1 files changed, 37 insertions, 0 deletions

diff --git a/battering/packages/opensnitch.scm b/battering/packages/opensnitch.scm
index bcad57a..f607d14 100644
--- a/battering/packages/opensnitch.scm
+++ b/battering/packages/opensnitch.scm
@@ -100,3 +100,40 @@
                 (begin
                   (copy-recursively "." #$output))))))
        ((#:allowed-references _) #f)))))
+
+(define-public opensnitch-ebpf-module
+  (package
+    (name "opensnitch-ebpf-module")
+    (version "1.6.7")
+    (source (origin
+              (method git-fetch)
+              (uri (git-reference
+                    (url "https://github.com/evilsocket/opensnitch/")
+                    (commit (string-append "v" version))))
+              (file-name (git-file-name name version))
+              (sha256
+               (base32 "0990hdc3vn50axyz21v11gwkc2svlwf9wlnf03lwxgnm2q4ha76q"))))
+    (build-system gnu-build-system)
+    (inputs (list linux-libre linux-libre-headers))
+    (native-inputs (list clang tar zstd flex bison))
+    (arguments
+     (list
+      ;; TODO: make it buildable against any kernel?
+      #:make-flags #~(list (format #f "KERNEL_DIR=~a" #$linux-libre-headers-opensnitch))
+      #:tests? #f
+      #:phases #~(modify-phases %standard-phases
+                   (add-after 'unpack 'chdir
+                     (lambda _
+                       (chdir "ebpf_prog/")))
+                   (delete 'configure)
+                   (replace 'install
+                     (lambda _
+                       (let ((lib (string-append #$output "/lib")))
+                         (install-file "opensnitch-dns.o" lib)
+                         (install-file "opensnitch-procs.o" lib)
+                         (install-file "opensnitch.o" lib)))))))
+    (home-page "https://github.com/evilsocket/opensnitch/")
+    (synopsis "eBPF module for Opensnitch")
+    (description "This package provides an additional module that allows
+Opensnitch to monitor traffic via eBPF rules.")
+    (license license:gpl3+)))