
1591 "NZBGet is a binary newsgrabber, which downloads files from Usenet based
1592 on information given in @code{nzb} files. NZBGet can be used in standalone
1593 and in server/client modes. In standalone mode, you pass NZBGet @command{nzb}
1594 files as command-line parameters and it downloads them and exits. NZBGet also
1595 contains a Web interface. Its server can be controlled through remote
1596 procedure calls (RPCs).")
1597 (license license:gpl2+)))
1599 (define-public openvswitch
1601 (name "openvswitch")
1606 "https://www.openvswitch.org/releases/openvswitch-"
1610 "1y78ix5inhhcvicbvyy2ij38am1215nr55vydhab3d4065q45z8k"))))
1611 (build-system gnu-build-system)
1613 '(;; FIXME: many tests fail with:
1615 ;; test -e $OVS_RUNDIR/ovs-vswitchd.pid
1616 ;; ovs-appctl -t ovs-vswitchd exit
1621 "--localstatedir=/var"
1622 "--with-dbdir=/var/lib/openvswitch")
1624 (modify-phases %standard-phases
1628 ;; Don't try to create directories under /var.
1636 ("pkg-config" ,pkg-config)
1637 ("python" ,python-2)
1639 ("util-linux" ,util-linux)))
1641 `(("python-six" ,python2-six)))
1643 `(("libcap-ng" ,libcap-ng)
1644 ("openssl" ,openssl)))
1645 (synopsis "Virtual network switch")
1646 (home-page "https://www.openvswitch.org/")
1648 "Open vSwitch is a multilayer virtual switch. It is designed to enable
1649 massive network automation through programmatic extension, while still
1650 supporting standard management interfaces and protocols (e.g. NetFlow, sFlow,
1651 IPFIX, RSPAN, CLI, LACP, 802.1ag).")
1652 (license ; see debian/copyright for detail
1653 (list license:lgpl2.1 ; xenserver and utilities/bugtool
1654 license:gpl2 ; datapath
1655 license:bsd-2 license:bsd-3
1656 license:asl2.0)))) ; all other
1658 (define-public python-ipy
1664 (uri (pypi-uri "IPy" version))
1667 "08d6kcacj67mvh0b6y765ipccy6gi4w2ndd4v1l3im2qm1cgcarg"))))
1668 (build-system python-build-system)
1669 (home-page "https://github.com/autocracy/python-ipy/")
1670 (synopsis "Python class and tools for handling IP addresses and networks")
1671 (description "The @code{IP} class allows a comfortable parsing and
1672 handling for most notations in use for IPv4 and IPv6 addresses and
1674 (license license:bsd-3)))
1676 (define-public python2-ipy
1677 (package-with-python2 python-ipy))
1679 (define-public speedtest-cli
1681 (name "speedtest-cli")
1687 (url "https://github.com/sivel/speedtest-cli")
1688 (commit (string-append "v" version))))
1689 (file-name (git-file-name name version))
1691 (base32 "1456yly6iym2c9bl6pi4sz8xbw34bm2dxm1vzpydsd6jazwpmy26"))))
1692 (build-system python-build-system)
1693 (home-page "https://github.com/sivel/speedtest-cli")
1694 (synopsis "Internet bandwidth tester")
1696 "Command line interface for testing internet bandwidth using
1698 (license license:asl2.0)))
1700 (define-public tftp-hpa
1706 (uri (string-append "mirror://kernel.org/software/"
1707 "network/tftp/tftp-hpa/tftp-hpa-" version
1711 "12vidchglhyc20znq5wdsbhi9mqg90jnl7qr9qs8hbvaz4fkdvmg"))))
1712 (build-system gnu-build-system)
1713 (arguments `(#:tests? #f)) ; no test target
1714 (synopsis "HPA's tftp client")
1716 "This is a tftp client derived from OpenBSD tftp with some extra options
1717 added and bugs fixed. The source includes readline support but it is not
1718 enabled due to license conflicts between the BSD advertising clause and the GPL.")
1719 (home-page "http://git.kernel.org/cgit/network/tftp/tftp-hpa.git/about/")
1720 ;; Some source files are distributed under a 3-clause BSD license, and
1721 ;; others under a 4-clause BSD license. Refer to the files in the source
1722 ;; distribution for clarification.
1723 (license (list license:bsd-3 license:bsd-4))))
1725 (define-public pidentd
1732 (uri (string-append "https://github.com/ptrrkssn/pidentd/archive/"
1733 "v" version ".tar.gz"))
1734 (file-name (string-append name "-" version ".tar.gz"))
1737 "0y3kd1bkydqkpc1qdff24yswysamsqivvadjy0468qri5730izgc"))))
1738 (build-system gnu-build-system)
1740 `(#:tests? #f)) ; No tests are included
1742 `(("openssl" ,openssl-1.0))) ;for the DES library
1743 (home-page "https://www.lysator.liu.se/~pen/pidentd/")
1744 (synopsis "Small Ident Daemon")
1746 "@dfn{Pidentd} (Peter's Ident Daemon) is a identd, which implements a
1747 identification server. Pidentd looks up specific TCP/IP connections and
1748 returns the user name and other information about the connection.")
1749 (license license:public-domain)))
1751 (define-public spiped
1757 (uri (string-append "https://www.tarsnap.com/spiped/spiped-"
1761 "1r51rdcl7nib1yv3yvgd5alwlkkwmr387brqavaklb0p2bwzixz6"))))
1762 (build-system gnu-build-system)
1764 '(#:test-target "test"
1765 #:make-flags (let* ((out (assoc-ref %outputs "out"))
1766 (bindir (string-append out "/bin"))
1767 (man1dir (string-append out "/share/man/man1")))
1768 (list "CC=gcc" ; It tries to invoke `c99`.
1769 (string-append "BINDIR=" bindir)
1770 (string-append "MAN1DIR=" man1dir)))
1772 (modify-phases %standard-phases
1773 (add-after 'unpack 'patch-command-invocations
1775 (substitute* '("Makefile"
1776 "libcperciva/cpusupport/Build/cpusupport.sh"
1777 "libcperciva/POSIX/posix-cflags.sh"
1778 "libcperciva/POSIX/posix-l.sh")
1779 (("command -p") ""))
1781 (delete 'configure) ; No ./configure script.
1782 (add-after 'install 'install-more-docs
1783 (lambda* (#:key outputs #:allow-other-keys)
1784 (let* ((out (assoc-ref %outputs "out"))
1785 (misc (string-append out "/share/doc/spiped")))
1786 (install-file "DESIGN.md" misc)
1789 `(("procps" ,procps))) ; `ps` is used by the test suite.
1791 `(("openssl" ,openssl)))
1792 (home-page "https://www.tarsnap.com/spiped.html")
1793 (synopsis "Create secure pipes between sockets")
1794 (description "Spiped (pronounced \"ess-pipe-dee\") is a utility for creating
1795 symmetrically encrypted and authenticated pipes between socket addresses, so
1796 that one may connect to one address (e.g., a UNIX socket on localhost) and
1797 transparently have a connection established to another address (e.g., a UNIX
1798 socket on a different system). This is similar to 'ssh -L' functionality, but
1799 does not use SSH and requires a pre-shared symmetric key.")
1800 (license license:bsd-2)))
1802 (define-public quagga
1808 (uri (string-append "mirror://savannah/quagga/quagga-"
1812 "1lsksqxij5f1llqn86pkygrf5672kvrqn1kvxghi169hqf1c0r73"))
1814 (search-patches "quagga-reproducible-build.patch"))))
1815 (build-system gnu-build-system)
1816 (native-inputs `(("pkg-config" ,pkg-config)
1818 ("dejagnu" ,dejagnu)))
1819 (inputs `(("readline" ,readline)
1820 ("c-ares" ,c-ares)))
1821 (synopsis "Routing Software Suite")
1822 (description "Quagga is a routing software suite, providing implementations
1823 of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms.
1825 The Quagga architecture consists of a core daemon, @command{zebra}, which
1826 acts as an abstraction layer to the underlying Unix kernel and presents the
1827 Zserv API over a Unix or TCP stream to Quagga clients. It is these Zserv
1828 clients which typically implement a routing protocol and communicate routing
1829 updates to the zebra daemon.")
1830 (home-page "https://www.nongnu.org/quagga/")
1831 (license license:gpl2+)))
1833 (define-public thc-ipv6
1834 (let ((revision "0")
1835 (commit "4bb72573e0950ce6f8ca2800a10748477020029e"))
1838 (version (git-version "3.4" revision commit))
1842 (url "https://github.com/vanhauser-thc/thc-ipv6.git")
1844 (file-name (git-file-name name version))
1847 "1x5i6vbsddqc2yks7r1a2fw2fk16qxvd6hpzh1lykjfpkal8fdir"))))
1848 (build-system gnu-build-system)
1850 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
1851 #:tests? #f ; No test suite.
1853 (modify-phases %standard-phases
1854 (delete 'configure) ; No ./configure script.
1855 (add-before 'build 'patch-paths
1857 (substitute* "Makefile"
1858 (("/bin/echo") "echo"))
1860 (add-after 'install 'install-more-docs
1861 (lambda* (#:key outputs #:allow-other-keys)
1862 (let* ((out (assoc-ref outputs "out"))
1863 (doc (string-append out "/share/thc-ipv6/doc")))
1864 (install-file "README" doc)
1865 (install-file "HOWTO-INJECT" doc)
1867 ;; TODO Add libnetfilter-queue once packaged.
1869 `(("libpcap" ,libpcap)
1870 ("openssl" ,openssl)
1872 (home-page "https://github.com/vanhauser-thc/thc-ipv6")
1873 (synopsis "IPv6 security research toolkit")
1874 (description "The THC IPv6 Toolkit provides command-line tools and a library
1875 for researching IPv6 implementations and deployments. It requires Linux 2.6 or
1876 newer and only works on Ethernet network interfaces.")
1877 ;; AGPL 3 with exception for linking with OpenSSL. See the 'LICENSE' file in
1878 ;; the source distribution for more information.
1879 (license license:agpl3))))
1888 (uri (string-append "https://github.com/tgraf/bmon/releases/download/v"
1889 version "/bmon-" version ".tar.gz"))
1892 "0ylzriv4pwh76344abzl1w219x188gshbycbna35gsyfp09c7z82"))))
1893 (build-system gnu-build-system)
1895 `(("libconfuse" ,libconfuse)
1897 ("ncurses" ,ncurses)))
1899 `(("pkg-config" ,pkg-config)))
1900 (synopsis "Bandwidth monitor")
1901 (description "bmon is a monitoring and debugging tool to capture
1902 networking-related statistics and prepare them visually in a human-friendly
1903 way. It features various output methods including an interactive curses user
1904 interface and a programmable text output for scripting.")
1905 (home-page "https://github.com/tgraf/bmon")
1906 ;; README.md mentions both the 2-clause BSD and expat licenses, but all
1907 ;; the source files only have expat license headers. Upstream has been
1908 ;; contacted for clarification: https://github.com/tgraf/bmon/issues/59
1909 ;; Update the license field when upstream responds.
1910 (license (list license:bsd-2
1913 (define-public libnet
1921 (url "https://github.com/sam-github/libnet")
1922 (commit (string-append "libnet-" version))))
1923 (file-name (git-file-name name version))
1926 "0cy8w4g5rv963v4p6iq3333kxgdddx2lywp70xf62553a25xhhs4"))))
1927 (build-system gnu-build-system)
1930 (modify-phases %standard-phases
1931 (add-after 'unpack 'chdir
1932 (lambda _ (chdir "libnet") #t))
1933 (add-before 'build 'build-doc
1934 (lambda* (#:key make-flags #:allow-other-keys)
1935 (apply invoke "make" "-C" "doc" "doc"
1938 `(("autoconf" ,autoconf)
1939 ("automake" ,automake)
1940 ("libtool" ,libtool)
1941 ("doxygen" ,doxygen)))
1942 (home-page "https://sourceforge.net/projects/libnet-dev/")
1943 (synopsis "Framework for low-level network packet construction")
1945 "Libnet provides a fairly portable framework for network packet
1946 construction and injection. It features portable packet creation interfaces
1947 at the IP layer and link layer, as well as a host of supplementary
1948 functionality. Using libnet, quick and simple packet assembly applications
1949 can be whipped up with little effort.")
1950 (license license:bsd-2)))
1959 (uri (string-append "ftp://ftp.bitwizard.nl/mtr/"
1960 "mtr-" version ".tar.gz"))
1962 (base32 "03gid8g4r6a9r40855s4345xm1bylj2kfqkicjwxpmvvccyng712"))))
1963 (build-system gnu-build-system)
1965 `(("libcap" ,libcap)
1966 ("ncurses" ,ncurses)))
1968 `(#:tests? #f)) ; tests require network access
1969 (home-page "https://www.bitwizard.nl/mtr/")
1970 (synopsis "Network diagnostic tool")
1972 "@acronym{mtr, My TraceRoute} combines the functionality of the
1973 @command{traceroute} and @command{ping} programs in a single network diagnostic
1974 tool. @command{mtr} can use several network protocols to detect intermediate
1975 routers (or @dfn{hops}) between the local host and a user-specified destination.
1976 It then continually measures the response time and packet loss at each hop, and
1977 displays the results in real time.")
1978 (license license:gpl2+)))
1980 (define-public strongswan
1987 (uri (string-append "https://download.strongswan.org/strongswan-"
1988 version ".tar.bz2"))
1990 (base32 "03j3fx357bh89n44a5v9wdc92azdx2d37j7jmlyr4z1kwzdhv446"))))
1991 (build-system gnu-build-system)
1994 (modify-phases %standard-phases
1995 (add-before 'build 'patch-command-file-names
1996 (lambda* (#:key inputs #:allow-other-keys)
1997 (substitute* "src/libstrongswan/utils/process.c"
1999 (string-append (assoc-ref inputs "bash") "/bin/sh")))
2001 (substitute* "src/libstrongswan/tests/suites/test_process.c"
2002 (("/bin/sh") (which "sh"))
2003 (("/bin/echo") (which "echo"))
2004 (("cat") (which "cat")))
2006 (add-before 'check 'set-up-test-environment
2007 (lambda* (#:key inputs #:allow-other-keys)
2008 (setenv "TZDIR" (string-append (assoc-ref inputs "tzdata")
2013 ;; Disable bsd-4 licensed plugins.
2015 "--disable-blowfish")))
2019 ("libgcrypt" ,libgcrypt)
2020 ("openssl" ,openssl)))
2022 `(("coreutils" ,coreutils)
2023 ("tzdata" ,tzdata-for-tests)))
2024 (synopsis "IKEv1/v2 keying daemon")
2025 (description "StrongSwan is an IPsec implementation originally based upon
2026 the FreeS/WAN project. It contains support for IKEv1, IKEv2, MOBIKE, IPv6,
2028 (home-page "https://strongswan.org/")
2032 ;; src/libcharon/plugins/dnscert/*
2033 ;; src/libcharon/plugins/ext_auth/*
2034 ;; src/libcharon/plugins/vici/ruby/*
2035 ;; src/libcharon/plugins/xauth_pam/xauth_pam_listener.[ch]
2039 ;; src/libstrongswan/plugins/sha3/sha3_keccak.c
2040 license:public-domain
2041 ;; src/libstrongswan/plugins/pkcs11/pkcs11.h
2042 (license:non-copyleft
2043 "file://src/libstrongswan/plugins/pkcs11/pkcs11.h"
2044 "pkcs11 contains a unknown permissive license. View the specific
2045 file for more details.")
2046 ;; These files are not included in the
2047 ;; build, they are disabled through
2048 ;; options to ./configure
2050 ;; src/libstrongswan/plugins/blowfish/bf_enc.c
2051 ;; src/libstrongswan/plugins/blowfish/bf_locl.h
2052 ;; src/libstrongswan/plugins/blowfish/bf_pi.h
2053 ;; src/libstrongswan/plugins/blowfish/bf_skey.c
2054 ;; src/libstrongswan/plugins/blowfish/blowfish_crypter.c
2055 ;; src/libstrongswan/plugins/des/des_crypter.c
2058 (define-public amule
2065 (url "https://github.com/amule-project/amule")
2067 (file-name (git-file-name name version))
2070 "010wxm6g9f92x6fympj501zbnjka32rzbx0sk3a2y4zpih5d2nsn"))
2071 ;; Patch for adopting crypto++ >= 6.0.
2072 (patches (search-patches "amule-crypto-6.patch"))))
2073 (build-system gnu-build-system)
2076 (modify-phases %standard-phases
2077 (delete 'bootstrap) ; bootstrap phase runs too early.
2078 (add-after 'patch-source-shebangs 'autogen
2080 (invoke "sh" "autogen.sh")
2094 "--enable-amule-gui"
2095 "--enable-amule-daemon"
2096 "--enable-webserver"
2097 "--with-denoise-level=0")))
2099 `(("autoconf" ,autoconf)
2100 ("automake" ,automake)
2101 ("gettext-minimal" ,gettext-minimal)
2105 ("crypto++" ,crypto++)
2107 ("wxwidgets-gtk2" ,wxwidgets-gtk2)))
2108 (home-page "http://amule.org/")
2109 (synopsis "Peer-to-peer client for the eD2K and Kademlia networks")
2111 "aMule is an eMule-like client for the eD2k and Kademlia peer-to-peer
2112 file sharing networks. It includes a graphical user interface (GUI), a daemon
2113 allowing you to run a client with no graphical interface, and a Web GUI for
2114 remote access. The @command{amulecmd} command allows you to control aMule
2116 (license license:gpl2+)))
2125 (string-append "https://github.com/zeromq/zyre/releases/download/v"
2126 version "/" name "-" version ".tar.gz"))
2129 "0qz2730bng1gs9xbqxhkw88qbsmszgmmrl2g9k6xrg6r3bqvsdc7"))))
2130 (build-system gnu-build-system)
2132 `(;; Ensure the kernel headers are treated as system headers to suppress
2133 ;; harmless -Werror=pedantic warnings.
2134 #:make-flags (list (string-append "C_INCLUDE_PATH="
2135 (assoc-ref %build-inputs "kernel-headers")
2137 (inputs `(("zeromq" ,zeromq)
2139 ("libsodium" ,libsodium)))
2140 (synopsis "Framework for proximity-based peer-to-peer applications")
2141 (description "Zyre provides reliable group messaging over local area
2142 networks using zeromq. It has these key characteristics:
2145 @item Zyre needs no administration or configuration.
2146 @item Peers may join and leave the network at any time.
2147 @item Peers talk to each other without any central brokers or servers.
2148 @item Peers can talk directly to each other.
2149 @item Peers can join groups, and then talk to groups.
2150 @item Zyre is reliable, and loses no messages even when the network is heavily loaded.
2151 @item Zyre is fast and has low latency, requiring no consensus protocols.
2152 @item Zyre is designed for WiFi networks, yet also works well on Ethernet networks.
2154 (home-page "https://github.com/zeromq/zyre")
2155 (license license:mpl2.0)))
2157 (define-public can-utils
2160 (version "2018.02.0")
2164 (url "https://github.com/linux-can/can-utils.git")
2165 (commit (string-append "v" version))))
2166 (file-name (git-file-name name version))
2169 "0r0zkm67bdcmbfypjr7z041d4zp0xzb379dyl8cvhmflh12fd2jb"))))
2170 (build-system gnu-build-system)
2172 `(#:tests? #f ; No tests exist.
2173 #:make-flags (list "CC=gcc"
2174 (string-append "PREFIX="
2175 (assoc-ref %outputs "out")))
2177 (modify-phases %standard-phases
2179 (delete 'configure))))
2180 (home-page "https://github.com/linux-can/can-utils")
2181 (synopsis "CAN utilities")
2182 (description "This package provides CAN utilities in the following areas:
2185 @item Basic tools to display, record, generate and replay CAN traffic
2186 @item CAN access via IP sockets
2187 @item CAN in-kernel gateway configuration
2188 @item CAN bus measurement and testing
2189 @item ISO-TP (ISO15765-2:2016 - this means messages with a body larger than
2191 @item Log file converters
2192 @item Serial Line Discipline configuration for slcan driver
2194 ;; Either BSD-3 or GPL-2 can be used.
2195 (license (list license:bsd-3 license:gpl2))))
2204 (uri (string-append "mirror://sourceforge/asio/asio/"
2205 version " (Stable)/asio-" version ".tar.bz2"))
2207 (base32 "1akray4l3hgahmb92sbvsqg128c7g7s92jrkf1sp1fjnfjrxq9sf"))))
2208 (build-system gnu-build-system)
2211 ("openssl" ,openssl)))
2215 (string-append "--with-boost=" (assoc-ref %build-inputs "boost"))
2216 (string-append "--with-openssl=" (assoc-ref %build-inputs "openssl")))))
2217 (home-page "https://think-async.com/Asio")
2218 (synopsis "C++ library for ASynchronous network I/O")
2219 (description "Asio is a cross-platform C++ library for network and
2220 low-level I/O programming that provides developers with a consistent
2221 asynchronous model using a modern C++ approach.")
2222 (license license:boost1.0)))
2224 (define-public shadowsocks
2225 ;; There are some security fixes after the last release.
2226 (let* ((commit "e332ec93e9c90f1cbee676b022bf2c5d5b7b1239")
2228 (version (git-version "2.8.2" revision commit)))
2230 (name "shadowsocks")
2232 (home-page "https://github.com/shadowsocks/shadowsocks")
2240 "1idd9b4f2pnhcpk1bh030hqg5zq25gkwxd53xi3c0cj242w7sp2j"))
2241 (file-name (git-file-name name version))))
2242 (build-system python-build-system)
2243 (synopsis "Fast tunnel proxy that helps you bypass firewalls")
2245 "This package is a fast tunnel proxy that helps you bypass firewalls.
2249 @item TCP & UDP support
2250 @item User management API
2252 @item Workers and graceful restart
2253 @item Destination IP blacklist
2255 (license license:asl2.0))))
2257 (define-public net-snmp
2263 (uri (string-append "mirror://sourceforge/net-snmp/net-snmp/"
2264 version "/net-snmp-" version ".tar.gz"))
2267 "1pvajzj9gmj56dmwix0ywmkmy2pglh6nny646hkm7ghfhh03bz5j"))
2268 (modules '((guix build utils)))
2271 ;; Drop bundled libraries.
2272 (delete-file-recursively "snmplib/openssl")
2274 (build-system gnu-build-system)
2276 `(#:test-target "test"
2277 ;; XXX: With parallel build enabled, Perl modules may not get linked with
2278 ;; libnetsnmp. See e.g. <https://bugzilla.novell.com/show_bug.cgi?id=819497>.
2279 #:parallel-build? #f
2281 (list (string-append "LDFLAGS=-Wl,-rpath="
2282 (assoc-ref %outputs "out")
2284 "--with-logfile=/var/log/snmpd.log"
2285 (string-append "--with-openssl="
2286 (assoc-ref %build-inputs "openssl")))
2288 (modify-phases %standard-phases
2289 (add-after 'unpack 'patch-tests
2290 (lambda* (#:key inputs #:allow-other-keys)
2291 (substitute* "testing/fulltests/support/simple_TESTCONF.sh"
2293 (string-append "NETSTAT=\"" (which "netstat") "\"")))
2294 (substitute* '("testing/fulltests/default/T065agentextend_simple"
2295 "testing/fulltests/default/T115agentxperl_simple")
2296 (("/usr/bin/env") (which "env")))
2297 (substitute* "testing/fulltests/default/T065agentextend_sh_simple"
2298 (("/bin/sh") (which "sh")))
2299 ;; These tests require network access.
2300 (for-each delete-file
2301 '("testing/fulltests/default/T070com2sec_simple"
2302 "testing/fulltests/default/T071com2sec6_simple"))
2304 (add-after 'unpack 'patch-Makefile.PL
2305 (lambda* (#:key outputs #:allow-other-keys)
2306 (substitute* "Makefile.in"
2307 (("Makefile.PL -NET")
2308 (string-append "Makefile.PL PREFIX="
2309 (assoc-ref outputs "out")
2310 " INSTALLDIRS=site" " NO_PERLLOCAL=1"
2315 ("openssl" ,openssl)
2317 ;; These inputs are only needed for tests.
2319 `(("net-tools" ,net-tools)
2320 ("coreutils" ,coreutils)
2322 (home-page "http://www.net-snmp.org/")
2323 (synopsis "Simple Network Management Protocol library and tools")
2324 (description "The @dfn{Simple Network Management Protocol} (SNMP) is a
2325 widely used protocol for monitoring the health and welfare of network
2326 equipment (e.g. routers), computer equipment and even devices like UPSs.
2327 Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and
2328 SNMP v3 using both IPv4 and IPv6.")
2329 ;; This only affects OpenBSD
2330 ;; https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8100
2331 (properties `((lint-hidden-cve . ("CVE-2015-8100"))))
2332 (license (list license:bsd-3
2333 (license:non-copyleft
2334 "http://www.net-snmp.org/about/license.html"
2335 "CMU/UCD copyright notice")))))
2337 (define-public ubridge
2345 (url "https://github.com/GNS3/ubridge.git")
2346 (commit (string-append "v" version))))
2347 (file-name (git-file-name name version))
2349 (base32 "1bind7ylgxs743vfdmpdrpp4iamy461bc3i7nxza91kj7hyyjz6h"))))
2350 (build-system gnu-build-system)
2352 `(#:tests? #f ; no tests
2353 #:make-flags '("CC=gcc")
2355 (modify-phases %standard-phases
2356 (delete 'configure) ; no configure script
2357 (add-before 'install 'set-bindir
2358 (lambda* (#:key inputs outputs #:allow-other-keys)
2359 (let ((bin (string-append (assoc-ref outputs "out")
2362 (substitute* "Makefile"
2363 (("\\$\\(BINDIR\\)") bin)
2364 (("\tsetcap cap_net.*$") "")))
2367 `(("libpcap" ,libpcap)))
2368 (home-page "https://github.com/GNS3/ubridge/")
2369 (synopsis "Bridge for UDP tunnels, Ethernet, TAP and VMnet interfaces")
2370 (description "uBridge is a simple program to create user-land bridges
2371 between various technologies. Currently, bridging between UDP tunnels,
2372 Ethernet and TAP interfaces is supported. Packet capture is also supported.")
2373 (license license:gpl3+)))
2375 (define-public hcxtools
2383 (url "https://github.com/ZerBea/hcxtools.git")
2386 (base32 "0k2qlq9hz5zc21nyc6yrnfqzga7hydn5mm0x3rpl2fhkwl81lxcn"))
2387 (file-name (git-file-name name version))))
2388 (build-system gnu-build-system)
2391 ("libpcap" ,libpcap)
2392 ("openssl" ,openssl)
2397 (string-append "INSTALLDIR=" (assoc-ref %outputs "out") "/bin"))
2398 #:tests? #f ; no test suite
2400 (modify-phases %standard-phases
2402 (add-after 'unpack 'set-environment
2403 (lambda* (#:key inputs #:allow-other-keys)
2404 (setenv "C_INCLUDE_PATH"
2405 (string-append (assoc-ref inputs "curl") "/include:"
2406 (assoc-ref inputs "libpcap") "/include:"
2407 (assoc-ref inputs "openssl") "/include:"
2408 (assoc-ref inputs "zlib") "/include"))
2410 (home-page "https://github.com/ZerBea/hcxtools")
2411 (synopsis "Capture wlan traffic to hashcat and John the Ripper")
2413 "This package contains a small set of tools to capture and convert
2414 packets from wireless devices for use with hashcat or John the Ripper.")
2415 (license license:expat)))
2417 (define-public hcxdumptool
2419 (name "hcxdumptool")
2425 (url "https://github.com/ZerBea/hcxdumptool.git")
2428 (base32 "0pg1pvg029gm4rj0fj5kcsjb32hixgn4cxsgiir7spkmacf1qm4q"))
2429 (file-name (git-file-name name version))))
2430 (build-system gnu-build-system)
2434 (string-append "INSTALLDIR=" (assoc-ref %outputs "out") "/bin"))
2435 #:tests? #f ; no test suite
2437 (modify-phases %standard-phases
2438 (delete 'configure))))
2439 (home-page "https://github.com/ZerBea/hcxdumptool")
2440 (synopsis "Small tool to capture packets from wlan devices")
2442 "Small tool to capture packets from WLAN devices. After capturing,
2443 upload the \"uncleaned\" cap to @url{https://wpa-sec.stanev.org/?submit} to
2444 see if the access point or the client is vulnerable to a dictionary attack.
2445 Convert the cap file to hccapx format and/or to WPA-PMKID-PBKDF2
2446 hashline (16800) with @command{hcxpcaptool} from the @code{hcxtools} package
2447 and check if the WLAN key or the master key was transmitted unencrypted.")
2448 (license license:expat)))
2450 (define-public dante
2457 (uri (string-append "https://www.inet.no/dante/files/dante-"
2461 "19rqzj167q73ag20zxpvswhkk0bj56r5maf83v5016sw7vrcz5sc"))))
2462 (build-system gnu-build-system)
2464 ;; XXX: The dynamic socks library doesn't work with 'libc.so' (GNU ld
2465 ;; script). When preloading is enabled, 'sockd' failed with:
2466 ;; … Failed to open library "libc.so": …: invalid ELF header
2467 '(#:configure-flags '("--disable-preload")))
2468 (home-page "https://www.inet.no/dante/")
2469 (synopsis "SOCKS server and client")
2470 (description "Dante is a SOCKS client and server implementation. It can
2471 be installed on a machine with access to an external TCP/IP network and will
2472 allow all other machines, without direct access to that network, to be relayed
2473 through the machine the Dante server is running on. The external network will
2474 never see any machines other than the one Dante is running on.")
2475 (license (license:non-copyleft "file://LICENSE"))))
2477 (define-public restbed
2478 (let ((commit "6eb385fa9051203f28bf96cc1844bbb5a9a6481f"))
2481 (version (git-version "4.6" "1" commit))
2486 (url "https://github.com/Corvusoft/restbed/")
2488 (file-name (string-append name "-" version ".tar.gz"))
2490 (base32 "0k60i5drklqqrb4khb25fzkgz9y0sncxf1sp6lh2bm1m0gh0661n"))))
2491 (build-system cmake-build-system)
2494 ("catch" ,catch-framework)
2495 ("openssl" ,openssl)))
2499 '("-DBUILD_TESTS=NO"
2500 "-DBUILD_EXAMPLES=NO"
2502 "-DBUILD_SHARED=NO")
2504 (modify-phases %standard-phases
2505 (add-after 'unpack 'apply-patches-and-fix-paths
2506 (lambda* (#:key inputs #:allow-other-keys)
2507 (let ((asio (assoc-ref inputs "asio"))
2508 (catch (assoc-ref inputs "catch"))
2509 (openssl (assoc-ref inputs "openssl")))
2510 (substitute* "cmake/Findasio.cmake"
2511 (("(find_path\\( asio_INCLUDE asio\\.hpp HINTS ).*$" all begin)
2512 (string-append begin " \"" asio "/include\" )")))
2513 (substitute* "cmake/Findcatch.cmake"
2514 (("(find_path\\( catch_INCLUDE catch\\.hpp HINTS ).*$" all begin)
2515 (string-append begin " \"" catch "/include\" )")))
2516 (substitute* "cmake/Findopenssl.cmake"
2517 (("(find_library\\( ssl_LIBRARY ssl ssleay32 HINTS ).*$" all begin)
2518 (string-append begin " \"" openssl "/lib\" )"))
2519 (("(find_library\\( crypto_LIBRARY crypto libeay32 HINTS ).*$" all begin)
2520 (string-append begin " \"" openssl "/lib\" )"))
2521 (("(find_path\\( ssl_INCLUDE openssl/ssl\\.h HINTS ).*$" all begin)
2522 (string-append begin " \"" openssl "/include\" )")))))))))
2523 (synopsis "Asynchronous RESTful functionality to C++11 applications")
2524 (description "Restbed is a comprehensive and consistent programming
2525 model for building applications that require seamless and secure
2526 communication over HTTP.")
2527 (home-page "https://github.com/Corvusoft/restbed")
2528 (license license:agpl3+))))
2530 (define-public restinio
2537 (url "https://github.com/Stiffstream/restinio.git")
2538 (commit (string-append "v." version))))
2539 (file-name (git-file-name name version))
2542 "1c25kpx652nng8m1sqf5an2c3c4g3k6zj85mkkaxzk88iwfzq1s8"))))
2543 (build-system cmake-build-system)
2544 (inputs ; TODO: Need to force-keep references on some inputs, e.g. boost.
2546 ("catch2" ,catch-framework2)
2547 ("openssl" ,openssl)
2551 ("sobjectizer" ,sobjectizer)))
2555 ("http-parser", http-parser)))
2557 `(#:configure-flags '("-DRESTINIO_INSTALL=on")
2558 #:tests? #f ; TODO: The tests are called from the root CMakelist, need RESTINIO_TEST=on.
2560 (modify-phases %standard-phases
2561 (add-after 'unpack 'change-directory
2563 (chdir "dev/restinio")
2565 (home-page "https://stiffstream.com/en/products/restinio.html")
2566 (synopsis "C++14 library that gives you an embedded HTTP/Websocket server")
2567 (description "RESTinio is a header-only C++14 library that gives you an embedded
2568 HTTP/Websocket server. It is based on standalone version of ASIO
2569 and targeted primarily for asynchronous processing of HTTP-requests.")
2570 (license license:bsd-3)))
2572 (define-public opendht
2575 (version "2.0.0beta2")
2579 (url "https://github.com/savoirfairelinux/opendht.git")
2581 (file-name (git-file-name name version))
2584 "02ix0rvvyhq22gd5djcq84qz08ji7ln93faf23b27zjzni2klzv5"))))
2585 ;; Since 2.0, the gnu-build-system does not seem to work anymore, upstream bug?
2586 (build-system cmake-build-system)
2588 `(("gnutls" ,gnutls)
2590 ("readline" ,readline)
2591 ("jsoncpp" ,jsoncpp)
2592 ("openssl" ,openssl)
2595 `(("argon2" ,argon2) ; TODO: Needed for the pkg-config .pc file to work?
2596 ("msgpack" ,msgpack))) ;included in several installed headers
2598 `(("autoconf" ,autoconf)
2599 ("pkg-config" ,pkg-config)
2600 ("restinio" ,restinio)
2601 ("automake" ,automake)
2602 ("libtool" ,libtool)
2603 ("cppunit" ,cppunit)))
2605 `(#:tests? #f ; Tests require network connection.
2607 '(;; "-DOPENDHT_TESTS=on"
2608 "-DOPENDHT_TOOLS=off"
2609 "-DOPENDHT_PYTHON=off"
2610 "-DOPENDHT_PROXY_SERVER=on"
2611 "-DOPENDHT_PUSH_NOTIFICATIONS=on"
2612 "-DOPENDHT_PROXY_SERVER_IDENTITY=on"
2613 "-DOPENDHT_PROXY_CLIENT=on")))
2614 (home-page "https://github.com/savoirfairelinux/opendht/")
2615 (synopsis "Distributed Hash Table (DHT) library")
2616 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
2617 be used to manage peer-to-peer network connections as needed for real time
2619 (license license:gpl3+)))
2621 (define-public frrouting
2627 (uri (string-append "https://github.com/FRRouting/frr/releases/"
2628 "download/frr-" version "/frr-" version
2632 "0xfrvi62w8qlh46f504ka0skb7pm0g0p8vmdng4w90gsbirlzpdd"))))
2633 (build-system gnu-build-system)
2635 `(("c-ares" ,c-ares)
2637 ("readline" ,readline)))
2640 ("pkg-config" ,pkg-config)
2641 ("python" ,python-wrapper)
2642 ("python-pytest" ,python-pytest)))
2643 (home-page "https://frrouting.org/")
2644 (synopsis "IP routing protocol suite")
2645 (description "FRRouting (FRR) is an IP routing protocol suite which includes
2646 protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP. ")
2647 (license license:gpl2+)))
2656 (url "https://git.kernel.org/pub/scm/network/wireless/iwd.git")
2658 (file-name (git-file-name name version))
2661 "001dikinsa6kshwscjbvwipavzwpqnpvx9fpshcn63gbvbhyd393"))))
2662 (build-system gnu-build-system)
2665 ("libtool" ,libtool)
2667 ("readline" ,readline)))
2669 `(("asciidoc" ,asciidoc)
2670 ("autoconf" ,autoconf)
2671 ("automake" ,automake)
2672 ("pkgconfig" ,pkg-config)
2674 ("openssl" ,openssl)))
2677 (let ((dbus (assoc-ref %outputs "out")))
2678 (list "--disable-systemd-service"
2679 "--enable-external-ell"
2684 "--localstatedir=/var"
2685 (string-append "--with-dbus-datadir=" dbus "/share/")
2686 (string-append "--with-dbus-busdir="
2687 dbus "/share/dbus-1/system-services")))
2689 (modify-phases %standard-phases
2690 (add-before 'bootstrap 'pre-bootstrap
2692 (substitute* "Makefile.am"
2693 ;; Test disabled because it needs the kernel module
2694 ;; 'pkcs8_key_parser' loaded.
2695 (("unit\\/test-eapol.*? ") "")
2696 ;; Don't try to 'mkdir /var'.
2697 (("\\$\\(MKDIR_P\\) -m 700") "true"))
2699 (home-page "https://git.kernel.org/pub/scm/network/wireless/iwd.git/")
2700 (synopsis "Internet Wireless Daemon")
2701 (description "iwd is a wireless daemon for Linux that aims to replace WPA
2702 Supplicant. It optimizes resource utilization by not depending on any external
2703 libraries and instead utilizing features provided by the Linux kernel to the
2704 maximum extent possible.")
2705 (license license:lgpl2.1+)))
2707 (define-public batctl
2714 (uri (string-append "https://downloads.open-mesh.org/batman/releases/batman-adv-"
2715 version "/batctl-" version ".tar.gz"))
2717 (base32 "1b9w4636dq8m38nzr8j0v0j3b0vdsw84c58c2isc33h66dx8brgz"))))
2719 `(("libnl" ,libnl)))
2721 `(("pkg-config" ,pkg-config)))
2722 (build-system gnu-build-system)
2725 ;; Batctl only has a makefile. Thus we disable tests and
2726 ;; configuration, passing in a few make-flags.
2727 #:phases (modify-phases %standard-phases (delete 'configure))
2729 (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
2730 (string-append "PKG_CONFIG=" (assoc-ref %build-inputs "pkg-config")
2733 (home-page "https://www.open-mesh.org/projects/batman-adv/wiki/Wiki")
2734 (synopsis "Management tool for the mesh networking BATMAN protocol")
2735 (description "This package provides a control tool for the
2736 B.A.T.M.A.N. mesh networking routing protocol provided by the Linux kernel
2737 module @code{batman-adv}, for Layer 2.")
2738 (license license:gpl2+)))
2740 (define-public pagekite
2743 (version "1.5.0.191126")
2748 (url "https://github.com/pagekite/PyPagekite.git")
2749 (commit (string-append "v" version))))
2750 (file-name (git-file-name name version))
2752 (base32 "0mncfjfrr13sm84g5z49qxg5cy791h5qxphjsl77x91zs3m36c8l"))))
2753 (build-system python-build-system)
2756 (modify-phases %standard-phases
2757 (add-after 'install 'install-man-page
2758 (lambda* (#:key inputs outputs #:allow-other-keys)
2759 (let* ((out (assoc-ref outputs "out"))
2760 (man (string-append out "/share/man")))
2762 (string-append "PYTHONPATH=" (getenv "PYTHONPATH"))
2764 (install-file "doc/pagekite.1" (string-append man "/man1"))
2767 `(("python-six" ,python-six)
2768 ("python-socksipychain" ,python-socksipychain)))
2769 (home-page "https://pagekite.net/")
2770 (synopsis "Make localhost servers publicly visible")
2772 "PageKite implements a tunneled reverse proxy which makes it easy to make
2773 a service (such as an HTTP or SSH server) on localhost visible to the wider
2774 Internet, even behind NAT or restrictive firewalls. A managed front-end relay
2775 service is available at @url{https://pagekite.net/}, or you can run your own.")
2776 (license license:agpl3+)))
2778 (define-public ipcalc
2784 (uri (string-append "http://jodies.de/ipcalc-archive/"
2785 name "-" version ".tar.gz"))
2788 "12if9sm8h2ac0pgwkw835cgyqjxm6h27k4kfn2vfas9krrqwbafx"))))
2789 (inputs `(("perl" ,perl)
2792 ("tarball" ,source)))
2793 (build-system trivial-build-system) ;no Makefile.PL
2795 `(#:modules ((guix build utils))
2798 (use-modules (guix build utils))
2799 (use-modules (srfi srfi-1))
2800 (let* ((source (assoc-ref %build-inputs "source"))
2801 (perl (string-append (assoc-ref %build-inputs "perl")
2803 (tar (assoc-ref %build-inputs "tar"))
2804 (gz (assoc-ref %build-inputs "gzip"))
2805 (out (assoc-ref %outputs "out"))
2806 (bin (string-append out "/bin"))
2807 (doc (string-append out "/share/doc/ipcalc")))
2808 (setenv "PATH" (string-append gz "/bin"))
2809 (invoke (string-append tar "/bin/tar") "xvf" source)
2810 (chdir (string-append ,name "-" ,version))
2812 (install-file "ipcalc" bin)
2813 (patch-shebang (string-append bin "/ipcalc") (list perl))
2815 (synopsis "Simple IP network calculator")
2816 (description "ipcalc takes an IP address and netmask and calculates the
2817 resulting broadcast, network, Cisco wildcard mask, and host range. By giving
2818 a second netmask, you can design subnets and supernets. It is also intended
2819 to be a teaching tool and presents the subnetting results as
2820 easy-to-understand binary values.")
2821 (home-page "http://jodies.de/ipcalc")
2822 (license license:gpl2+)))
2824 (define-public tunctl
2831 (uri (string-append "mirror://sourceforge/tunctl/tunctl/" version "/"
2832 "tunctl-" version ".tar.gz"))
2834 (base32 "1zsgn7w6l2zh2q0j6qaw8wsx981qcr536qlz1lgb3b5zqr66qama"))))
2835 (build-system gnu-build-system)
2838 (modify-phases %standard-phases
2839 (delete 'bootstrap) ;there is no configure.ac file
2840 (delete 'configure) ;there is no configure script
2841 (delete 'check) ;there are no tests
2845 (invoke "make" "tunctl")))
2846 ;; TODO: Requires docbook2x to generate man page from SGML.
2848 (lambda* (#:key outputs #:allow-other-keys)
2849 (let* ((out (assoc-ref outputs "out"))
2850 (bin (string-append out "/bin")))
2851 (install-file "tunctl" bin))
2853 (home-page "http://tunctl.sourceforge.net")
2854 (synopsis "Utility to set up and maintain TUN/TAP network interfaces")
2855 (description "Tunctl is used to set up and maintain persistent TUN/TAP
2856 network interfaces, enabling user applications to simulate network traffic.
2857 Such interfaces are useful for VPN software, virtualization, emulation,
2858 simulation, and a number of other applications.")
2859 (license license:gpl2)))
2868 (uri "mirror://sourceforge/vde/vde2/2.3.2/vde2-2.3.2.tar.gz")
2870 (base32 "14xga0ib6p1wrv3hkl4sa89yzjxv7f1vfqaxsch87j6scdm59pr2"))))
2871 (build-system gnu-build-system)
2873 `(#:parallel-build? #f)) ; Build fails if #t.
2875 `(("python" ,python)
2876 ("libpcap" ,libpcap)
2877 ("openssl" ,openssl-1.0))) ; Build fails with 1.1.
2878 (home-page "https://github.com/virtualsquare/vde-2")
2879 (synopsis "Virtual Distributed Ethernet")
2880 (description "VDE is a set of programs to provide virtual software-defined
2881 Ethernet network interface controllers across multiple virtual or
2882 physical, local or remote devices. The VDE architecture provides
2883 virtual counterparts to hardware components such as switches and
2885 (license (list license:gpl2
2886 license:lgpl2.1 ; libvdeplug
2887 (license:non-copyleft ; slirpvde
2888 "file://COPYING.slirpvde"
2889 "See COPYING.slirpvde in the distribution.")))))
2891 (define-public haproxy
2897 (uri (string-append "https://www.haproxy.org/download/"
2898 (version-major+minor version)
2899 "/src/haproxy-" version ".tar.gz"))
2902 "0n8bw3d6gikr8c56ycrvksp1sl0b4yfzp19867cxkl3l0daqwrxv"))))
2903 (build-system gnu-build-system)
2906 (let* ((out (assoc-ref %outputs "out")))
2907 (list (string-append "PREFIX=" out)
2908 (string-append "DOCDIR=" out "/share/" ,name)
2909 "TARGET=linux-glibc"
2914 #:tests? #f ; there are only regression tests, using varnishtest
2916 (modify-phases %standard-phases
2917 (delete 'configure))))
2920 ("openssl" ,openssl)
2923 (home-page "https://www.haproxy.org/")
2924 (synopsis "Reliable, high performance TCP/HTTP load balancer")
2925 (description "HAProxy is a free, very fast and reliable solution offering
2926 high availability, load balancing, and proxying for TCP and HTTP-based
2927 applications. It is particularly suited for web sites crawling under very
2928 high loads while needing persistence or Layer7 processing. Supporting tens of
2929 thousands of connections is clearly realistic with today's hardware.")
2930 (license (list license:gpl2+
2932 license:lgpl2.1+))))
HCoop / jackhill / guix / guix.git / blob