Networking Software
Programs related to networking.
To facilitate navigating in this list, projects are categorized by their purpose, authorship, and current state. Each project entry lists the categories it pertains to. Clicking on a category name will bring a listing of all projects in that category.
Additionally, a list of related projects is provided where applicable. Each element in that list is a link to the corresponding project entry.
Clicking on a project's name will bring this project's entry as a separate page (a permalink).
Hovering your mouse over the version information of a project shows the list of changes introduced by that version.
Sort controls below allow you to order the list either lexicographically or by the most recent release date, in both directions.
Using the Search control, you can select projects by name. Shell-style globbing patterns (wildcards) are accepted.
(Return to the project listing)
certmon
Initial release.
A tool for monitoring the expiration times of remote SSL certificates via HTTPS. Can be used either as a Nagios plugin or as a standalone tool.
inetutils
* ftp An old inability to allow other names than the canonical name has been corrected. This means that a machine entry in the .netrc file will now be used as expected. Previously any alias name was replaced by the corresponding canonical name, before reading the .netrc file. The internal command `hash' accepts a suffixed letter to the size argument, like `12k', instead of 12288. Made a minor change to the syntax of the command itself, allowing size changes independently of activation of hash markings. After a transfer the summary gives the speed as `Mbytes/s', `kbytes/s', or `bytes/s'. The .netrc file can be overridden by the environment variable NETRC. Of even higher precedence is the new option `-N/--netrc'. The access to the resulting file, whatever method, is now denied unless it is a regular file. * ifconfig Better command line parsing on BSD and Solaris systems. Touch only changeable flags on all systems. * logger The ability to use numerical facilities is restored to full range. * ping, ping6 The ability to specify a pattern as payload is corrected. * syslogd A new switch `-T/--local-time' makes the service ignore a time stamp passed on by the remote host, recording instead the local time at the moment the message was received. As a short form of `--pidfile', the switch `-P' is new. In common with other syslogd implementations, rsyslogd and sysklogd, there has for a long time existed an attack vector based on large facility numbers, made public in CVE-2014-3684. This is now mended in our code base. * telnetd The ability to autologin a client, without using authentication, is now functional in the expected manner, i.e., the prompt for a user name is suppressed in favour of an immediate password prompt. In a setting where the client is using a UTF-8 encoding, it was common to observe strange characters in most responses. This was caused by the server daemon, due to incomplete purging of internal protocol data. The issue should now be resolved. * whois Improved cooperation with servers like `whois.arin.net', `whois.eu', and `whois.ripe.net'.
Inetutils, or GNU Internet Utilities, are the basic internet utilities of the GNU Operating System.
joh
* Use IPv6 URLs as proposed by RFC 2732 The address part of an IPv6 URL must be either an IPv6 address in numeric notation *enclosed in square brackets* or a host name, e.g.: inet6://[::1]:1100
A Jabber Over HTTP tunnel. It enables access to Jabber servers from behind firewalls which do not allow outgoing sockets on port 5222.
jumper
* Implement heartbeat event * Add auxiliary program: ifactive * Fix file descriptor leak
Jumper monitors network interfaces for certain kinds of traffic and starts preconfigured external programs when such traffic is detected. It is designed mainly to bring up network links (such as VPN and the like) on demand.
mailfromd
* Default MFL source file suffix The default suffix for MFL files is changed to '.mfl'. In particular, the master script file is now "mailfromd.mfl". This change is intended to avoid confusion with Metafont files, which have suffix '.mf'. As of this version, the new suffix is recommended, but not obligatory: the legacy '.mf' suffix is still supported. If a file 'X.mfl' is not found, mailfromd will look for 'X.mf'. * MFL module search path MFL modules loaded using the "require" or "import" statements are looked up in module search path. Previously, they were searched for in include search path, which created confusion, since include search path is intended for use by preprocessor. To maintain backward compatibility, if mailfromd is unable to find a module in module search path, it will retry the search using include path. This behavior will be maintained during a transitional period (a couple of releases), after which searches in include search path will be discontinued. * Preprocessor configuration Use of preprocessor is configured by the following statement in the main configuration file: preprocessor { # Enable preprocessor. enable yes; # Preprocessor command line stub. command "m4 -s"; # Pass current include path to the preprocessor via -I options. pass-includes false; # Pass to the preprocessor the feature definitions via -D options # as well as any -D/-U options from the command line. pass-defines true; # Name of the preprocessor setup file. Unless absolute, it is # looked up in the include path. setup-file "pp-setup"; } If preprocessor.pass-includes is true, the preprocessor.command setting is augmented by zero or more -I options, thereby supplying it the mailfromd include path. Furthermore, if preprocessor.pass-defines is set, zero or more -D options defining optional features are passed to it (e.g. -DWITH_DKIM) as well as any -D and -U options from the mailfromd command line. Unless the value of preprocessor.setup-file begins with a slash, the file with this name is looked up in the current include search path. If found, its absolute name is passed to the preprocessor as first argument. If the value begins with a slash, it is passed to the preprocessor as is. * New MFL operator: $@ The $@ operator can be used as the last argument in a call to variadic function from another variadic function. It passes all variable arguments supplied to the calling function on to the function being called. E.g.: func x(...) do # do something done func y(string x, ...) do x($@) done In this example, if "y" is called as y("text", 1, 2, 3) it will call "x" as x(1, 2, 3). This operator can also be used with a numeric argument: $@(N). In this case, it will remove first N elements from the argument list and push remaining ones on stack. This is similar to the 'shift' operator in other programming languages, e.g.: x($@(2)) * Data types in variadic function declaration The ellipsis in a variadic function declaration can be preceded by the data type, e.g.: func sum (number ...) returns number For compatibility with previous versions, if the type is omitted, string is assumed. * The void() type cast The void() type cast can be used around a function call to indicate that its return value is ignored deliberately. * mfmod: dynamically loaded modules This new type of mailfromd modules uses dynamically loaded libraries to extend the program functionality without having to modify its code. For a detailed discussion see the manual, section 4.22, "Dynamically Loaded Modules". Three mfmods exist at the time of this writing: - https://www.gnu.org.ua/software/mfmod_ldap/ LDAP searches. - https://www.gnu.org.ua/software/mfmod_openmetrics Open metrics support. - https://www.gnu.org.ua/software/mfmod_prce/ Support for Perl-comparible regular expressions. * Syntax of special handler definitions Special handlers ("begin" and "end", in particular) are now defined using the standard "prog" keyword (similar to milter state handlers): prog begin do ... done prog end do ... done Old syntax is supported for backward compatibility, but causes a deprecation warning. Application writers are advised to update their code. * New special handlers: startup and shutdown These two handlers provide global initialization and cleanup routines. The "startup" handler is run by the master mailfromd process as part of the startup sequence, before the program starts to serve any milter requests. The "shutdown" handler is run when mailfromd is about to terminate. Notice an important differences between "startup"/"shutdown" and "begin"/"end" special handlers. The latter are session specific: they are run at the start and end of a milter session. The former are global: they are run at the program startup and shutdown. The "startup" handler is normally used by mfmod interface modules to load the corresponding shared library. * Use of STARTTLS in callout If TLS is supported by libmailutils, the SMTP callout code will use STARTTLS when offered by the remote server. This is controlled by the smtp-starttls configuration statement. Its possible values are: never Never use STARTTLS. always Always use STARTTLS if offered by the server. ondemand Use STARTTLS only if MAIL FROM: command failed with the code 530 (Authorization required). The default is "ondemand". * Qualified DBM file names in database configuration Argument to database.file statement can be prefixed with "database scheme" to select alternative DBM implementation. For example: database rate { file "gdbm://rate.db"; } See the manual, section 7.11 "Database Configuration" for details. * New command line option: --echo The --echo option allows you to control where the output of the "echo" statement goes in "run" and "test" modes. When used without argument it directs the output to the standard output stream. If an argument is supplied (as in: --echo=FILE), the output goes to the named file. The file will be created if it doesn't exist. Notice, that in the latter case, the use of '=' is compulsory (--echo FILE won't work). * Deprecated configuration statements removed Deprecated configuration statements `lock-retry-count' and `lock-retry-timeout' were removed in this version. Use the `locking' statement instead, e.g. instead of lock-retry-count 10; lock-retry-timeout 1; write locking { retry-count 10; retry-sleep 1; } * Removed support for obsolete features: legacy GeoIP and DSPAM
Mailfromd is a general-purpose mail filtering daemon for Sendmail, Postfix and MeTA1. It is able to filter both incoming and outgoing messages using criteria of arbitrary complexity, supplied by the administrator in the form of a script file. The daemon interfaces with the MTA using Milter or PMilter protocols.
mangemanche
A modular remote management system for Ping903. Allows the user to inspect configuration of the running server, add or remove IP addresses, synchronize the monitored IP list with the Nagios configuration or an SQL database etc.
pies
* New configuration keywords ** sigterm SIG Available for use in "component" sections. This statement defines signal which pies should send to the running component instance in order to terminate it. Defaults to SIGTERM. * Fix the component shutdown sequence The shutdown sequence is determined taking into account dependencies between components, so that all dependent components are stopped before their prerequisite components. * Fallback log file Fallback log file is a place where pies writes out of band log messages, i.e. messages about not being able to open syslog socket or send logs to it. Regular log messages are diverted to this file if syslog was requested, but cannot be used because of a permanent error. * Bugfixes ** Fix piesctl config reload ** Fix configuration preprocessing. ** Varios fixes in REST API server.
GNU pies (pronounced p-yes) is a program invocation and execution supervisor. This utility allows to execute usual foreground-mode applications in detached mode, as if they were daemons. It combines the fucntionality of init
and inetd
programs. It can be used to control complex multi-component software.
ping903
* Fix handing of the Connection: HTTP handler (both server and client)
Ping903 is designed to periodically monitor a very large number of remote hosts using ICMP ECHO packets. The package is built using the client-server architecture. The main component (ping903) is a daemon that sits in memory and wakes up periodically to send certain number of ICMP echo packets to a preconfigured number of hosts and to collect replies. The resulting round-trip statistics is made available via REST API.
radius
* Configuration file raddb/config The syslog statement takes an optional 4th argument specifying syslog tag to use, e.g.: channel default { syslog local1.info radiusd; }; * New attributes ** GNU-Server-Address Holds IP address of the RADIUS server that recieved the request. Notice, that the value of this attribute is "0.0.0.0" if there are no `listen' statement in your `raddb/config'. ** GNU-Server-Port Holds UDP port number of the RADIUS server that recieved the request. * Automake function AM_GNU_RADIUS is provided, for checking if GNU Radius is installed from configure.ac scripts. * Guile support requires Guile version 1.8 or later. * Bugfixes ** Pass NAS-IP-Address to mlc_stop_query
GNU Radius is an extensible and scalable authentication and accounting server.
rpipe
* Syslog support New option '-S FACILITY' switches diagnostic output to the given syslog facility.
A simple tool for forwarding content of a local file to the stdin of a program running on a remote host via TCP. The tool was created when I needed to run GNU Mailman in a docker container without MTA in it. It implements a slightly modified version of TCPMUX protocol. The same binary (rpipe
) serves both as a server (on the remote end) and as a client (on the local end).
rush
* Fix invalid memory addressing in remopt command * Fix building with flex >= 2.6.1 (EOF check)
GNU Rush is a Restricted User Shell. It is intended for use with ssh, rsh and similar remote access programs. Using a sophisticated configuration file, Rush gives you complete control over the command lines users can execute, system resources they can use, etc. In particular, it allows to run remote programs in a chrooted environment.