From ce56f53d3272901bb96972239bc254df5b56c703 Mon Sep 17 00:00:00 2001
From: 0x4A6F <0x4A6F@users.noreply.github.com>
Date: Sat, 6 Mar 2021 13:46:43 +0100
Subject: [PATCH 1/3] nethoscope: init at 0.1.1
---
pkgs/tools/networking/nethoscope/default.nix | 59 ++++++++++++++++++++
pkgs/top-level/all-packages.nix | 2 +
2 files changed, 61 insertions(+)
create mode 100644 pkgs/tools/networking/nethoscope/default.nix
diff --git a/pkgs/tools/networking/nethoscope/default.nix b/pkgs/tools/networking/nethoscope/default.nix
new file mode 100644
index 000000000000..276579f361fc
--- /dev/null
+++ b/pkgs/tools/networking/nethoscope/default.nix
@@ -0,0 +1,59 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, rustPlatform
+, pkg-config
+, alsa-lib
+, libpcap
+, expect
+}:
+
+rustPlatform.buildRustPackage rec {
+ pname = "nethoscope";
+ version = "0.1.1";
+
+ src = fetchFromGitHub {
+ owner = "vvilhonen";
+ repo = "nethoscope";
+ rev = "v${version}";
+ sha256 = "0dsv1f0ncwji8x7q1ix62955qji4jijgjx6xg3hxvl0vvvwqxcdz";
+ };
+
+ cargoSha256 = "0cl0i4m8fxyxfib95x90x6qr284y41wwgwqhflyfa7d3r6qwq8nk";
+
+ nativeBuildInputs = [
+ pkg-config
+ ];
+ buildInputs = [
+ alsa-lib
+ libpcap
+ ];
+
+ LD_LIBRARY_PATH = lib.makeLibraryPath [
+ libpcap
+ alsa-lib
+ ];
+
+ doInstallCheck = true;
+ installCheckPhase = ''
+ if [[ "$(${expect}/bin/unbuffer "$out/bin/${pname}" --help 2> /dev/null | strings | grep ${version} | tr -d '\n')" == " ${version}" ]]; then
+ echo '${pname} smoke check passed'
+ else
+ echo '${pname} smoke check failed'
+ return 1
+ fi
+ '';
+
+ meta = with lib; {
+ description = "Listen to your network traffic";
+ longDescription = ''
+ Employ your built-in wetware pattern recognition and
+ signal processing facilities to understand your network traffic.
+ '';
+ homepage = "https://github.com/vvilhonen/nethoscope";
+ license = licenses.isc;
+ maintainers = with maintainers; [ _0x4A6F ];
+ platforms = platforms.linux;
+ };
+
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index caba6f8e7e8b..4b9cf8441e13 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -8214,6 +8214,8 @@ with pkgs;
nethogs = callPackage ../tools/networking/nethogs { };
+ nethoscope = callPackage ../tools/networking/nethoscope { };
+
netkittftp = callPackage ../tools/networking/netkit/tftp { };
netlify-cli = callPackage ../development/web/netlify-cli { };
From c57232d31cccfee6444bdd9dcddad95f816f85f2 Mon Sep 17 00:00:00 2001
From: 0x4A6F <0x4A6F@users.noreply.github.com>
Date: Sun, 7 Mar 2021 11:38:12 +0100
Subject: [PATCH 2/3] programs/nethoscope: add security.wrapper
---
nixos/modules/module-list.nix | 1 +
nixos/modules/programs/nethoscope.nix | 30 +++++++++++++++++++++++++++
2 files changed, 31 insertions(+)
create mode 100644 nixos/modules/programs/nethoscope.nix
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index c11497e46f10..329c8685c36d 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -185,6 +185,7 @@
./programs/nbd.nix
./programs/nix-ld.nix
./programs/neovim.nix
+ ./programs/nethoscope.nix
./programs/nm-applet.nix
./programs/nncp.nix
./programs/npm.nix
diff --git a/nixos/modules/programs/nethoscope.nix b/nixos/modules/programs/nethoscope.nix
new file mode 100644
index 000000000000..495548e9c656
--- /dev/null
+++ b/nixos/modules/programs/nethoscope.nix
@@ -0,0 +1,30 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let cfg = config.programs.nethoscope;
+in
+{
+ meta.maintainers = with maintainers; [ _0x4A6F ];
+
+ options = {
+ programs.nethoscope = {
+ enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether to add nethoscope to the global environment and configure a
+ setcap wrapper for it.
+ '';
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = with pkgs; [ nethoscope ];
+ security.wrappers.nethoscope = {
+ source = "${pkgs.nethoscope}/bin/nethoscope";
+ capabilities = "cap_net_raw,cap_net_admin=eip";
+ };
+ };
+}
From a876b46fef86ddc616ed36e59d80895ec83d3661 Mon Sep 17 00:00:00 2001
From: 0x4A6F <0x4A6F@users.noreply.github.com>
Date: Thu, 30 Sep 2021 23:23:01 +0200
Subject: [PATCH 3/3] nixos/release-notes: add programs.nethoscope
---
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml | 7 +++++++
nixos/doc/manual/release-notes/rl-2205.section.md | 2 ++
2 files changed, 9 insertions(+)
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
index 10985e6e3f4f..7bcfcebe21b2 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
@@ -130,6 +130,13 @@
services.matrix-conduit.
+
+
+ nethoscope,
+ listen to your network traffic. Available as
+ programs.nethoscope.
+
+
filebeat,
diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md
index 127d44443be0..a086751a2f37 100644
--- a/nixos/doc/manual/release-notes/rl-2205.section.md
+++ b/nixos/doc/manual/release-notes/rl-2205.section.md
@@ -41,6 +41,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [matrix-conduit](https://conduit.rs/), a simple, fast and reliable chat server powered by matrix. Available as [services.matrix-conduit](option.html#opt-services.matrix-conduit.enable).
+- [nethoscope](https://github.com/vvilhonen/nethoscope), listen to your network traffic. Available as [programs.nethoscope](#opt-programs.nethoscope.enable).
+
- [filebeat](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html), a lightweight shipper for forwarding and centralizing log data. Available as [services.filebeat](#opt-services.filebeat.enable).
- [apfs](https://github.com/linux-apfs/linux-apfs-rw), a kernel module for mounting the Apple File System (APFS).