pyrox.dev
lol
1{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, libpcap, pcre }:
2
3stdenv.mkDerivation rec {
4 pname = "ngrep";
5 version = "1.47";
6
7 src = fetchFromGitHub {
8 owner = "jpr5";
9 repo = "ngrep";
10 rev = "V${lib.replaceStrings ["."] ["_"] version}";
11 sha256 = "1x2fyd7wdqlj1r76ilal06cl2wmbz0ws6i3ys204sbjh1cj6dcl7";
12 };
13
14 patches = [
15 (fetchpatch {
16 url = "https://patch-diff.githubusercontent.com/raw/jpr5/ngrep/pull/11.patch";
17 sha256 = "0k5qzvj8j3r1409qwwvzp7m3clgs2g7hs4q68bhrqbrsvvb2h5dh";
18 })
19 ];
20
21 nativeBuildInputs = [ autoreconfHook ];
22 buildInputs = [ libpcap pcre ];
23
24 configureFlags = [
25 "--enable-ipv6"
26 "--enable-pcre"
27 "--disable-pcap-restart"
28 "--with-pcap-includes=${libpcap}/include"
29 ];
30
31 preConfigure = ''
32 sed -i "s|BPF=.*|BPF=${libpcap}/include/pcap/bpf.h|" configure
33 '';
34
35 meta = with lib; {
36 description = "Network packet analyzer";
37 longDescription = ''
38 ngrep strives to provide most of GNU grep's common features, applying
39 them to the network layer. ngrep is a pcap-aware tool that will allow you
40 to specify extended regular or hexadecimal expressions to match against
41 data payloads of packets. It currently recognizes IPv4/6, TCP, UDP,
42 ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and
43 null interfaces, and understands BPF filter logic in the same fashion as
44 more common packet sniffing tools, such as tcpdump and snoop.
45 '';
46 homepage = "https://github.com/jpr5/ngrep/";
47 # <ngrep>/doc/README.txt says that ngrep itself is licensed under a
48 # 'BSD-like' license but that the 'regex' library (in the ngrep tarball) is
49 # GPLv2.
50 license = "ngrep"; # Some custom BSD-style, see LICENSE.txt
51 platforms = with platforms; linux ++ darwin;
52 maintainers = [ maintainers.bjornfor ];
53 };
54}