Re: [PATCH 2/2] gnu: Add nmap.

[taylanbayirli@gmail.com (Taylan Ulrich Bayırlı/Kammer)]

[-- Attachment #1: Type: text/plain, Size: 3761 bytes --]

Leo Famulari <leo@famulari.name> writes:

> * gnu/packages/admin.scm (nmap): New variable.
> ---
>  gnu/packages/admin.scm | 56 +++++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 55 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
> index 69802e9..2415a8d 100644
> --- a/gnu/packages/admin.scm
> +++ b/gnu/packages/admin.scm
> @@ -64,7 +64,9 @@
>    #:use-module (gnu packages xorg)
>    #:use-module (gnu packages python)
>    #:use-module (gnu packages man)
> -  #:use-module (gnu packages autotools))
> +  #:use-module (gnu packages autotools)
> +  #:use-module (gnu packages pcre)
> +  #:use-module (gnu packages lua))
>  
>  (define-public dmd
>    ;; Deprecated.  Kept around "just in case."
> @@ -1497,3 +1499,55 @@ for writing audit records to the disk.  Viewing the logs is done with the
>  @code{ausearch} or @code{aureport} utilities.  Configuring the audit rules is
>  done with the @code{auditctl} utility.")
>      (license license:gpl2+)))
> +
> +(define-public nmap
> +  (package
> +    (name "nmap")
> +    (version "7.01")
> +    (source (origin
> +              (method url-fetch)
> +              (uri (string-append "https://nmap.org/dist/nmap-"
> +                                  version ".tar.bz2"))
> +              (sha256
> +               (base32
> +                "01bpc820fmjl1vd08a3j9fpa84psaa7c3cxc8wpzabms8ckcs7yg"))
> +              (modules '((guix build utils)))
> +              (snippet
> +               '(map delete-file-recursively
> +                 ;; Remove bundled lua, pcap, and pcre libraries.
> +                 ;; FIXME: Removed bundled liblinear once packaged.
> +                 '("liblua"
> +                   "libpcap"
> +                   "libpcre"
> +                   ;; Remove pre-compiled binaries.
> +                   "mswin32")))))
> +    (build-system gnu-build-system)
> +    ;; TODO: Build "zenmap" GUI interface in "gui" output.
> +    (arguments
> +     `(#:configure-flags
> +       (list (string-append "--prefix=" (assoc-ref %outputs "out"))
> +             "--without-ncat"
> +             "--without-nmap-update"
> +             "--without-zenmap")))

I think ncat is useful.  Does it lead to problems to enable it?

My approach was to install nmap, nse, ncat, and nping to the "out"
output, and ndiff and zenmap to their own output.  I attached my
half-working patch below.  (I wish I had contributed this with some
parts commented out; at least the nmap/ncat part works fine I believe.)

> +    (inputs
> +     `(;("liblinear" ,liblinear)
> +       ("libpcap" ,libpcap)
> +       ("lua" ,lua)
> +       ("openssl" ,openssl)
> +       ("pcre" ,pcre)
> +       ;; For 'ndiff'
> +       ("python-2" ,python-2)))
> +    (synopsis "Network discovery and auditing tool")
> +    (description "Nmap is a network discovery and auditing tool.  It provides
> +several features for probing computer networks, including host discovery,
> +service, and operating system detection.  These features are extensible by
> +scripts that provide more advanced service detection, vulnerability detection,
> +and other features.  Nmap is also capable of adapting to network conditions
> +including latency and congestion during a scan.")
> +    (home-page "https://nmap.org")
> +    ;; The nmap license is based on the GPL 2.0, with several exceptions and
> +    ;; modifications.  It is incompatible with the GPL 2.0.
> +    ;; Nmap's source tarball bundles the source code of many of its
> +    ;; dependencies.  This package uses nmap's modified version of libdnet and
> +    ;; liblinear, which both use a 3-clause BSD license.
> +    (license (list license:nmap license:bsd-3))))

Here's my old incomplete patch, maybe it can help:


[-- Attachment #2: 0001-gnu-Add-nmap.patch --]
[-- Type: text/x-diff, Size: 5709 bytes --]

From 4ce38aec270598df86ba0691559659044566a616 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Taylan=20Ulrich=20Bay=C4=B1rl=C4=B1/Kammer?=
 <taylanbayirli@gmail.com>
Date: Thu, 19 Nov 2015 13:52:30 +0100
Subject: [PATCH] gnu: Add nmap.

* gnu/packages/nmap.scm: New file.
* gnu-system.am (GNU_SYSTEM_MODULES): Add it.
---
 gnu-system.am         |   1 +
 gnu/packages/nmap.scm | 103 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 104 insertions(+)
 create mode 100644 gnu/packages/nmap.scm

diff --git a/gnu-system.am b/gnu-system.am
index 634093a..8adbb65 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -239,6 +239,7 @@ GNU_SYSTEM_MODULES =				\
   gnu/packages/nettle.scm			\
   gnu/packages/networking.scm			\
   gnu/packages/ninja.scm			\
+  gnu/packages/nmap.scm				\
   gnu/packages/node.scm				\
   gnu/packages/noweb.scm			\
   gnu/packages/ntp.scm				\
diff --git a/gnu/packages/nmap.scm b/gnu/packages/nmap.scm
new file mode 100644
index 0000000..23cba5b
--- /dev/null
+++ b/gnu/packages/nmap.scm
@@ -0,0 +1,103 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages nmap)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system glib-or-gtk)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module ((gnu packages admin) #:select (libpcap))
+  #:use-module (gnu packages glib)
+  #:use-module (gnu packages gtk)
+  #:use-module (gnu packages lua)
+  #:use-module (gnu packages pcre)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages tls))
+
+(define-public nmap
+  (package
+    (name "nmap")
+    (version "7.01")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://nmap.org/dist/nmap-" version
+                                  ".tar.bz2"))
+              (sha256
+               (base32
+                "01bpc820fmjl1vd08a3j9fpa84psaa7c3cxc8wpzabms8ckcs7yg"))))
+    (build-system glib-or-gtk-build-system)
+    (inputs
+     `(("openssl" ,openssl)
+       ("libpcap" ,libpcap)
+       ("pcre" ,pcre)
+       ("lua" ,lua)
+       ("python" ,python-2)
+       ("pygtk" ,python2-pygtk)
+       ("pygobject" ,python2-pygobject-2)
+       ("pycairo" ,python2-pycairo)
+       ;; XXX Add liblinear here once it's packaged.  (Nmap uses its
+       ;; own version when it can't find it.)
+       ))
+    (outputs '("out" "ndiff" "zenmap"))
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (replace 'install
+           (lambda* (#:key inputs outputs #:allow-other-keys)
+             (define (make out . args)
+               (unless (zero? (apply system* "make"
+                                     (string-append "prefix=" out)
+                                     args))
+                 (error "make failed")))
+             (define (python-path dir)
+               (string-append dir "/lib/python2.7/site-packages"))
+             (let ((out (assoc-ref outputs "out"))
+                   (ndiff (assoc-ref outputs "ndiff"))
+                   (zenmap (assoc-ref outputs "zenmap"))
+                   (pygtk (assoc-ref inputs "pygtk"))
+                   (pygobject (assoc-ref inputs "pygobject"))
+                   (pycairo (assoc-ref inputs "pycairo")))
+               (for-each mkdir-p (list out ndiff zenmap))
+               (make out
+                 "install-nmap" "install-nse" "install-ncat" "install-nping")
+               (make ndiff "install-ndiff")
+               (make zenmap "install-zenmap")
+               (wrap-program (string-append ndiff "/bin/ndiff")
+                 `("PYTHONPATH" prefix
+                   (,(python-path ndiff))))
+               (wrap-program (string-append zenmap "/bin/zenmap")
+                 `("PYTHONPATH" prefix
+                   (,(python-path zenmap)
+                     ,(string-append (python-path pygtk) "/gtk-2.0")
+                     ,(python-path pygobject)
+                     ,(python-path pycairo))))
+               ))))
+       ;; Nmap can't cope with out-of-source building.
+       #:out-of-source? #f
+       ;; Tests require network access, which build processes don't have.
+       #:tests? #f))
+    (home-page "http://nmap.org/")
+    (synopsis "Network discovery and security auditing tool")
+    (description
+     "Nmap (\"Network Mapper\") is a network discovery and security auditing
+tool.  It is also useful for tasks such as network inventory, managing service
+upgrade schedules, and monitoring host or service uptime.  It also provides an
+advanced netcat implementation (ncat), a utility for comparing scan
+results (ndiff), a packet generation and response analysis tool (nping), and
+the Zenmap GUI and results viewer.")
+    (license license:gpl2)))
-- 
2.6.3