Networking Software

Programs related to networking.

To facilitate navigating in this list, projects are categorized by their purpose, authorship, and current state. Each project entry lists the categories it pertains to. Clicking on a category name will bring a listing of all projects in that category.

Additionally, a list of related projects is provided where applicable. Each element in that list is a link to the corresponding project entry.

Clicking on a project's name will bring this project's entry as a separate page (a permalink).

Hovering your mouse over the version information of a project shows the list of changes introduced by that version.

Sort controls below allow you to order the list either lexicographically or by the most recent release date, in both directions.

Using the Search control, you can select projects by name. Shell-style globbing patterns (wildcards) are accepted.

(Return to the project listing)


Version: 1.0  —  2019-10-10
Initial release.

A tool for monitoring the expiration times of remote SSL certificates via HTTPS. Can be used either as a Nagios plugin or as a standalone tool.


Version: 1.9.3  —  May 12, 2015
* ftp

An old inability to allow other names than the canonical name has
been corrected.  This means that a machine entry in the .netrc file
will now be used as expected.  Previously any alias name was replaced
by the corresponding canonical name, before reading the .netrc file.

The internal command `hash' accepts a suffixed letter to the size
argument, like `12k', instead of 12288.  Made a minor change to the
syntax of the command itself, allowing size changes independently
of activation of hash markings.  After a transfer the summary gives
the speed as `Mbytes/s', `kbytes/s', or `bytes/s'.

The .netrc file can be overridden by the environment variable NETRC.
Of even higher precedence is the new option `-N/--netrc'.  The access
to the resulting file, whatever method, is now denied unless it is a
regular file.

* ifconfig

Better command line parsing on BSD and Solaris systems.  Touch only
changeable flags on all systems.

* logger

The ability to use numerical facilities is restored to full range.

* ping, ping6

The ability to specify a pattern as payload is corrected.

* syslogd

A new switch `-T/--local-time' makes the service ignore a time
stamp passed on by the remote host, recording instead the local
time at the moment the message was received.  As a short form of
`--pidfile', the switch `-P' is new.

In common with other syslogd implementations, rsyslogd and sysklogd,
there has for a long time existed an attack vector based on large
facility numbers, made public in CVE-2014-3684.  This is now mended
in our code base.

* telnetd

The ability to autologin a client, without using authentication,
is now functional in the expected manner, i.e., the prompt for a
user name is suppressed in favour of an immediate password prompt.

In a setting where the client is using a UTF-8 encoding, it was
common to observe strange characters in most responses.  This was
caused by the server daemon, due to incomplete purging of internal
protocol data.  The issue should now be resolved.

* whois

Improved cooperation with servers like `', `',
and `'.

Inetutils, or GNU Internet Utilities, are the basic internet utilities of the GNU Operating System.


(Not released)



Version: 1.3  —  2011-03-31
* Use IPv6 URLs as proposed by RFC 2732

The address part of an IPv6 URL must be either an IPv6 address in
numeric notation *enclosed in square brackets* or a host name, e.g.:


A Jabber Over HTTP tunnel. It enables access to Jabber servers from behind firewalls which do not allow outgoing sockets on port 5222.


Version: 1.2  —  2018-10-26
* Implement heartbeat event

* Add auxiliary program: ifactive

* Fix file descriptor leak

Jumper monitors network interfaces for certain kinds of traffic and starts preconfigured external programs when such traffic is detected. It is designed mainly to bring up network links (such as VPN and the like) on demand.

Related projects:


Version: 9.0  —  2024-01-05
* Compatibility .mf suffix not supported any more

* Begin and end handlers must be defined using prog keyword

* Module and include search paths

Since version 8.15, if a module was not found in module search path,
the search was retried using include search path.  This is no longer
the case: the two paths serve different purposes and don't interact
in any way.  MFL modules are searched in module search path only.

* Use of Sendmail macros in run mode

Sendmail macros can be defined in run mode by placing assignments
macro=value before the script file name, e.g.:

  mailfromd --run i=123 client_addr=::1 test.mfl foo bar baz

This example defines Sendmail macro "i" to "123" and "client_addr" to
"::1".  The words "foo", "bar", and "baz" will be passed to the
main function as positional parameters.

* Full IPv6 support

This causes changes in the following MFL functions (see also "New functions",

** dns_query

 number dns_query (number TYPE, string DOMAIN; number SORT, number RESOLVE)

The semantics and possible values of the RESOLVE argument have
changed.  It used to be a boolean value.  Now its allowed values (as
defined in status.mfl module) are:

          Don't resolve hostnames to IP addresses.  This is the default.

          Resolve hostnames to IP addresses according to the address
          family of the SMTP session.  That is, use 'A' records if the
          client connected using the INET family (i.e.  connected to the
          IPv4 address), and use 'AAAA' records if the client connected
          to the IPv6 address.

          Resolve hostnames to IPv4 addresses ('A' records).

          Resolve hostnames to IPv6 addresses ('AAAA' records).

Values of these constants has been selected so that any existing
code using 0/1 as the value of this argument will work without

** primitive_resolve and resolve functions

 string primitive_resolve (string HOST; string DOMAIN, number FAMILY)
 string resolve (string HOST; string DOMAIN, number FAMILY)

The use of DOMAIN argument is deprecated.

By default the function selects the type of RR set to search for
using the address family of the SMTP connection: A is used for INET
(IPv4 addresses) and AAAA is used for INET6 (IPv6 addresses).

New argument FAMILY can be used to request particular RR type.  Its
possible values are:

          Look for 'A' or 'AAAA', depending on the connection type.
          This is the default.

          Resolve to IPv4 addresses ('A' records).

          Resolve to IPv6 addresses ('AAAA' records).

* New functions

** string is_ipstr(string S)

Returns 1 if S is a string representation of an IP address (IPv4 or

** string is_ip4str(string S)

Returns 1 if S is a string representation of an IPv4 address.

** string is_ip6str(string S)

Returns 1 if S is a string representation of an IPv6 address.

** string reverse_ipstr(string IP)

Returns a reversed representation of the IP address, suitable for
use in DNS labels.

** string tr(string SUBJ, string SET1, string SET2)

Transliterates characters in SUBJ by replacing all occurrences of the
characters found in SET1 with the positionally corresponding characters
in SET2.  Character ranges ('a-z') are allowed in both sets.  A character
range in SET1 translates to a corresponding character from the range in
SET2, e.g. tr(x, 'a-z', 'A-Z') translates string x to uppercase.

Character classes ([a-z], [[:alpha:]], etc) are allowed in SET1 and
translate to the corresponding single character from SET2, e.g.
tr(x, '[[:digit:]]', '_') replaces all decimal digits in string x with

** string dc(string SUBJ, string SET)

Deletes from SUBJ characters that appear in SET.  The syntax of SET is as
described for SET1 above.

** string sq(string SUBJ, string SET)

"Squeeze repeats".  Replaces each sequence of a repeated character
that is listed in SET, with a single occurrence of that character.

* Changes in match_cidr function.

The match_cidr function is re-implemented as a built-in.

The module match_cidr.mfl is deprecated.

* Deprecated MFL modules

The following MFL modules are deprecated.  They are retained for
backward compatibility.  Existing code using any of these will compile
and work as in previous releases, except that a warning will be
printed to draw your attention to the fact.  You are advised to remove
any uses of these modules, as they will be removed in future versions:

** match_cidr.mfl

This module is not needed any more.

** is_ip.mfl

This module defines function is_ip() which is superseded by is_ipstr()
built-in (see above).

** revip.mfl

This module defines function revip() which is superseded by
reverse_ipstr() built-in.

Mailfromd is a general-purpose mail filtering daemon for Sendmail, Postfix and MeTA1. It is able to filter both incoming and outgoing messages using criteria of arbitrary complexity, supplied by the administrator in the form of a script file. The daemon interfaces with the MTA using Milter or PMilter protocols.


(Not released)

A modular remote management system for Ping903. Allows the user to inspect configuration of the running server, add or remove IP addresses, synchronize the monitored IP list with the Nagios configuration or an SQL database etc.

Related projects:


Version: 1.8  —  2022-08-13
* New configuration keywords

** sigterm SIG

Available for use in "component" sections.  This statement defines
signal which pies should send to the running component instance in
order to terminate it.  Defaults to SIGTERM.

* Fix the component shutdown sequence

The shutdown sequence is determined taking into account dependencies
between components, so that all dependent components are stopped
before their prerequisite components.

* Fallback log file

Fallback log file is a place where pies writes out of band log messages,
i.e. messages about not being able to open syslog socket or send logs
to it.  Regular log messages are diverted to this file if syslog was
requested, but cannot be used because of a permanent error.

* Bugfixes

** Fix piesctl config reload

** Fix configuration preprocessing.

** Varios fixes in REST API server.

GNU pies (pronounced p-yes) is a program invocation and execution supervisor. This utility allows to execute usual foreground-mode applications in detached mode, as if they were daemons. It combines the fucntionality of init and inetd programs. It can be used to control complex multi-component software.

Related projects:


Version: 1.0  —  2023-02-10
* Fix handing of the Connection: HTTP handler (both server and client)

Ping903 is designed to periodically monitor a very large number of remote hosts using ICMP ECHO packets. The package is built using the client-server architecture. The main component (ping903) is a daemon that sits in memory and wakes up periodically to send certain number of ICMP echo packets to a preconfigured number of hosts and to collect replies. The resulting round-trip statistics is made available via REST API.

Related projects:


Version: 1.6  —  2008-12-06
* Configuration file raddb/config

The syslog statement takes an optional 4th argument specifying syslog
tag to use, e.g.:

    channel default {
	    syslog radiusd;

* New attributes

** GNU-Server-Address

Holds IP address of the RADIUS server that recieved the
request. Notice, that the value of this attribute is "" if
there are no `listen' statement in your `raddb/config'.

** GNU-Server-Port

Holds UDP port number of the RADIUS server that recieved the request.

* Automake function AM_GNU_RADIUS is provided, for checking if
GNU Radius is installed from scripts.

* Guile support requires Gule version 1.8 or later.

* Bugfixes
** Pass NAS-IP-Address to mlc_stop_query

GNU Radius is an extensible and scalable authentication and accounting server.


Version: 1.8  —  2021-05-17
* Syslog support

New option '-S FACILITY' switches diagnostic output to the given
syslog facility.

A simple tool for forwarding content of a local file to the stdin of a program running on a remote host via TCP. The tool was created when I needed to run GNU Mailman in a docker container without MTA in it. It implements a slightly modified version of TCPMUX protocol. The same binary (rpipe) serves both as a server (on the remote end) and as a client (on the local end).

Related projects:


Version: 2.3  —  2022-07-16
* Fix invalid memory addressing in remopt command

* Fix building with flex >= 2.6.1 (EOF check)

GNU Rush is a Restricted User Shell. It is intended for use with ssh, rsh and similar remote access programs. Using a sophisticated configuration file, Rush gives you complete control over the command lines users can execute, system resources they can use, etc. In particular, it allows to run remote programs in a chrooted environment.

Related projects:


(Not released)